GIAC
Fast practice, instant feedback. Timer auto-submits when time’s up.
Avg score: 45% Most missed: “It makes sure the data sent from one side to the other is in a format useful to …”
GIAC
Time left 00:00
25 Questions

1. Malware - insider threat - natural disaster - terrorism - pandemic

2. Connects the physical part of the network (cables) with the abstract (packets and datastreams)

3. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con

4. Protected at rest - protected in transit - secure the key

5. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535

6. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.

7. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies

8. Syn - Syn/Ack - Ack

9. The Practice of sending an ACK inside another packet going to the same destination

10. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system

11. logic bomb - trojan horse - trap door

12. Slow - requires stateful data tracking - inspects all fields - including variable-length fields

13. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.

14. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.

15. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection

16. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS

17. Infects MBR - no network spreading potential

18. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously

19. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs

20. destruction of data - leaking confidential information - providing backdoor access

21. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline

22. Confidentiality - symmetric encryption

23. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom

24. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management

25. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer