SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
The four types of events reported by IDS
Risk
Race conditions
A netcat listener
2. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
Honeypot
When talking about protocols and referencing layers - what stack is used
Vulnerabilities
When setting up a virtual circuit
3. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches
Some ways to bypass firewall protections
Total cell size for asynchronous transfer mode (ATM)
Bridge
The physical layer stack
4. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end
To establish a TCP session
Bridge
The transport layer
Shallow packet inspection
5. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.
Stateless packet filter
War Dialing
The session layer
Address resolution protocol
6. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p
Stateless packet filter
Some malware propagation techniques
The presentation layer
Nmap
7. A cracking tool inserted into the OS that allows the attacker to do as they please.
The CIA triad
Rootkit
Social engineering
Logic bomb
8. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP
Permutation
Bus Topology
Port scan
Types of ATM virtual circuits
9. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
10. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found
IDS signature analysis work
Port scan
Anomaly analysis work
What range is a class C network?
11. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP
Some other UDP based protocols
To close a TCP session
The three goals of security
What range is a class B network?
12. Intellectual property - business goals - validated data - historical
3-way handshake
File integrity checking work
LAN
What threats should be protected against - based on threat levels
13. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application
TFTP
IDS data normalization
The OSI Protocol Stack
Firewall
14. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code
The TCP/IP model
EXE program infector
The Information Centric defense in depth
Deep packet inspection
15. Going around with equipment to detect wireless networks
Wardriving
The network layer
Boot record infector
Total cell size for asynchronous transfer mode (ATM)
16. Syn - Syn/Ack - Ack
CIDR
To establish a TCP session
Switches
Best way to protect wireless networks
17. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone
Anomaly analysis work
Some reasons to use TCP over UDP
MAN
The OSI model
18. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers
Some reasons to use TCP over UDP
Risk
MAN
What categories do vulnerabilities fall into?
19. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters
Proxy or application gateway
What range is a class B network?
Rotation?
Bus Topology
20. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks
What range is a class C network?
The five threat vectors
SQL Slammer Worm
ATM work
21. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0
What range is a class B network?
EXE program infector
Macro virus
No State Inspection ACK flag set
22. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script
Logic bomb
Nmap scanning techniques
The conficker worm
COM/Script program infector
23. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted
The five threat vectors
Some reasons to use TCP over UDP
Total cell size for asynchronous transfer mode (ATM)
Network stumbler
24. Confidentiality - integrity - availability
Kismet
Stateless packet filter
The three goals of security
The data link layer
25. One is for talking - one is for implementing
Port scan
The difference in stacks
Hping
Group
26. destruction of data - leaking confidential information - providing backdoor access
Some firewall benefits
Shallow packet inspection
Some malware capabilities
Some external threat concerns
27. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection
File integrity checking work
What range is a class C network?
Some firewall benefits
The presentation layer
28. Slow - requires stateful data tracking - inspects all fields - including variable-length fields
the application layer
SYN flood
Social engineering
Deep packet inspection
29. Stateful firewalls maintain state of traffic flows
Stateful firewall
The transport layer
The OSI model
The network layer
30. 53 bytes - 48 bytes for data - 5 bytes for the header
Total cell size for asynchronous transfer mode (ATM)
Ciphertext
DDoS attack
The four basic approaches to defense in depth
31. True positive - false positive - true negative - false negative
Switches
Nmap scanning techniques
The four types of events reported by IDS
ACK piggybacking
32. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address
Honeypot
Rotation?
Address resolution protocol
Network stumbler
33. An FTP that allows downloads only if the user knows the exact name of the file they're looking for
Stateless packet filter
CIDR
A blind FTP
Multi protocol label switching
34. The practice of sending an ACK inside another packet going to the same destination
Kismet
Some firewall challenges
Browsing attack
ACK piggybacking
35. Considered to be a perimeter device
Deep packet inspection
Router
A netcat listener
What range is a class A network?
36. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed
Best way to protect wireless networks
Honeypot
The difference in stacks
File integrity checking work
37. fast - with little fidelity - examines header information and limited payload data
Some malware capabilities
Some network design objectives
HIDS monitor
Shallow packet inspection
38. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired
ATM work
Internet
Logic bomb
The goals of cryptography
39. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer
Snort
What primary threats should be protected against
The threat vector analysis in defense in depth
The TCP/IP model
40. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis
Best way to protect wireless networks
A netcat listener
A blind FTP
Parasitic malware
41. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.
To establish a TCP session
The transport layer
No State Inspection ACK flag set
Stateless packet filter
42. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
Firewall
File Integrity checking work
Group
Overview of TCP
43. Bits of code embedded in programs to quickly gain access at a later time
Trap door
DDoS attack
Buffer overflow
The OSI model
44. FIN 130 - ACK 131 - FIN 570 - ACK 571
Vulnerabilities
Program infector
The different cable categories
To close a TCP session
45. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
Buffer overflow
the application layer
Some common TCP ports
When setting up a virtual circuit
46. Relies on executable code insertion and user interaction to spread
Some NIDS topology limitations
Parasitic malware
To establish a TCP session
The five threat vectors
47. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0
What range is a class A network?
Worms
Some ways to bypass firewall protections
Trojan horse
48. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
Bridge
Datagram length of a UDP packet
Worms
Bus Topology
49. Connects many WANs - MANs - and LANs - provided via ISP
Some firewall benefits
Internet
Brute force
TFTP
50. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment
NAC
Overview of TCP
The conficker worm
The TCP/IP model