Test your basic knowledge |

GIAC

Subjects : certifications, giac, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
UDP packet headers
Deep packet inspection
The Information Centric defense in depth
SYN flood

2. Intellectual property - business goals - validated data - historical
Multi protocol label switching
DDoS attack
Snort
What threats should be protected against - based on threat levels

3. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.
Some NIDS topology limitations
Multi protocol label switching
Some firewall benefits
Group

4. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con
Trap door
ATM work
Arbitrary substitution
Hping

5. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches
Bridge
Internet
Proxy or application gateway
Some external threat concerns

6. Attaches itself to existing program files and activated when the exe is launched
A netmask
Address resolution protocol
Program infector
Some firewall benefits

7. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP
NAC
Some other UDP based protocols
Some external threat concerns
The transport layer

8. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute
Multi protocol label switching
COM/Script program infector
What range is a class B network?
MAN

9. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched
Honeypot
A netmask
Macro virus
Anomaly analysis work

10. Confidentiality - integrity - availability
WAN
The three goals of security
The OSI Protocol Stack
MAN

11. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.
Parasitic malware
NIDS challenges
Stateless packet filter
The four basic approaches to defense in depth

12. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
Honeyd
What's an easy way to test encryption?
Datagram length of a UDP packet
What range is a class C network?

13. Going around with equipment to detect wireless networks
No State Inspection ACK flag set
Trap door
Datagram length of a UDP packet
Wardriving

14. Handles transmissions across the physical media like wires - fiber - etc
Checksum in UDP
Stateless packet filter
Parasitic malware
The physical layer stack

15. Network scanner.
Nmap
What range is a class C network?
Alteration of code
Proxy or application gateway

16. Infects MBR - no network spreading potential
Total cell size for asynchronous transfer mode (ATM)
Wardriving
Boot record infector
Arbitrary substitution

17. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p
The session layer
Network stumbler
The presentation layer
Some malware propagation techniques

18. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system
Overview of TCP
Honeypot
The presentation layer
ACK piggybacking

19. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures
What categories do vulnerabilities fall into?
Network stumbler
The five threat vectors
NIDS advantages

20. destruction of data - leaking confidential information - providing backdoor access
Parasitic malware
Some disadvantages of honeypots
Some malware capabilities
When implementing protocols - what stack should be used?

21. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring
When talking about protocols and referencing layers - what stack is used
Some NIDS topology limitations
Macro virus
Some external threat concerns

22. The practice of sending an ACK inside another packet going to the same destination
Trojan horse
ACK piggybacking
The five threat vectors
What's an easy way to test encryption?

23. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address
Total cell size for asynchronous transfer mode (ATM)
Rootkit
Address Resolution Protocol (ARP)
Honeyd

24. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.
Datagram length of a UDP packet
Trap door
Shallow packet inspection
Hubs

25. Confidentiality - integrity - availability
To establish a TCP session
The CIA triad
DDoS attack
HIDS monitor

26. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
File Integrity checking work
Some common TCP ports
Some ways to bypass firewall protections
Smurf attack

27. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall
Trap door
Integrity of Data
SQL Slammer Worm
Some FTP dangers

28. Simple attack done by simply browsing available information that's allowed on a local network.
Rotation?
Total cell size for asynchronous transfer mode (ATM)
Browsing attack
The protected enclave to defense in depth

29. Protected at rest - protected in transit - secure the key
What ways should the crypto key be protected?
Vulnerabilities
What range is a class C network?
Address resolution protocol

30. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process
Snort
The different cable categories
Denial of service
Vulnerabilities

31. Trying to ID modems in a telephone exchange that may be susceptible to compromise
Anomaly analysis work
Some reasons to use UDP over TCP
War Dialing
Ack Piggybacking

32. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
When talking about protocols and referencing layers - what stack is used
When setting up a virtual circuit
Kismet
The network layer

33. Unified data carrying service - replacing from replay and ATM
The session layer
The transport layer
The network layer
Multi protocol label switching

34. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network
A network protocol
A netcat listener
Switches
HIDS monitor

35. logic bomb - trojan horse - trap door
The OSI Protocol Stack
EXE program infector
Some types of malicious code
Proxy or application gateway

36. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK
What categories do vulnerabilities fall into?
NIDS challenges
3-way handshake
Permutation

37. Intrusion detection system - it reports attacks against monitored systems/networks
IDS
OS Command Injection defenses
Types of viruses
Some malware propagation techniques

38. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP
TFTP
Address Resolution Protocol (ARP)
Port scan
Rootkit

39. Bits of code embedded in programs to quickly gain access at a later time
Some disadvantages of honeypots
Trap door
OS Command Injection defenses
Bridge

40. A cracking tool inserted into the OS that allows the attacker to do as they please.
The threat vector analysis in defense in depth
Some malware capabilities
Rootkit
What range is a class B network?

41. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication
TFTP
The data link layer
The CIA triad
Some disadvantages of honeypots

42. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself
What's a VLAN
The difference in stacks
Hping
Worms

43. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment
Types of ATM virtual circuits
OS Command Injection defenses
NAC
Arbitrary substitution

44. OSI
The threat vector analysis in defense in depth
ATM work
Honeyd
When talking about protocols and referencing layers - what stack is used

45. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis
The five threat vectors
Boot record infector
Remote maintenance
Types of ATM virtual circuits

46. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector
Some firewall benefits
Ack Piggybacking
The five threat vectors
Types of viruses

47. Connects many WANs - MANs - and LANs - provided via ISP
Internet
What range is a class C network?
Port scan
LAN

48. The Practice of sending an ACK inside another packet going to the same destination
Some firewall challenges
What range is a class A network?
The Uniform Protection to defense in depth
Ack Piggybacking

49. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks
Stateless packet filter
SQL Slammer Worm
IDS signature analysis work
MAN

50. Message in its encrypted form
Browsing attack
The Information Centric defense in depth
Ciphertext
Some reasons to use TCP over UDP