Test your basic knowledge |

GIAC

Subjects : certifications, giac, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Handles transmissions across the physical media like wires - fiber - etc
The Uniform Protection to defense in depth
IDS data normalization
The physical layer stack
Honeyd

2. Syn - Syn/Ack - Ack
Some external threat concerns
Some malware propagation techniques
TFTP
To establish a TCP session

3. Confidentiality - integrity - availability
Switches
The CIA triad
MAN
Brute force

4. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address
Arbitrary substitution
Some firewall challenges
Address resolution protocol
When talking about protocols and referencing layers - what stack is used

5. The practice of sending an ACK inside another packet going to the same destination
ACK piggybacking
Some other UDP based protocols
Race conditions
Snort

6. Known - unknown - zero day
WAN
A netcat listener
What range is a class C network?
What categories do vulnerabilities fall into?

7. Simple attack done by simply browsing available information that's allowed on a local network.
The data link layer
Some ways to bypass firewall protections
The three goals of security
Browsing attack

8. Network scanner.
Anomaly analysis work
The Uniform Protection to defense in depth
IDS not
Nmap

9. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive
Some common TCP ports
IDS not
Types of ATM virtual circuits
Group

10. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key
Network stumbler
Arbitrary substitution
Some network design objectives
What ways should the crypto key be protected?

11. OSI
Some reasons to use UDP over TCP
A blind FTP
When talking about protocols and referencing layers - what stack is used
The OSI model

12. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls
Honeypot
Alteration of code
Some firewall challenges
IDS data normalization

13. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
What's an easy way to test encryption?
Datagram length of a UDP packet
Some common TCP ports
Bridge

14. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host
Boot record infector
Ack Piggybacking
A netmask
What's a VLAN

15. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.
What threats should be protected against - based on threat levels
Smurf attack
A blind FTP
Plaintext

16. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks
The CIA triad
Race conditions
SQL Slammer Worm
Types of viruses

17. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.
TFTP
3-way handshake
The protected enclave to defense in depth
Group

18. A hash is produced when applied to a monitored file. The hash always generates the same value unless a change was made. HIDS software checks the hashes of monitored files and if a change is found - analyst is notified. - ie: tripwire
What ways should the crypto key be protected?
Ciphertext
EXE program infector
File Integrity checking work

19. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest
HIDS monitor
Bridge
Arbitrary substitution
Types of ATM virtual circuits

20. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry
IDS
MAN
Integrity of Data
When talking about protocols and referencing layers - what stack is used

21. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector
The session layer
Overview of TCP
When setting up a virtual circuit
Types of viruses

22. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.
No State Inspection ACK flag set
The session layer
WAN
Some honeypot advantages

23. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.
CIDR
DDoS attack
IDS signature analysis work
A netmask

24. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address
Datagram length of a UDP packet
Some reasons to use TCP over UDP
Address Resolution Protocol (ARP)
HIDS monitor

25. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
What's a VLAN
Some ways to bypass firewall protections
Some network design objectives
Proxy or application gateway

26. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
Some reasons to use UDP over TCP
Risk
Stateless packet filter
Shallow packet inspection

27. destruction of data - leaking confidential information - providing backdoor access
The OSI Protocol Stack
Some malware capabilities
Types of ATM virtual circuits
IDS not

28. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
When setting up a virtual circuit
Some external threat concerns
Some malware propagation techniques
What primary threats should be protected against

29. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
ACK piggybacking
Firewall
The TCP/IP model
Some malware capabilities

30. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script
The conficker worm
The physical layer stack
Vulnerabilities
IDS data normalization

31. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute
IDS signature analysis work
Some FTP dangers
COM/Script program infector
DDoS attack

32. An FTP that allows downloads only if the user knows the exact name of the file they're looking for
Some Pen Test techniques
Trojan horse
What ways should the crypto key be protected?
A blind FTP

33. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed
LAN
Some malware capabilities
File integrity checking work
Race conditions

34. Unencrypted message in its original form
A blind FTP
Plaintext
No State Inspection ACK flag set
Checksum in UDP

35. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP
Port scan
Alteration of code
Some ways to bypass firewall protections
Rotation?

36. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system
Permutation
Alteration of code
Some reasons to use TCP over UDP
Some network design objectives

37. Worms and Wireless - modems - tunnel anything through HTTP - social engineering
IDS data normalization
PAN
Some ways to bypass firewall protections
The physical layer stack

38. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP
Address Resolution Protocol (ARP)
Permutation
Some other UDP based protocols
The difference in stacks

39. Trying to ID modems in a telephone exchange that may be susceptible to compromise
IDS signature analysis work
War Dialing
IDS data normalization
NIDS challenges

40. Connects the physical part of the network (cables) with the abstract (packets and datastreams)
EXE program infector
The data link layer
Nmap scanning techniques
Honeypot

41. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks
Buffer overflow
Address resolution protocol
The Uniform Protection to defense in depth
The OSI model

42. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
The protected enclave to defense in depth
ATM work
NIDS challenges
Worms

43. Intellectual property - business goals - validated data - historical
Address Resolution Protocol (ARP)
Remote maintenance
What threats should be protected against - based on threat levels
the application layer

44. Relies on executable code insertion and user interaction to spread
Parasitic malware
Total cell size for asynchronous transfer mode (ATM)
The different cable categories
The data link layer

45. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution
Permutation
Some firewall challenges
PAN
Boot record infector

46. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment
Social engineering
Datagram length of a UDP packet
Kismet
The four types of events reported by IDS

47. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

48. logic bomb - trojan horse - trap door
Best way to protect wireless networks
The physical layer stack
Some types of malicious code
SQL Slammer Worm

49. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.
OS Command Injection defenses
Log monitoring work?
Alteration of code
Overview of TCP

50. Protected at rest - protected in transit - secure the key
UDP packet headers
HIDS monitor
NIDS challenges
What ways should the crypto key be protected?