SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An attempt to gain access by bombarding it with guesses until the password is found.
What range is a class B network?
Brute force
Some malware capabilities
The goals of cryptography
2. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
Group
MAN
A netmask
Some common TCP ports
3. 53 bytes - 48 bytes for data - 5 bytes for the header
Total cell size for asynchronous transfer mode (ATM)
COM/Script program infector
the application layer
Rootkit
4. It handles the establishment and maintenance of connections between systems
LAN
TFTP
The session layer
Macro virus
5. Confidentiality - integrity - availability
Some firewall benefits
Some common TCP ports
The three goals of security
SQL Slammer Worm
6. Handles transmissions across the physical media like wires - fiber - etc
Stateless packet filter
SYN flood
Honeyd
The physical layer stack
7. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has
Asynchronous Transfer Mode
The difference in stacks
The OSI model
No State Inspection ACK flag set
8. Malware - insider threat - natural disaster - terrorism - pandemic
File integrity checking work
What primary threats should be protected against
Overview of TCP
LAN
9. Connects many WANs - MANs - and LANs - provided via ISP
Some malware propagation techniques
Asynchronous Transfer Mode
Internet
The OSI Protocol Stack
10. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures
What's an easy way to test encryption?
What range is a class C network?
NIDS advantages
SYN flood
11. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit
The Information Centric defense in depth
Alteration of code
Hping
The different cable categories
12. The Practice of sending an ACK inside another packet going to the same destination
The Information Centric defense in depth
Checksum in UDP
The four basic approaches to defense in depth
Ack Piggybacking
13. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.
Remote maintenance
Some common UDP ports
Nmap
Smurf attack
14. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside
Anomaly analysis work
SQL Slammer Worm
The goals of cryptography
Social engineering
15. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found
A network protocol
Shallow packet inspection
IDS signature analysis work
Router
16. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
Asynchronous Transfer Mode
When setting up a virtual circuit
Nmap scanning techniques
What primary threats should be protected against
17. Provides insight into the tactics - motives - and attacker tools
Some honeypot advantages
CIDR
Wardriving
MAN
18. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
Firewall
The three goals of security
Macro virus
Asynchronous Transfer Mode
19. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment
Some honeypot advantages
Port scan
Router
NAC
20. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability
Smurf attack
Some disadvantages of honeypots
Trojan horse
Some common TCP ports
21. True positive - false positive - true negative - false negative
What range is a class B network?
Nmap
When setting up a virtual circuit
The four types of events reported by IDS
22. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
WAN
The Information Centric defense in depth
Risk
Some malware propagation techniques
23. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
Overview of TCP
When setting up a virtual circuit
Defense in depth
The threat vector analysis in defense in depth
24. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute
COM/Script program infector
What categories do vulnerabilities fall into?
The protected enclave to defense in depth
The physical layer stack
25. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.
Types of viruses
Ciphertext
Some common UDP ports
No State Inspection ACK flag set
26. Message in its encrypted form
The conficker worm
The four types of events reported by IDS
Ciphertext
Wardriving
27. Trying to ID modems in a telephone exchange that may be susceptible to compromise
Some disadvantages of honeypots
War Dialing
The CIA triad
Vulnerabilities
28. destruction of data - leaking confidential information - providing backdoor access
The protected enclave to defense in depth
Some malware capabilities
NIDS challenges
Rootkit
29. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis
ACK piggybacking
Anomaly analysis work
A netcat listener
Rootkit
30. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0
MAN
The three goals of security
Some other UDP based protocols
What range is a class C network?
31. FIN 130 - ACK 131 - FIN 570 - ACK 571
Shallow packet inspection
File Integrity checking work
To close a TCP session
Some NIDS topology limitations
32. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline
What primary threats should be protected against
Anomaly analysis work
Firewall
Nmap
33. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0
What range is a class A network?
Some Pen Test techniques
IDS
Some types of malicious code
34. Confidentiality - integrity - availability
To close a TCP session
Some firewall benefits
The four types of events reported by IDS
The CIA triad
35. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive
Some reasons to use UDP over TCP
IDS not
Router
Deep packet inspection
36. The practice of sending an ACK inside another packet going to the same destination
Types of ATM virtual circuits
ACK piggybacking
The transport layer
Datagram length of a UDP packet
37. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address
Nmap scanning techniques
War Dialing
Some network design objectives
Address resolution protocol
38. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched
Macro virus
EXE program infector
IDS
Honeypot
39. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in
The TCP/IP model
Some disadvantages of honeypots
Overview of TCP
SYN flood
40. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored
Port scan
Honeyd
Log monitoring work?
The different cable categories
41. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication
What range is a class C network?
Bridge
TFTP
COM/Script program infector
42. Network scanner.
Remote maintenance
IDS not
Nmap
COM/Script program infector
43. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system
Permutation
Ciphertext
Honeypot
To close a TCP session
44. Personal area network - phone tethering - bluetooth - etc
Internet
The protected enclave to defense in depth
Browsing attack
PAN
45. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system
Deep packet inspection
Some network design objectives
Plaintext
Some malware capabilities
46. fast - with little fidelity - examines header information and limited payload data
What range is a class C network?
Some malware propagation techniques
Shallow packet inspection
Nmap
47. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry
Denial of service
Group
Honeypot
Integrity of Data
48. It interacts with the application layer to determine which network services will be required
To establish a TCP session
The OSI model
WAN
the application layer
49. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom
Smurf attack
What range is a class B network?
Logic bomb
Some external threat concerns
50. It makes sure the data sent from one side to the other is in a format useful to the other side
Denial of service
Logic bomb
The presentation layer
ACK piggybacking