Test your basic knowledge |

GIAC

Subjects : certifications, giac, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. It makes sure the data sent from one side to the other is in a format useful to the other side
The presentation layer
The five threat vectors
Internet
What range is a class A network?

2. Known - unknown - zero day
NAC
CIDR
What categories do vulnerabilities fall into?
Some Pen Test techniques

3. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested
Vulnerabilities
Browsing attack
SYN flood
Ciphertext

4. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in
SYN flood
Overview of TCP
To establish a TCP session
Some types of malicious code

5. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
Some reasons to use UDP over TCP
Rotation?
Defense in depth
DDoS attack

6. Handles the network address scheme and connectivity of multiple network segments. It handles communication.
Wardriving
The four types of events reported by IDS
The network layer
Total cell size for asynchronous transfer mode (ATM)

7. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored
What range is a class B network?
Bus Topology
Log monitoring work?
Social engineering

8. FIN 130 - ACK 131 - FIN 570 - ACK 571
To close a TCP session
Some external threat concerns
Stateful firewall
The conficker worm

9. Unencrypted message in its original form
Macro virus
Bus Topology
Deep packet inspection
Plaintext

10. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
Risk
CIDR
The OSI Protocol Stack
Proxy or application gateway

11. Relies on executable code insertion and user interaction to spread
Parasitic malware
PAN
Datagram length of a UDP packet
Program infector

12. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
Some common TCP ports
UDP packet headers
Some firewall challenges
Wardriving

13. Going around with equipment to detect wireless networks
Some malware capabilities
Wardriving
Switches
Anomaly analysis work

14. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls
Some firewall challenges
ACK piggybacking
Integrity of Data
Router

15. Personal area network - phone tethering - bluetooth - etc
Kismet
Group
PAN
Types of ATM virtual circuits

16. Confidentiality - integrity - availability
DDoS attack
Ack Piggybacking
Nmap scanning techniques
The CIA triad

17. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS
Honeyd
OS Command Injection defenses
Firewall
The three goals of security

18. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks
Browsing attack
The Uniform Protection to defense in depth
Stateless packet filter
SYN flood

19. Malware - insider threat - natural disaster - terrorism - pandemic
What's a VLAN
What primary threats should be protected against
OS Command Injection defenses
The five threat vectors

20. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

21. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering
DDoS attack
Some Pen Test techniques
The OSI Protocol Stack
Integrity of Data

22. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols
IDS data normalization
The session layer
What's a VLAN
Firewall

23. It interacts with the application layer to determine which network services will be required
The transport layer
the application layer
The five threat vectors
The session layer

24. Attaches itself to existing program files and activated when the exe is launched
Some honeypot advantages
Program infector
What's an easy way to test encryption?
Router

25. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
What range is a class A network?
Total cell size for asynchronous transfer mode (ATM)
Some common TCP ports
Nmap

26. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application
The OSI Protocol Stack
Wardriving
Risk
To establish a TCP session

27. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters
CIDR
Wardriving
Total cell size for asynchronous transfer mode (ATM)
Rotation?

28. Confidentiality - integrity - availability
Hubs
Bridge
The different cable categories
The three goals of security

29. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.
What's an easy way to test encryption?
What threats should be protected against - based on threat levels
Some other UDP based protocols
Hubs

30. Intrusion detection system - it reports attacks against monitored systems/networks
IDS
Logic bomb
Rotation?
Some types of malicious code

31. Simple attack done by simply browsing available information that's allowed on a local network.
Nmap
Anomaly analysis work
Some reasons to use UDP over TCP
Browsing attack

32. Considered to be a perimeter device
Vulnerabilities
ACK piggybacking
Router
What ways should the crypto key be protected?

33. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself
Switches
Worms
What threats should be protected against - based on threat levels
Some FTP dangers

34. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0
Remote maintenance
The network layer
The CIA triad
What range is a class B network?

35. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit
Some disadvantages of honeypots
DDoS attack
The different cable categories
IDS data normalization

36. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
Snort
Vulnerabilities
The four types of events reported by IDS
Trojan horse

37. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
Vulnerabilities
The session layer
Shallow packet inspection
Switches

38. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.
Smurf attack
Some honeypot advantages
Logic bomb
A network protocol

39. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit
Group
Rotation?
Checksum in UDP
To close a TCP session

40. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0
IDS not
Bridge
What range is a class A network?
Buffer overflow

41. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area
What's a VLAN
Kismet
WAN
Remote maintenance

42. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.
Some Pen Test techniques
What threats should be protected against - based on threat levels
File Integrity checking work
Stateless packet filter

43. Connects the physical part of the network (cables) with the abstract (packets and datastreams)
Some disadvantages of honeypots
The data link layer
File integrity checking work
Overview of TCP

44. Confidentiality - symmetric encryption
Nmap scanning techniques
The goals of cryptography
Smurf attack
Bus Topology

45. True positive - false positive - true negative - false negative
The four types of events reported by IDS
Some network design objectives
Some honeypot advantages
The four basic approaches to defense in depth

46. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code
Log monitoring work?
Some NIDS topology limitations
A network protocol
The five threat vectors

47. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs
Rootkit
The protected enclave to defense in depth
Ciphertext
What threats should be protected against - based on threat levels

48. It handles the establishment and maintenance of connections between systems
The CIA triad
Snort
The session layer
When talking about protocols and referencing layers - what stack is used

49. Syn - Syn/Ack - Ack
To establish a TCP session
LAN
Some network design objectives
When talking about protocols and referencing layers - what stack is used

50. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector
Some firewall benefits
The three goals of security
The threat vector analysis in defense in depth
WAN

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Major Subjects
Tests & Exams AP CLEP DSST GRE SAT GMAT	Certifications CISSP go to https://www.isc2.org/ PMP ITIL RHCE MCTS More...	IT Skills Android Programming Data Modeling Objective C Programming Basic Python Programming Adobe Illustrator More...	Business Skills Advertising Techniques Business Accounting Basics Business Strategy Human Resource Management Marketing Basics More...
Soft Skills Body Language People Skills Public Speaking Persuasion Job Hunting And Resumes More...	Vocabulary GRE Vocab SAT Vocab TOEFL Essential Vocab Basic English Words For All Global Words You Should Know Business English More...	Languages AP German Vocab AP Latin Vocab SAT Subject Test: French Italian Survival Norwegian Survival More...	Engineering Audio Engineering Computer Science Engineering Aerospace Engineering Chemical Engineering Structural Engineering More...
Health Sciences Basic Nursing Skills Health Science Language Fundamentals Veterinary Technology Medical Language Cardiology Clinical Surgery More...	English Grammar Fundamentals Literary And Rhetorical Vocab Elements Of Style Vocab Introduction To English Major Complete Advanced Sentences Literature Homonyms More...	Math Algebra Formulas Basic Arithmetic: Measurements Metric Conversions Geometric Properties Important Math Facts Number Sense Vocab Business Math More...	Other Major Subjects Science Economics History Law Performing-arts Cooking Logic & Reasoning Trivia

Test your basic knowledge |

GIAC

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests

Major Subjects

Tests & Exams

Certifications

IT Skills

Business Skills

Soft Skills

Vocabulary

Languages

Engineering

Health Sciences

English

Math

Other Major Subjects

Browse all subjects

Browse all tests

Most popular tests