SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.
Address resolution protocol
No State Inspection ACK flag set
Remote maintenance
The OSI Protocol Stack
2. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
3. The Practice of sending an ACK inside another packet going to the same destination
No State Inspection ACK flag set
Proxy or application gateway
Ack Piggybacking
The presentation layer
4. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring
HIDS monitor
What's an easy way to test encryption?
Some NIDS topology limitations
Stateful firewall
5. FIN 130 - ACK 131 - FIN 570 - ACK 571
The OSI Protocol Stack
LAN
To close a TCP session
Types of viruses
6. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector
Multi protocol label switching
Types of viruses
Address Resolution Protocol (ARP)
Deep packet inspection
7. Slow - requires stateful data tracking - inspects all fields - including variable-length fields
What range is a class A network?
Checksum in UDP
Macro virus
Deep packet inspection
8. Handles transmissions across the physical media like wires - fiber - etc
Nmap scanning techniques
The physical layer stack
Stateful firewall
No State Inspection ACK flag set
9. Considered to be a perimeter device
Router
Some firewall challenges
Ciphertext
Boot record infector
10. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom
Some external threat concerns
Firewall
The different cable categories
Some reasons to use TCP over UDP
11. An attempt to gain access by bombarding it with guesses until the password is found.
Some malware propagation techniques
Some FTP dangers
Brute force
A netmask
12. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
When talking about protocols and referencing layers - what stack is used
LAN
Some firewall challenges
Risk
13. Message in its encrypted form
Address Resolution Protocol (ARP)
Ciphertext
Some firewall benefits
Nmap scanning techniques
14. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network
A network protocol
The data link layer
Integrity of Data
Some malware capabilities
15. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system
The threat vector analysis in defense in depth
Honeypot
NAC
Switches
16. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p
Some Pen Test techniques
The TCP/IP model
Some malware propagation techniques
Deep packet inspection
17. logic bomb - trojan horse - trap door
Some types of malicious code
When setting up a virtual circuit
The goals of cryptography
Ciphertext
18. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0
The threat vector analysis in defense in depth
What range is a class A network?
Overview of TCP
When talking about protocols and referencing layers - what stack is used
19. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs
To establish a TCP session
LAN
Rootkit
The goals of cryptography
20. Personal area network - phone tethering - bluetooth - etc
WAN
PAN
What's a VLAN
Smurf attack
21. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
Asynchronous Transfer Mode
File integrity checking work
Datagram length of a UDP packet
Some common TCP ports
22. Going around with equipment to detect wireless networks
The four basic approaches to defense in depth
Wardriving
The five threat vectors
COM/Script program infector
23. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication
TFTP
NIDS advantages
When talking about protocols and referencing layers - what stack is used
The four types of events reported by IDS
24. Confidentiality - symmetric encryption
When talking about protocols and referencing layers - what stack is used
Program infector
Some FTP dangers
The goals of cryptography
25. True positive - false positive - true negative - false negative
The four types of events reported by IDS
Some other UDP based protocols
Some malware propagation techniques
Some network design objectives
26. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer
Some types of malicious code
Nmap
The OSI model
SYN flood
27. fast - with little fidelity - examines header information and limited payload data
A blind FTP
Some reasons to use UDP over TCP
Shallow packet inspection
War Dialing
28. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.
Total cell size for asynchronous transfer mode (ATM)
Risk
The session layer
Buffer overflow
29. One is for talking - one is for implementing
Kismet
SYN flood
Buffer overflow
The difference in stacks
30. Protected at rest - protected in transit - secure the key
What ways should the crypto key be protected?
The TCP/IP model
The Information Centric defense in depth
Browsing attack
31. Relies on executable code insertion and user interaction to spread
The TCP/IP model
Parasitic malware
Some disadvantages of honeypots
Some FTP dangers
32. OSI
When talking about protocols and referencing layers - what stack is used
OS Command Injection defenses
The different cable categories
Some common UDP ports
33. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con
Buffer overflow
Worms
ATM work
Some other UDP based protocols
34. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
Types of viruses
The five threat vectors
Race conditions
Wardriving
35. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
Macro virus
Program infector
NIDS challenges
The difference in stacks
36. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously
Some NIDS topology limitations
Hping
The four basic approaches to defense in depth
SQL Slammer Worm
37. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code
SYN flood
Some NIDS topology limitations
The five threat vectors
CIDR
38. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area
Firewall
Switches
Macro virus
WAN
39. Malware - insider threat - natural disaster - terrorism - pandemic
Boot record infector
What primary threats should be protected against
Some malware propagation techniques
IDS data normalization
40. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
Types of viruses
Macro virus
Trap door
Firewall
41. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection
What range is a class C network?
IDS not
Some firewall benefits
What ways should the crypto key be protected?
42. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP
Port scan
Parasitic malware
Checksum in UDP
Some common TCP ports
43. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability
NIDS challenges
Bus Topology
The session layer
TFTP
44. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs
IDS signature analysis work
What threats should be protected against - based on threat levels
Proxy or application gateway
The protected enclave to defense in depth
45. Bits of code embedded in programs to quickly gain access at a later time
NAC
Trap door
The physical layer stack
The TCP/IP model
46. Uniform protection - protected enclaves - information centric - threat vector analysis
Switches
Macro virus
Some common TCP ports
The four basic approaches to defense in depth
47. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code
EXE program infector
Social engineering
What ways should the crypto key be protected?
The TCP/IP model
48. Handles the network address scheme and connectivity of multiple network segments. It handles communication.
The four types of events reported by IDS
The network layer
Some common TCP ports
Some firewall benefits
49. The practice of sending an ACK inside another packet going to the same destination
ACK piggybacking
When setting up a virtual circuit
Switches
Proxy or application gateway
50. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce
SYN flood
The session layer
When talking about protocols and referencing layers - what stack is used
The goals of cryptography