Security+ part 1

I’ve passed my Network+ test, finally. On the first try though. I suppose that I could have worked a little faster but whatever, I got it done. Moving on to Security+. I went through the first 100 of about 700 test prep (wow…) questions last night and found that, so far, I’m not terribly off base with what I need to know but I did find about 30 questions that I wanted to research a little more so lets get into that!

I knew the answer here and to be honest I cant exactly explain why other than ‘it didn’t look like the other ones’ and the get and change portions set off some flags. Anyway, lets define the other stuff in the post

  • Command injection – Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP headers etc.) to a system shell. In this attack, the attacker-supplied operating system commands are usually executed with the privileges of the vulnerable application. Command injection attacks are possible largely due to insufficient input validation.
  • Password attack – An attack in which repetitive attempts are made to duplicate a valid logon or password sequence.
  • Buffer overflow – causes some of that data to leak out into other buffers, which can corrupt or overwrite whatever data they were holding.
  • Cross-site scripting – a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it.

So a get process command sent to a Linux box is for sure an example of command injection.

This question, I got wrong, but the point being I honestly don’t really know how that string of things fits together. Which is ironic, given that the answer is that who ever implemented the solution didn’t know how to make all those things work together either. Lets start with defining those things

  • TLS – Transport Layer Security (TLS), and its now-deprecated predecessor, Secure Sockets Layer (SSL),[1] are cryptographic protocols designed to provide communications security over a computer network.[2] Several versions of the protocols find widespread use in applications such as web browsing, email, instant messaging, and voice over IP (VoIP). Websites can use TLS to secure all communications between their servers and web browsers.
  • AES-GCM-256 – The cipher AES-256 is used among other places in SSL/TLS across the Internet. It’s considered among the top ciphers. In theory it’s not crackable since the combinations of keys are massive. Although NSA has categorized this in Suite B, they have also recommended using higher than 128-bit keys for encryption
  • SHA-384 – SHA-256 and SHA-512 are novel hash functions computed with 32-bit and 64-bit words, respectively. They use different shift amounts and additive constants, but their structures are otherwise virtually identical, differing only in the number of rounds. SHA-224 and SHA-384 are truncated versions of SHA-256 and SHA-512 respectively.
  • ECDSA -a cryptographic algorithm used by Bitcoin to ensure that funds can only be spent by their rightful owners.

The unauthenticated encryption method is kind of a mystery to me. Do they mean its lacking a PKI or like its not an ‘official’ encryption standard. Regardless, D does make more sense.

This is also confusing, why wouldn’t you run nmap on the IP range? Is that not considered a vulnerability assessment? To me it seems like the same thing but ok, Grey-box pentest and its grey box since we have IP addresses.

I have no idea what PGP has to do with secure email and to be honest, I doubt the internet is going to help me with this one but lets find out!

Welp, that was easy, PGP

Personally, I find this a bit odd but given that I was genuinely uneducated on the last question, this could be the case here too. As to where to find these definitions, who knows but lets see what we can do.

Honestly, all I’m finding are generic psychological answers that I’m not sure are super helpful given that ‘social proof’ means that you simply re state what someone else said to you.

That’s all for now! I tried a new way of posting as Photobucket isn’t cooperating tonight. Normally I dump images into Photobucket, edit the post in an HTML editor and then copy and paste the code into WordPress but im currently giving their block editor a go and putting the images directly onto the site.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: