More Security+, shocking!

Still going on Security, obviously, however getting back to the previous posts. I found some networking stuff that I thought was helpful. I went through several videos and this one, while long, is a really good baseline. I’m still slightly confused as to why they set up subnets when defining the IP but I’m sure eventually I’ll catch on to how that’s possibly transmitted with the packet.

So if you want some network info thats a good spot to start, for the uha firewall situation. Anyway, still unclear about the subnet? Is that indicating any thing in that range? I think that’s a safe assumption.

Anyway, lets start into the next set of questions.

Honestly, either of these work and it might be a good idea to do literally any or all of these things however B and D are fairly similar. Anyway, this one is kind of subjective but the thing is I’m kind of wondering what SCADA is exactly. I should probably know this and I’m not too proud to admit that I don’t. SCADA is an acronym for supervisory control and data acquisition, a computer system for gathering and analyzing real time data. SCADA systems are used to monitor and control a plant or equipment in industries such as telecommunications, water and waste control, energy, oil and gas refining and transportation. ok, that’s not that weird that I didn’t what that was and I cant promise that I will remember it 6 months from now when it hasn’t come up again in my normal existence.

 photo The-Moody-Blues_zpsoni9ue2u.jpg

Unrelated but that’s the Moody Blues. yeah,

 photo 4_zps0talojqh.png

To be honest, this is another one that I probably didn’t need to blog but is one of the millions of testable variables on this test. Terminal Access Controller Access-Control System Plus (TACACS+) is a protocol developed by Cisco and released as an open standard beginning in 1993. Although derived from TACACS, TACACS+ is a separate protocol that handles authentication, authorization, and accounting (AAA) services. TACACS+ have largely replaced their predecessors.

This isn’t on the the wiki page so good luck to me with spending hours researching one obscure question for what amounts to a baseline exam.

 photo 2_zpsaqmtes1i.png

Ok this one is legit, BYOD is the only thing I know what it is and I’m betting VDI (virtual desktop infrastructure?)and COPE are bull shit but lets find out.

  • VDI – Virtual desktop infrastructure
  • COPE – Company Owned/Personally Enabled (device)
  • CYOD – Choose Your Own Device

Ok this is kind of some bull shit but but BYOD is for sure not the right answer.

 photo 5_zpslggf37lc.png

I have no idea what an xmas attack is but I thought it sounded cool so lets take a look at these things.

  • MAC Spoofing – MAC spoofing is a technique for changing a factory-assigned Media Access Control (MAC) address of a network interface on a networked device. The MAC address that is hard-coded on a network interface controller (NIC) cannot be changed. However, many drivers allow the MAC address to be changed (use a VM?)
  • Pharming – a cyber attack intended to redirect a website’s traffic to another, fake site. Pharming can be conducted either by changing the hosts file on a victim’s computer or by exploitation of a vulnerability in DNS server software.
  • Xmas attack – Christmas Tree Attack is a very well known attack that is designed to send a very specifically crafted TCP packet to a device on the network. This crafting of the packet is one that turns on a bunch of flags. There is some space set up in the TCP header, called flags.
  • ARP poisoning – a technique by which an attacker sends (spoofed) Address Resolution Protocol (ARP) messages onto a local area network. Generally, the aim is to associate the attacker’s MAC address with the IP address of another host, such as the default gateway, causing any traffic meant for that IP address to be sent to the attacker instead.

You know, the question says nothing about MAC authentication so this is kind of a throw away question.

 photo 3_zpssqmpkkis.png

I mean its right but fuck that’s a lot of variables that they are not talking about in the question I.E.

 photo 2_zpsmzjfmn2i.png

I don’t know what NC or pskill does so lets look that up, oh on nc is netcat and the -p is port that its connecting to, man page. haha this is msft, it kills a process.

 photo 5_zpsnyvfxou1.png

Thinking about Extended validation doesn’t make sense but to be honest it was the only one I knew what it was so lets look at the others.

  • Wildcard certificate – a digital certificate that is applied to a domain and all its subdomains. Wildcard notation consists of an asterisk and a period before the domain name. Secure Sockets Layer (SSL) certificates often use wildcards to extend SSL encryption to subdomains.
  • Certificate chaining – A certificate chain is an ordered list of certificates, containing an SSL Certificate and Certificate Authority (CA) Certificates, that enable the receiver to verify that the sender and all CA’s are trustworthy
  • Certificate utilizing the SAN file – lets you specify additional host names (sites, IP addresses, common names, etc.) to be protected by a single SSL Certificate, such as a Multi-Domain (SAN) or Extend Validation Multi-Domain Certificate.

You know, I should have known this and I’ve covered this before.

 photo 3_zps0mwrrxhb.png

I don’t know what any of this shit is haha

  • MOU – memorandum of understanding is a type of agreement between two or more parties ?
  • BPA – No idea, online doesn’t know
  • ITCP – Information Technology Certified Professional ? (unclear)
  • BCP – Business continuity plan

Lol there is really only one viable option here and clearly i just clicked a circle.

 photo 1_zpsh9tyfyh7.png

Yeah, the print command would indicate buffer overflow perl is clearly not java so I should have been able to figure this out out without being a coder haha

 photo 4_zpsbifegcpj.png

What the heck is DHCPOFFER/DHCPACK, MAC spoofing is faking your mac address and I don’t think that would have any thing to do with DHCP but I could be wrong also the question says im right so I’m pretty sure its the first one. Anyway the offer/acknowledge thing is done by a server so that’s kind of crazy

Well, that’s all for today. Tomorrow night I need to try to get through 100 questions again and map out some stuff to learn about

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: