Test your basic knowledge |

GIAC

Subjects : certifications, giac, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS
Stateless packet filter
Honeyd
A network protocol
IDS

2. destruction of data - leaking confidential information - providing backdoor access
Some malware capabilities
Internet
Rootkit
Remote maintenance

3. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers
CIDR
Some reasons to use TCP over UDP
What primary threats should be protected against
Plaintext

4. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
Datagram length of a UDP packet
SQL Slammer Worm
War Dialing
The protected enclave to defense in depth

5. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols
IDS data normalization
Boot record infector
Types of viruses
Checksum in UDP

6. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
Firewall
The four basic approaches to defense in depth
The OSI model
Switches

7. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks
SQL Slammer Worm
Worms
Bridge
Shallow packet inspection

8. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment
The presentation layer
NIDS advantages
Best way to protect wireless networks
Nmap

9. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection
SYN flood
NIDS challenges
Some firewall benefits
Some network design objectives

10. Connects many WANs - MANs - and LANs - provided via ISP
Hping
War Dialing
Rootkit
Internet

11. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP
Address Resolution Protocol (ARP)
The presentation layer
Some other UDP based protocols
DDoS attack

12. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0
What range is a class A network?
File Integrity checking work
The goals of cryptography
SQL Slammer Worm

13. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code
IDS data normalization
Some NIDS topology limitations
Some Pen Test techniques
EXE program infector

14. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system
Some reasons to use UDP over TCP
SQL Slammer Worm
Some network design objectives
Nmap scanning techniques

15. Provides insight into the tactics - motives - and attacker tools
PAN
Some NIDS topology limitations
Best way to protect wireless networks
Some honeypot advantages

16. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment
Some external threat concerns
Kismet
A netcat listener
When implementing protocols - what stack should be used?

17. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer
Ciphertext
A netcat listener
The OSI model
ACK piggybacking

18. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
The OSI Protocol Stack
Proxy or application gateway
Types of ATM virtual circuits
Wardriving

19. Connects the physical part of the network (cables) with the abstract (packets and datastreams)
The data link layer
EXE program infector
A netmask
IDS not

20. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
Some malware propagation techniques
Brute force
NIDS challenges
To establish a TCP session

21. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0
Browsing attack
Bridge
Some Pen Test techniques
What range is a class C network?

22. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer
Kismet
SQL Slammer Worm
Types of ATM virtual circuits
The TCP/IP model

23. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host
Kismet
CIDR
Types of ATM virtual circuits
Shallow packet inspection

24. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address
Multi protocol label switching
Address Resolution Protocol (ARP)
Stateful firewall
NAC

25. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry
NAC
Honeypot
COM/Script program infector
Integrity of Data

26. Trying to ID modems in a telephone exchange that may be susceptible to compromise
Group
War Dialing
Best way to protect wireless networks
Some malware propagation techniques

27. Stateful firewalls maintain state of traffic flows
The five threat vectors
The network layer
To establish a TCP session
Stateful firewall

28. Intrusion detection system - it reports attacks against monitored systems/networks
Wardriving
IDS
Risk
Stateful firewall

29. Confidentiality - symmetric encryption
Some disadvantages of honeypots
The goals of cryptography
What's a VLAN
NAC

30. Confidentiality - integrity - availability
What range is a class B network?
The three goals of security
The physical layer stack
Some other UDP based protocols

31. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
Some common TCP ports
Plaintext
The session layer
What primary threats should be protected against

32. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.
SQL Slammer Worm
Smurf attack
Hubs
Bridge

33. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired
Logic bomb
DDoS attack
What's an easy way to test encryption?
Overview of TCP

34. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules
Snort
Some disadvantages of honeypots
Multi protocol label switching
IDS

35. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network
Some FTP dangers
Denial of service
A network protocol
Address resolution protocol

36. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host
Social engineering
The Information Centric defense in depth
A netcat listener
A netmask

37. Full open - half open (stealth scan) - UDP - Ping
Nmap scanning techniques
OS Command Injection defenses
Types of ATM virtual circuits
When setting up a virtual circuit

38. Protected at rest - protected in transit - secure the key
Stateful firewall
What ways should the crypto key be protected?
Honeypot
The Uniform Protection to defense in depth

39. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs
Types of ATM virtual circuits
IDS data normalization
The protected enclave to defense in depth
Remote maintenance

40. OSI
Stateful firewall
Ciphertext
The session layer
When talking about protocols and referencing layers - what stack is used

41. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
When setting up a virtual circuit
The protected enclave to defense in depth
The three goals of security
Trap door

42. Relies on executable code insertion and user interaction to spread
Group
What range is a class A network?
What's a VLAN
Parasitic malware

43. Network scanner.
Nmap
Anomaly analysis work
Best way to protect wireless networks
COM/Script program infector

44. Simple attack done by simply browsing available information that's allowed on a local network.
What threats should be protected against - based on threat levels
Some disadvantages of honeypots
Browsing attack
File integrity checking work

45. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key
Internet
Smurf attack
The network layer
Arbitrary substitution

46. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.
When implementing protocols - what stack should be used?
Alteration of code
Remote maintenance
MAN

47. One is for talking - one is for implementing
What's a VLAN
The difference in stacks
Brute force
What's an easy way to test encryption?

48. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering
Some Pen Test techniques
Switches
Snort
CIDR

49. Handles the network address scheme and connectivity of multiple network segments. It handles communication.
The network layer
A blind FTP
Some malware propagation techniques
IDS signature analysis work

50. The Practice of sending an ACK inside another packet going to the same destination
Asynchronous Transfer Mode
The conficker worm
Ack Piggybacking
Rotation?