SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer
Ack Piggybacking
the application layer
The OSI model
Internet
2. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
Program infector
Trojan horse
The conficker worm
Ciphertext
3. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis
Trap door
Browsing attack
IDS not
Types of ATM virtual circuits
4. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest
War Dialing
Anomaly analysis work
HIDS monitor
Checksum in UDP
5. A hash is produced when applied to a monitored file. The hash always generates the same value unless a change was made. HIDS software checks the hashes of monitored files and if a change is found - analyst is notified. - ie: tripwire
Some common TCP ports
ATM work
The threat vector analysis in defense in depth
File Integrity checking work
6. Considered to be a perimeter device
Macro virus
Some Pen Test techniques
Nmap scanning techniques
Router
7. Stateful firewalls maintain state of traffic flows
Nmap
What range is a class C network?
Risk
Stateful firewall
8. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address
Kismet
Address Resolution Protocol (ARP)
Denial of service
Worms
9. Bits of code embedded in programs to quickly gain access at a later time
The four types of events reported by IDS
Race conditions
The TCP/IP model
Trap door
10. destruction of data - leaking confidential information - providing backdoor access
Log monitoring work?
Some malware capabilities
Plaintext
Alteration of code
11. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.
Ack Piggybacking
Buffer overflow
TFTP
The transport layer
12. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored
Program infector
When talking about protocols and referencing layers - what stack is used
Log monitoring work?
Plaintext
13. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks
The Uniform Protection to defense in depth
Datagram length of a UDP packet
NIDS advantages
No State Inspection ACK flag set
14. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet
Integrity of Data
HIDS monitor
When implementing protocols - what stack should be used?
IDS signature analysis work
15. Unified data carrying service - replacing from replay and ATM
Overview of TCP
Multi protocol label switching
The Information Centric defense in depth
Trojan horse
16. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process
File integrity checking work
Denial of service
IDS data normalization
Ciphertext
17. The Practice of sending an ACK inside another packet going to the same destination
Ack Piggybacking
The Uniform Protection to defense in depth
When setting up a virtual circuit
Total cell size for asynchronous transfer mode (ATM)
18. 53 bytes - 48 bytes for data - 5 bytes for the header
Address resolution protocol
Total cell size for asynchronous transfer mode (ATM)
The difference in stacks
What range is a class B network?
19. It makes sure the data sent from one side to the other is in a format useful to the other side
Hubs
Stateful firewall
The three goals of security
The presentation layer
20. Connects the physical part of the network (cables) with the abstract (packets and datastreams)
TFTP
To establish a TCP session
The data link layer
Race conditions
21. Confidentiality - symmetric encryption
Program infector
Overview of TCP
Brute force
The goals of cryptography
22. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.
Some disadvantages of honeypots
What primary threats should be protected against
Some malware capabilities
Group
23. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
Best way to protect wireless networks
The transport layer
Network stumbler
UDP packet headers
24. True positive - false positive - true negative - false negative
Deep packet inspection
What range is a class A network?
IDS not
The four types of events reported by IDS
25. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
Proxy or application gateway
UDP packet headers
To establish a TCP session
Multi protocol label switching
26. It interacts with the application layer to determine which network services will be required
the application layer
Some Pen Test techniques
Snort
The OSI Protocol Stack
27. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0
What range is a class B network?
WAN
Router
Some Pen Test techniques
28. Syn - Syn/Ack - Ack
Some malware capabilities
To establish a TCP session
Nmap scanning techniques
Brute force
29. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
Deep packet inspection
Defense in depth
Firewall
Switches
30. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
Honeypot
Best way to protect wireless networks
NIDS challenges
Stateful firewall
31. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
Brute force
The Uniform Protection to defense in depth
The four types of events reported by IDS
Datagram length of a UDP packet
32. Infects MBR - no network spreading potential
IDS not
Program infector
Boot record infector
Nmap
33. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry
Some malware propagation techniques
Integrity of Data
Hping
What range is a class A network?
34. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system
Honeypot
Some firewall benefits
Overview of TCP
NIDS advantages
35. Simple attack done by simply browsing available information that's allowed on a local network.
To establish a TCP session
Some ways to bypass firewall protections
Best way to protect wireless networks
Browsing attack
36. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con
Some disadvantages of honeypots
A network protocol
ATM work
What range is a class B network?
37. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment
The three goals of security
Best way to protect wireless networks
War Dialing
Remote maintenance
38. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit
When setting up a virtual circuit
The different cable categories
Shallow packet inspection
the application layer
39. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code
3-way handshake
EXE program infector
The threat vector analysis in defense in depth
Some firewall challenges
40. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom
Some external threat concerns
The CIA triad
The three goals of security
LAN
41. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
Smurf attack
Race conditions
Worms
Some FTP dangers
42. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs
LAN
Checksum in UDP
NIDS challenges
Rootkit
43. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters
The Information Centric defense in depth
The OSI Protocol Stack
Bridge
Rotation?
44. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested
Vulnerabilities
What categories do vulnerabilities fall into?
The OSI model
Macro virus
45. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host
Some common UDP ports
The TCP/IP model
CIDR
The threat vector analysis in defense in depth
46. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
Switches
The CIA triad
Stateful firewall
The goals of cryptography
47. fast - with little fidelity - examines header information and limited payload data
Deep packet inspection
Rotation?
Permutation
Shallow packet inspection
48. Personal area network - phone tethering - bluetooth - etc
Honeypot
Social engineering
PAN
Logic bomb
49. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously
Some common TCP ports
Hping
Some malware propagation techniques
What range is a class B network?
50. FIN 130 - ACK 131 - FIN 570 - ACK 571
The Uniform Protection to defense in depth
To close a TCP session
The TCP/IP model
Vulnerabilities