SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit
Switches
The threat vector analysis in defense in depth
The different cable categories
the application layer
2. It makes sure the data sent from one side to the other is in a format useful to the other side
Some types of malicious code
IDS
The transport layer
The presentation layer
3. Trying to ID modems in a telephone exchange that may be susceptible to compromise
Remote maintenance
SQL Slammer Worm
War Dialing
Permutation
4. logic bomb - trojan horse - trap door
Some disadvantages of honeypots
3-way handshake
TFTP
Some types of malicious code
5. Full open - half open (stealth scan) - UDP - Ping
Nmap scanning techniques
LAN
Some reasons to use UDP over TCP
Shallow packet inspection
6. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
Race conditions
Ack Piggybacking
Alteration of code
The network layer
7. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0
Port scan
The different cable categories
What range is a class A network?
Some common TCP ports
8. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside
The Uniform Protection to defense in depth
COM/Script program infector
Social engineering
Port scan
9. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area
WAN
Remote maintenance
Deep packet inspection
Some external threat concerns
10. Handles transmissions across the physical media like wires - fiber - etc
Some common TCP ports
Rotation?
Some malware propagation techniques
The physical layer stack
11. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication
Some reasons to use UDP over TCP
IDS
TFTP
Vulnerabilities
12. 53 bytes - 48 bytes for data - 5 bytes for the header
Total cell size for asynchronous transfer mode (ATM)
Kismet
File integrity checking work
The CIA triad
13. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host
A netmask
The Information Centric defense in depth
A netcat listener
Some Pen Test techniques
14. Intrusion detection system - it reports attacks against monitored systems/networks
Some Pen Test techniques
Hping
IDS
EXE program infector
15. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
16. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis
Types of ATM virtual circuits
What's a VLAN
To establish a TCP session
Overview of TCP
17. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously
Logic bomb
Ack Piggybacking
Hping
Vulnerabilities
18. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed
File integrity checking work
Integrity of Data
What range is a class C network?
COM/Script program infector
19. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS
Some common UDP ports
Nmap scanning techniques
File integrity checking work
Some NIDS topology limitations
20. Confidentiality - symmetric encryption
The goals of cryptography
Ciphertext
ACK piggybacking
Checksum in UDP
21. Simple attack done by simply browsing available information that's allowed on a local network.
Browsing attack
CIDR
The presentation layer
Proxy or application gateway
22. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks
Some NIDS topology limitations
Hubs
Some firewall challenges
SQL Slammer Worm
23. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
Defense in depth
Proxy or application gateway
NIDS challenges
The five threat vectors
24. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit
Checksum in UDP
The three goals of security
the application layer
SQL Slammer Worm
25. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability
When setting up a virtual circuit
Multi protocol label switching
Bus Topology
Macro virus
26. The practice of sending an ACK inside another packet going to the same destination
Overview of TCP
NIDS challenges
The OSI Protocol Stack
ACK piggybacking
27. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
3-way handshake
A network protocol
Defense in depth
File integrity checking work
28. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p
Some malware propagation techniques
Some FTP dangers
Some common TCP ports
A blind FTP
29. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.
DDoS attack
Boot record infector
the application layer
PAN
30. Provides insight into the tactics - motives - and attacker tools
Address resolution protocol
Honeypot
Some honeypot advantages
File integrity checking work
31. destruction of data - leaking confidential information - providing backdoor access
Some malware capabilities
Buffer overflow
Some external threat concerns
The OSI Protocol Stack
32. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall
Some FTP dangers
A network protocol
UDP packet headers
ACK piggybacking
33. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.
Multi protocol label switching
Remote maintenance
Datagram length of a UDP packet
No State Inspection ACK flag set
34. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering
Types of viruses
Macro virus
UDP packet headers
Some Pen Test techniques
35. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters
Parasitic malware
Rotation?
The data link layer
Social engineering
36. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code
The session layer
Denial of service
EXE program infector
When setting up a virtual circuit
37. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has
Shallow packet inspection
Asynchronous Transfer Mode
Switches
The presentation layer
38. The Practice of sending an ACK inside another packet going to the same destination
WAN
UDP packet headers
A blind FTP
Ack Piggybacking
39. fast - with little fidelity - examines header information and limited payload data
Network stumbler
The network layer
Shallow packet inspection
SYN flood
40. Unencrypted message in its original form
IDS
War Dialing
Some Pen Test techniques
Plaintext
41. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment
Plaintext
A netmask
Kismet
Deep packet inspection
42. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom
Some external threat concerns
Overview of TCP
Some reasons to use UDP over TCP
UDP packet headers
43. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
The Uniform Protection to defense in depth
Some ways to bypass firewall protections
Risk
Checksum in UDP
44. Personal area network - phone tethering - bluetooth - etc
Some disadvantages of honeypots
Stateless packet filter
LAN
PAN
45. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0
PAN
What range is a class C network?
DDoS attack
Program infector
46. Considered to be a perimeter device
What's a VLAN
IDS
Brute force
Router
47. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline
Anomaly analysis work
The OSI model
Defense in depth
NIDS advantages
48. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols
IDS data normalization
HIDS monitor
Address resolution protocol
Trojan horse
49. It interacts with the application layer to determine which network services will be required
The four types of events reported by IDS
The transport layer
the application layer
Rootkit
50. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks
Rootkit
The Information Centric defense in depth
Nmap scanning techniques
SYN flood