Tom Waits! The Shadow! Incorrect Answers! All this and more!

Alright, about half way through. The first time. As you know it takes me more than one go around and then I seem to pass real sketchy and right on the money like but thats ok. If you can read this put 2 dollars into into my paypal its Nickrbarnes@gmail.com thanks for your contributions. This is independently maintained and its a vital part of my existence so thanks for not reading it future employers. Please contact me via my text message. Thank you. Is this making any sense? I didn’t think so. I haven’t really been too personal lately and theres sometimes a guy, that comes along and does this thing. Some folks call him Bob Dylan other folks call him Tom Waits. Personally, I’m pretty sure hes the drummer for Megadeath but the world may never know without extensive research into the modern principles of why people buy watches with diamonds on them as if accurate time keeping was ever a reason to spend 50k on a watch especially given that literally if you dont have a cell phone what are you even doing. Unless your poor then I will DM you 5 dollars from my cash app for the troubles of insulting your given level of poverty. I live with my aunt for reasons but mostly its on acccount of the cost and convince.

Anyway for all you songsters out there that are not reading this here is song, its about driving a truck but its a ghost truck. You want to talk about shocking and spooky to be honest its too much to even photograph something like that. Did you know if you take a photo of a lockness monster you turn into a rat guy right away and thats not even a good thing at all.

 photo 3_zpsbmjujbf0.png

I’m not really sure what “HA in a web application server” I took at stab at it and wasn’t terribly fora off but lets start with

Ok, Properly designing high-availability (HA) web applications on the Cloud is a difficult task due to the overwhelming number of components and failure scenarios that can arise. In the real world, there is a large variance between deployments because virtually every web application has its own set of requirements.

So that’s pretty clear. You know, I should have figured that one out but I don’t think I did. The ALF for DDOS curbing and a load balancer makes sense. Reverse proxy servers do not

 photo 4_zpsb4bfhlh3.png

You know, upon re-reading the question what they are getting at is that people that work on “the firewall team” can implement vulnerabilities without having to have them approved by management. And you know, Ill be hones t here, that is troublesome. Or even worse, they could break currently working infrastructure.

 photo 5_zps5vyccjql.png

Realizing what rhosts is, I’m not really sure why I picked that one. To be honest, knowing what TTY is and without a long line of syntax I’m not sure that really makes sense either

Humm… is this right? me thinks no..

 photo 1_zpskmlzvr0h.png

This is for sure a coding question that is over my head. I’m not sure of the difference. I can tell you that planning and learning for expected test questions works much better than randomly doing weird shit to be attention seeking though. Wait, that’s not what this was about. What this is about is an abstrcation of a concept that doesnt have a hard definition to begin with. Basically this is some bull shit, you can XSS with Java and Java is not a machine language, as I understand it. To be honest, my answer is correct.

 photo 2_zps4l4w7mcj.png

This one is a little tougher as it was my assumption that 802.1x was done on the router and what they are describing is not on a router. And wow was I wrong

Overview of 802.1x Authentication

802.1x authentication consists of three components:

  • The supplicant, or client, is the device attempting to gain access to the network. You can configure the Arubauser-centric network to support 802.1x authentication for wired users as well as wireless users.
  • The authenticator is the gatekeeper to the network and permits or denies access to the supplicants.
  • The Aruba controller acts as the authenticator, relaying information between the authentication server and supplicant. The EAP type must be consistent between the authentication server and supplicant and is transparent to the controller.

The authentication server provides a database of information required for authentication and informs the authenticator to deny or permit access to the supplicant.

The 802.1x authentication server is typically an EAP-compliant Remote Access Dial-In User Service (RADIUS) server which can authenticate either users (through passwords or certificates) or the client computer.

An example of an 802.1x authentication server is the Internet Authentication Service (IAS) in Windows (seehttp://technet.microsoft.com/en-us/library/cc759077(WS.10).aspx).

Arubauser-centric networks, you can terminate the 802.1x authentication on the controller . The controller passes user authentication to its internal database or to a “backend” non-802.1x server. This feature, also called “AAA FastConnect,” is useful for deployments where an 802.1x EAP-compliant RADIUS server is not available or required for authentication.

So thats pretty straight forward and makes it quite plain that I did not understand 802.1x

 photo 4_zpsrrs5maip.png

This one I just fucked up and its probably a good idea to cover the definitions again

  • Botnet – a number of Internet-connected devices, each of which is running one or more bots. Botnets can be used to perform distributed denial-of-service attack (DDoS attack), steal data, send spam, and allows the attacker to access the device and its connection.
  • Ransomware – type of malware from cryptovirology that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion, in which it encrypts the victim’s files, making them inaccessible, and demands a ransom payment to decrypt them
  • Polymorphic malware – a type of malware that constantly changes its identifiable features in order to evade detection. Many of the common forms of malware can be polymorphic, including viruses, worms, bots, trojans, or keyloggers
  • Armored virus – A type of virus that has been designed to thwart attempts by analysts from examining its code by using various methods to make tracing, disassembling and reverse engineering more difficult. An Armored Virus may also protect itself from antivirus programs, making it more difficult to trace.

Yeah thats for sure describing a botnet.

 photo 2_zpstlwxp2dj.png

This is another one of those questions where I want to say “thats really tough” but honestly a little more basic info should clear this one up… lol and the wikipedia pages for these say nothing about use or computation times. Which is totally fine given that you know some times experience makes things like this more clear and we have to take the answer at face value.

 photo 1_zpsmr68brvx.png

WPA2 does not use TLS being the key factor in this case.

 photo 5_zpssp7cczq2.png

The thing about this is that dropping an OS revision is absolutely an indicator of banner grabbing however i’m not sure if thats client or host and there is a connection attempting to be made here. That said I dont know why the host would drop info on the OS and the PC does appear to be at root which makes the pivot option seem a bit odd without further information but you are on one machine trying to connect to another.

 photo 3_zpsb22ht2n8.png

This was a thing I learned and then remembered PII data is confidential. Note taken.

I had hoped to get 10-15 more questions done tonight but I think that’s all. More to come tomorrow and in the following days. I’m sure your super excited to tune in!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Powered by WordPress.com.

Up ↑

%d bloggers like this: