SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in
What's an easy way to test encryption?
Overview of TCP
The Uniform Protection to defense in depth
Nmap scanning techniques
2. destruction of data - leaking confidential information - providing backdoor access
Datagram length of a UDP packet
Trojan horse
OS Command Injection defenses
Some malware capabilities
3. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment
Firewall
Kismet
What primary threats should be protected against
WAN
4. Unified data carrying service - replacing from replay and ATM
Multi protocol label switching
IDS not
The threat vector analysis in defense in depth
The TCP/IP model
5. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer
The OSI model
Internet
What threats should be protected against - based on threat levels
Some common TCP ports
6. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit
ATM work
Checksum in UDP
Nmap scanning techniques
ACK piggybacking
7. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested
HIDS monitor
Buffer overflow
Internet
Vulnerabilities
8. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring
File integrity checking work
The data link layer
Total cell size for asynchronous transfer mode (ATM)
Some NIDS topology limitations
9. Personal area network - phone tethering - bluetooth - etc
Some malware capabilities
IDS signature analysis work
Some common TCP ports
PAN
10. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has
Asynchronous Transfer Mode
The three goals of security
Some external threat concerns
Some NIDS topology limitations
11. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability
ACK piggybacking
A network protocol
What range is a class B network?
Some disadvantages of honeypots
12. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis
The data link layer
Types of ATM virtual circuits
The CIA triad
MAN
13. Connects many WANs - MANs - and LANs - provided via ISP
Internet
The four basic approaches to defense in depth
The OSI Protocol Stack
Remote maintenance
14. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive
Internet
Switches
IDS not
Hping
15. A cracking tool inserted into the OS that allows the attacker to do as they please.
Some other UDP based protocols
Rootkit
Types of ATM virtual circuits
Network stumbler
16. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
Types of viruses
Race conditions
The goals of cryptography
Some common UDP ports
17. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP
COM/Script program infector
Checksum in UDP
Port scan
The conficker worm
18. Intellectual property - business goals - validated data - historical
What threats should be protected against - based on threat levels
Network stumbler
EXE program infector
Ciphertext
19. Syn - Syn/Ack - Ack
DDoS attack
To establish a TCP session
The network layer
CIDR
20. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
UDP packet headers
Stateless packet filter
What categories do vulnerabilities fall into?
A netmask
21. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks
Rotation?
The Uniform Protection to defense in depth
Some types of malicious code
The four basic approaches to defense in depth
22. Trying to ID modems in a telephone exchange that may be susceptible to compromise
Worms
Rootkit
War Dialing
Rotation?
23. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP
Ciphertext
Permutation
PAN
Some other UDP based protocols
24. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application
The four types of events reported by IDS
The OSI Protocol Stack
Nmap scanning techniques
Browsing attack
25. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system
Worms
Some external threat concerns
Rotation?
Some network design objectives
26. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches
Types of ATM virtual circuits
The five threat vectors
Bridge
To establish a TCP session
27. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis
What range is a class A network?
Buffer overflow
A network protocol
A netcat listener
28. 53 bytes - 48 bytes for data - 5 bytes for the header
Defense in depth
MAN
Total cell size for asynchronous transfer mode (ATM)
The CIA triad
29. Connects the physical part of the network (cables) with the abstract (packets and datastreams)
Ciphertext
The data link layer
Types of ATM virtual circuits
DDoS attack
30. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
Switches
Trap door
UDP packet headers
CIDR
31. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules
Bridge
The data link layer
Snort
Bus Topology
32. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks
A netcat listener
SQL Slammer Worm
The difference in stacks
Some firewall benefits
33. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.
Group
Bridge
Denial of service
COM/Script program infector
34. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer
NIDS challenges
The threat vector analysis in defense in depth
The four basic approaches to defense in depth
The TCP/IP model
35. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.
Rootkit
UDP packet headers
DDoS attack
Smurf attack
36. fast - with little fidelity - examines header information and limited payload data
IDS not
UDP packet headers
Shallow packet inspection
CIDR
37. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.
War Dialing
Hubs
Total cell size for asynchronous transfer mode (ATM)
OS Command Injection defenses
38. Confidentiality - integrity - availability
Some common TCP ports
Risk
War Dialing
The CIA triad
39. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks
The goals of cryptography
Social engineering
Port scan
The Information Centric defense in depth
40. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability
The CIA triad
NIDS advantages
Bus Topology
Some honeypot advantages
41. Infects MBR - no network spreading potential
DDoS attack
Switches
Vulnerabilities
Boot record infector
42. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom
The CIA triad
Bridge
Some network design objectives
Some external threat concerns
43. Going around with equipment to detect wireless networks
What's a VLAN
Honeyd
Wardriving
OS Command Injection defenses
44. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system
The conficker worm
Honeypot
Some network design objectives
The presentation layer
45. Known - unknown - zero day
The three goals of security
Denial of service
Race conditions
What categories do vulnerabilities fall into?
46. Handles the network address scheme and connectivity of multiple network segments. It handles communication.
Router
The network layer
Macro virus
When talking about protocols and referencing layers - what stack is used
47. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
48. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs
LAN
Trap door
Port scan
Nmap scanning techniques
49. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline
Some types of malicious code
Race conditions
Some common TCP ports
Anomaly analysis work
50. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key
EXE program infector
War Dialing
The CIA triad
Arbitrary substitution