Test your basic knowledge |

GIAC

Subjects : certifications, giac, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.
Address Resolution Protocol (ARP)
Shallow packet inspection
Stateless packet filter
Overview of TCP

2. Bits of code embedded in programs to quickly gain access at a later time
Denial of service
What's an easy way to test encryption?
Trap door
The goals of cryptography

3. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
Defense in depth
LAN
Some types of malicious code
UDP packet headers

4. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment
Best way to protect wireless networks
EXE program infector
Some types of malicious code
COM/Script program infector

5. Simple attack done by simply browsing available information that's allowed on a local network.
PAN
Buffer overflow
Browsing attack
IDS not

6. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures
The five threat vectors
Some network design objectives
EXE program infector
NIDS advantages

7. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously
Hping
The transport layer
The protected enclave to defense in depth
Macro virus

8. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers
Some ways to bypass firewall protections
A blind FTP
Some reasons to use TCP over UDP
Ciphertext

9. It makes sure the data sent from one side to the other is in a format useful to the other side
WAN
The five threat vectors
The presentation layer
A netmask

10. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis
Ciphertext
Anomaly analysis work
Ack Piggybacking
A netcat listener

11. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.
Internet
What range is a class C network?
Brute force
Buffer overflow

12. OSI
Macro virus
When talking about protocols and referencing layers - what stack is used
Ciphertext
Network stumbler

13. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks
OS Command Injection defenses
Some common TCP ports
ACK piggybacking
The Information Centric defense in depth

14. FIN 130 - ACK 131 - FIN 570 - ACK 571
Trojan horse
A blind FTP
To close a TCP session
Rotation?

15. Relies on executable code insertion and user interaction to spread
Parasitic malware
The network layer
Some common TCP ports
The protected enclave to defense in depth

16. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP
Some other UDP based protocols
Logic bomb
Some FTP dangers
Bridge

17. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector
IDS signature analysis work
Checksum in UDP
Types of viruses
The session layer

18. Infects MBR - no network spreading potential
Boot record infector
COM/Script program infector
The CIA triad
Some FTP dangers

19. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer
Boot record infector
Types of ATM virtual circuits
The TCP/IP model
What range is a class B network?

20. A cracking tool inserted into the OS that allows the attacker to do as they please.
Rootkit
File Integrity checking work
Some reasons to use TCP over UDP
The OSI model

21. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS
WAN
Honeyd
Smurf attack
Firewall

22. A hash is produced when applied to a monitored file. The hash always generates the same value unless a change was made. HIDS software checks the hashes of monitored files and if a change is found - analyst is notified. - ie: tripwire
What categories do vulnerabilities fall into?
Overview of TCP
Logic bomb
File Integrity checking work

23. Intellectual property - business goals - validated data - historical
Hubs
The TCP/IP model
Some reasons to use UDP over TCP
What threats should be protected against - based on threat levels

24. Considered to be a perimeter device
Router
Network stumbler
MAN
ATM work

25. Syn - Syn/Ack - Ack
Log monitoring work?
A network protocol
Multi protocol label switching
To establish a TCP session

26. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched
UDP packet headers
The protected enclave to defense in depth
Total cell size for asynchronous transfer mode (ATM)
Macro virus

27. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0
What range is a class A network?
A network protocol
CIDR
What ways should the crypto key be protected?

28. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive
IDS not
Rootkit
Network stumbler
UDP packet headers

29. Connects many WANs - MANs - and LANs - provided via ISP
A network protocol
What ways should the crypto key be protected?
Internet
Some network design objectives

30. Good for multimedia - can use small single packets - multicasting is required - speed is the highest priority
Some reasons to use UDP over TCP
MAN
The network layer
Boot record infector

31. Slow - requires stateful data tracking - inspects all fields - including variable-length fields
Some firewall benefits
A netmask
Deep packet inspection
The session layer

32. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has
Asynchronous Transfer Mode
Checksum in UDP
Switches
Ciphertext

33. The Practice of sending an ACK inside another packet going to the same destination
A network protocol
When setting up a virtual circuit
Ack Piggybacking
UDP packet headers

34. Worms and Wireless - modems - tunnel anything through HTTP - social engineering
Switches
Some ways to bypass firewall protections
Deep packet inspection
The network layer

35. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
War Dialing
Port scan
Trojan horse
The presentation layer

36. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
Internet
PAN
NIDS challenges
Some disadvantages of honeypots

37. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring
Some types of malicious code
Worms
SQL Slammer Worm
Some NIDS topology limitations

38. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK
Checksum in UDP
3-way handshake
Types of viruses
The four basic approaches to defense in depth

39. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector
Trap door
A netmask
The threat vector analysis in defense in depth
To establish a TCP session

40. Known - unknown - zero day
UDP packet headers
Log monitoring work?
The TCP/IP model
What categories do vulnerabilities fall into?

41. Malware - insider threat - natural disaster - terrorism - pandemic
Best way to protect wireless networks
The three goals of security
What primary threats should be protected against
PAN

42. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks
A netmask
SQL Slammer Worm
Some ways to bypass firewall protections
Denial of service

43. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
Some NIDS topology limitations
Datagram length of a UDP packet
Overview of TCP
Plaintext

44. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

45. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection
NIDS advantages
Some NIDS topology limitations
Some firewall benefits
OS Command Injection defenses

46. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering
Some Pen Test techniques
Plaintext
Deep packet inspection
IDS data normalization

47. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired
Remote maintenance
Nmap scanning techniques
Logic bomb
Some FTP dangers

48. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input
Anomaly analysis work
OS Command Injection defenses
Alteration of code
Some NIDS topology limitations

49. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed
IDS not
Port scan
WAN
File integrity checking work

50. Handles the network address scheme and connectivity of multiple network segments. It handles communication.
NIDS challenges
The network layer
ACK piggybacking
the application layer