GIAC MCQs
GIAC MCQs
Our experts have gathered these GIAC MCQs through research, and we hope that you will be able to see how much knowledge base you have for the subject of GIAC by answering these 30 multiple-choice questions.
Get started now by scrolling down!
1: True positive - false positive - true negative - false negative
A. When implementing protocols - what stack should be used?
B. The four types of events reported by IDS
C. Honeyd
D. Port scan
2: 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0
A. What categories do vulnerabilities fall into?
B. IDS signature analysis work
C. What ways should the crypto key be protected?
D. What range is a class A network?
3: Protected at rest - protected in transit - secure the key
A. What ways should the crypto key be protected?
B. Router
C. Worms
D. Rootkit
4: Going around with equipment to detect wireless networks
A. Social engineering
B. Wardriving
C. What's a VLAN
D. Brute force
5: An FTP that allows downloads only if the user knows the exact name of the file they're looking for
A. When talking about protocols and referencing layers - what stack is used
B. Parasitic malware
C. Some reasons to use TCP over UDP
D. A blind FTP
6: -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom
A. Some external threat concerns
B. Some network design objectives
C. Ack Piggybacking
D. The session layer
7: Simple attack done by simply browsing available information that's allowed on a local network.
A. Hubs
B. Shallow packet inspection
C. Some NIDS topology limitations
D. Browsing attack
8: Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls
A. Some firewall challenges
B. HIDS monitor
C. Race conditions
D. The TCP/IP model
9: Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector
A. The protected enclave to defense in depth
B. ATM work
C. The CIA triad
D. The threat vector analysis in defense in depth
10: Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer
A. Best way to protect wireless networks
B. IDS data normalization
C. The OSI model
D. TFTP
11: Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis
A. Types of ATM virtual circuits
B. A netcat listener
C. 3-way handshake
D. Nmap
12: Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con
A. Some reasons to use UDP over TCP
B. The data link layer
C. Hubs
D. ATM work
13: Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
A. When setting up a virtual circuit
B. Worms
C. Some common TCP ports
D. TFTP
14: An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network
A. Overview of TCP
B. A network protocol
C. PAN
D. Group
15: Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in
A. Overview of TCP
B. Plaintext
C. Some network design objectives
D. The protected enclave to defense in depth
16: ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis
A. Ack Piggybacking
B. Risk
C. Anomaly analysis work
D. Types of ATM virtual circuits
17: A cracking tool inserted into the OS that allows the attacker to do as they please.
A. LAN
B. Rootkit
C. What range is a class B network?
D. NAC
18: Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere
A. Parasitic malware
B. Remote maintenance
C. The Information Centric defense in depth
D. 3-way handshake
19: Stateful firewalls maintain state of traffic flows
A. Stateful firewall
B. Bridge
C. Address Resolution Protocol (ARP)
D. Datagram length of a UDP packet
20: UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks
A. Parasitic malware
B. SQL Slammer Worm
C. Router
D. PAN
21: Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area
A. A netcat listener
B. The conficker worm
C. File Integrity checking work
D. WAN
22: 53 bytes - 48 bytes for data - 5 bytes for the header
A. Total cell size for asynchronous transfer mode (ATM)
B. The Uniform Protection to defense in depth
C. Integrity of Data
D. Brute force
23: Local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs
A. Address resolution protocol
B. Nmap scanning techniques
C. LAN
D. Some reasons to use TCP over UDP
24: Handles the network address scheme and connectivity of multiple network segments. It handles communication.
A. Buffer overflow
B. The network layer
C. The transport layer
D. Some common TCP ports
25: Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code
A. COM/Script program infector
B. The five threat vectors
C. What range is a class A network?
D. The application layer
26: Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring
A. Hubs
B. Some NIDS topology limitations
C. HIDS monitor
D. MAN
27: 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0
A. Stateful firewall
B. NIDS challenges
C. Some Pen Test techniques
D. What range is a class C network?
28: Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
A. Types of ATM virtual circuits
B. Some common UDP ports
C. When implementing protocols - what stack should be used?
D. Trojan horse
29: Confidentiality - integrity - availability
A. Some disadvantages of honeypots
B. Buffer overflow
C. The three goals of security
D. Overview of TCP
30: - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
A. Some reasons to use TCP over UDP
B. The protected enclave to defense in depth
C. Some common TCP ports
D. The physical layer stack
GIAC MCQs
