SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication
What ways should the crypto key be protected?
Asynchronous Transfer Mode
TFTP
Some Pen Test techniques
2. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted
Stateful firewall
Some reasons to use TCP over UDP
Honeypot
Network stumbler
3. It interacts with the application layer to determine which network services will be required
Ciphertext
the application layer
What categories do vulnerabilities fall into?
Macro virus
4. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer
The CIA triad
NIDS advantages
The three goals of security
The TCP/IP model
5. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has
Honeyd
3-way handshake
Switches
Asynchronous Transfer Mode
6. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
IDS
CIDR
Nmap
UDP packet headers
7. Simple attack done by simply browsing available information that's allowed on a local network.
The four types of events reported by IDS
3-way handshake
Browsing attack
The network layer
8. Considered to be a perimeter device
Bridge
The CIA triad
Router
Integrity of Data
9. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network
A netmask
Trojan horse
DDoS attack
A network protocol
10. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.
Hubs
What threats should be protected against - based on threat levels
When setting up a virtual circuit
Router
11. One is for talking - one is for implementing
To establish a TCP session
Some reasons to use TCP over UDP
MAN
The difference in stacks
12. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers
Nmap
Some reasons to use TCP over UDP
Some types of malicious code
What range is a class A network?
13. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system
Some network design objectives
Types of ATM virtual circuits
PAN
Browsing attack
14. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
Network stumbler
NIDS challenges
Macro virus
SQL Slammer Worm
15. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in
Overview of TCP
WAN
File Integrity checking work
Ack Piggybacking
16. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce
Asynchronous Transfer Mode
Race conditions
SYN flood
The OSI model
17. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
Permutation
Trojan horse
Brute force
Address Resolution Protocol (ARP)
18. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS
Some ways to bypass firewall protections
Honeyd
Hping
PAN
19. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application
Risk
Some honeypot advantages
The OSI Protocol Stack
LAN
20. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry
Shallow packet inspection
Some reasons to use UDP over TCP
Integrity of Data
UDP packet headers
21. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system
Remote maintenance
Rotation?
Honeypot
When setting up a virtual circuit
22. 53 bytes - 48 bytes for data - 5 bytes for the header
Network stumbler
Total cell size for asynchronous transfer mode (ATM)
Some common TCP ports
A netmask
23. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area
The transport layer
TFTP
The conficker worm
WAN
24. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment
Arbitrary substitution
Best way to protect wireless networks
The presentation layer
What range is a class C network?
25. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures
Stateful firewall
PAN
NIDS advantages
Macro virus
26. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host
Kismet
CIDR
Types of ATM virtual circuits
The five threat vectors
27. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
Program infector
Hping
The goals of cryptography
When setting up a virtual circuit
28. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules
Wardriving
Smurf attack
Snort
IDS data normalization
29. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs
To establish a TCP session
Alteration of code
The protected enclave to defense in depth
PAN
30. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
Defense in depth
Some common TCP ports
Hping
Bus Topology
31. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches
When talking about protocols and referencing layers - what stack is used
Vulnerabilities
Switches
Bridge
32. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input
MAN
OS Command Injection defenses
Types of viruses
ACK piggybacking
33. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment
Alteration of code
File integrity checking work
The protected enclave to defense in depth
Kismet
34. Full open - half open (stealth scan) - UDP - Ping
Nmap scanning techniques
Bus Topology
The OSI model
Asynchronous Transfer Mode
35. Going around with equipment to detect wireless networks
Honeypot
A netcat listener
Some reasons to use TCP over UDP
Wardriving
36. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key
IDS data normalization
Address resolution protocol
When talking about protocols and referencing layers - what stack is used
Arbitrary substitution
37. Stateful firewalls maintain state of traffic flows
PAN
Stateful firewall
Parasitic malware
The different cable categories
38. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found
IDS signature analysis work
Some malware propagation techniques
Kismet
When implementing protocols - what stack should be used?
39. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit
Checksum in UDP
Proxy or application gateway
CIDR
The TCP/IP model
40. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0
Total cell size for asynchronous transfer mode (ATM)
A netmask
Social engineering
What range is a class B network?
41. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks
Bus Topology
SQL Slammer Worm
Asynchronous Transfer Mode
The TCP/IP model
42. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer
The session layer
Some reasons to use TCP over UDP
Remote maintenance
The OSI model
43. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched
3-way handshake
Buffer overflow
Bridge
Macro virus
44. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside
Some reasons to use TCP over UDP
Social engineering
Rootkit
To close a TCP session
45. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection
A netcat listener
Some firewall benefits
EXE program infector
Risk
46. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution
DDoS attack
OS Command Injection defenses
Some malware propagation techniques
Permutation
47. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline
Anomaly analysis work
Ack Piggybacking
Remote maintenance
OS Command Injection defenses
48. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS
Checksum in UDP
Buffer overflow
Some common UDP ports
IDS signature analysis work
49. True positive - false positive - true negative - false negative
The three goals of security
The four types of events reported by IDS
Plaintext
What's a VLAN
50. fast - with little fidelity - examines header information and limited payload data
IDS not
Shallow packet inspection
Some types of malicious code
OS Command Injection defenses