SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
Address Resolution Protocol (ARP)
The different cable categories
Risk
Honeyd
2. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address
What categories do vulnerabilities fall into?
The threat vector analysis in defense in depth
Address Resolution Protocol (ARP)
IDS
3. Message in its encrypted form
Ciphertext
Hubs
The CIA triad
CIDR
4. 53 bytes - 48 bytes for data - 5 bytes for the header
Types of ATM virtual circuits
IDS not
Total cell size for asynchronous transfer mode (ATM)
What range is a class C network?
5. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.
Deep packet inspection
DDoS attack
Kismet
Some disadvantages of honeypots
6. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.
Deep packet inspection
Bridge
Stateless packet filter
Smurf attack
7. Protected at rest - protected in transit - secure the key
No State Inspection ACK flag set
What ways should the crypto key be protected?
Network stumbler
Integrity of Data
8. Going around with equipment to detect wireless networks
Best way to protect wireless networks
Program infector
What range is a class B network?
Wardriving
9. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
Race conditions
The conficker worm
Logic bomb
Firewall
10. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce
IDS not
SYN flood
Honeypot
Arbitrary substitution
11. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks
A netmask
The Information Centric defense in depth
Ack Piggybacking
the application layer
12. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
SYN flood
IDS signature analysis work
Social engineering
NIDS challenges
13. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0
Some reasons to use UDP over TCP
Some NIDS topology limitations
What range is a class A network?
3-way handshake
14. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself
the application layer
Defense in depth
Worms
Trojan horse
15. The practice of sending an ACK inside another packet going to the same destination
Program infector
The difference in stacks
ACK piggybacking
Some malware propagation techniques
16. Stateful firewalls maintain state of traffic flows
Hping
CIDR
Stateful firewall
Stateless packet filter
17. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters
Rotation?
Some disadvantages of honeypots
Types of viruses
The threat vector analysis in defense in depth
18. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
19. Malware - insider threat - natural disaster - terrorism - pandemic
Types of viruses
The TCP/IP model
Some external threat concerns
What primary threats should be protected against
20. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs
Honeyd
The protected enclave to defense in depth
Hping
The OSI Protocol Stack
21. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP
Group
Some other UDP based protocols
Some firewall benefits
NIDS challenges
22. Relies on executable code insertion and user interaction to spread
Parasitic malware
Kismet
Boot record infector
Hubs
23. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering
Defense in depth
Some Pen Test techniques
Some firewall challenges
What ways should the crypto key be protected?
24. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone
MAN
The goals of cryptography
Some common UDP ports
The data link layer
25. Handles transmissions across the physical media like wires - fiber - etc
What range is a class B network?
The physical layer stack
Some disadvantages of honeypots
The network layer
26. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.
A netmask
File Integrity checking work
Hubs
The protected enclave to defense in depth
27. Syn - Syn/Ack - Ack
ATM work
Some common UDP ports
EXE program infector
To establish a TCP session
28. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
IDS
Anomaly analysis work
Some firewall challenges
UDP packet headers
29. An attempt to gain access by bombarding it with guesses until the password is found.
Brute force
Kismet
Some reasons to use TCP over UDP
Some malware capabilities
30. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network
File integrity checking work
Switches
Browsing attack
A network protocol
31. Handles the network address scheme and connectivity of multiple network segments. It handles communication.
Some malware propagation techniques
The network layer
To establish a TCP session
Hping
32. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.
The network layer
Macro virus
Hping
Smurf attack
33. It interacts with the application layer to determine which network services will be required
the application layer
Some malware propagation techniques
Port scan
Bridge
34. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key
Parasitic malware
IDS signature analysis work
Arbitrary substitution
Checksum in UDP
35. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p
Honeyd
Some honeypot advantages
Some malware propagation techniques
The four basic approaches to defense in depth
36. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols
What range is a class A network?
IDS data normalization
ATM work
The four basic approaches to defense in depth
37. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive
IDS not
Permutation
IDS signature analysis work
What primary threats should be protected against
38. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
Shallow packet inspection
Router
LAN
Datagram length of a UDP packet
39. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS
To close a TCP session
Honeyd
Some honeypot advantages
Some malware propagation techniques
40. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously
Hping
Buffer overflow
Deep packet inspection
Some malware propagation techniques
41. Confidentiality - integrity - availability
What range is a class A network?
File integrity checking work
The three goals of security
Multi protocol label switching
42. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers
Nmap
Some network design objectives
Social engineering
Some reasons to use TCP over UDP
43. Provides insight into the tactics - motives - and attacker tools
Ciphertext
Rotation?
Some honeypot advantages
Hubs
44. FIN 130 - ACK 131 - FIN 570 - ACK 571
Plaintext
To close a TCP session
Total cell size for asynchronous transfer mode (ATM)
Shallow packet inspection
45. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute
Checksum in UDP
Nmap
COM/Script program infector
Hubs
46. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0
HIDS monitor
What range is a class C network?
Plaintext
Best way to protect wireless networks
47. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has
No State Inspection ACK flag set
Some types of malicious code
Asynchronous Transfer Mode
Some malware propagation techniques
48. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring
The four basic approaches to defense in depth
Some types of malicious code
Types of viruses
Some NIDS topology limitations
49. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application
Network stumbler
The OSI Protocol Stack
Ack Piggybacking
To close a TCP session
50. destruction of data - leaking confidential information - providing backdoor access
IDS
Permutation
Address Resolution Protocol (ARP)
Some malware capabilities