Study Deck Flashcards

Question

Encryption

Answer 1

Process whereby data is transformed in a way to guarantee confidentiality - requires secret to be used (key)

Answer 2

Message Digest Algorithm - Ron Rivest and uses 128-bit key - Vulnerable to rainbow tables

Answer 3

Secure Hash Algorithm Hash function designed by NSA SHA-1 160-bits SHA-2 256/512 bits block sizes

Answer 4

Hash-based Message Authentication Code - MAC is used to authenticate a message and provide integrity and authenticity assurance on messages Works with other hash such as HMAC-SHA1

Answer 5

Rivest Shamir Adleman - Public key cryptography algorithm. Slower than symmetric key algorithm but suitable for encryption (keys are much longer) Uses two distinct prime numbers that can't be factored

Answer 6

Data Encryption Standard - old type of block cipher used in 1970s as an encryption standard - 64 bit block cipher using 54 bit key (Replace by AES)

Answer 7

Triple Data Encryption Standard - applies cipher algorithm three times on each cipher block Block size is 64 bits but key can be up to 168 bits (Replaced by AES)

Answer 8

Advanced Encryption Standard - Symmetric key encryption standard with three standards - AES 128, AES 192, AES 256. Cipher block is 128 bits but keys are 128,192,256 bits respectively Used in WPA2, remote control applications and windows encrypting file system like bit locker

Answer 9

Stream Cipher used in protocols such as SSL, WEP, RDP

Answer 10

Pretty Good Privacy - Used for signing, encrypting and decrypting emails in order to increase the security communication - PGP uses symmetric key sessions (pre-shared keys)

Answer 11

Internet Protocol Security is a secure network protocol suite that authenticates and encrypts the packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in virtual private networks (VPNs).

Answer 12

Authentication Header - Provides a mechanism for authentication only - (Integrity) -

Answer 13

Encapsulating Security Payload - Provides data confidentiality (encryption) and authentication (data integrity, data origin auth and replay protection).

Answer 14

Security Association - The IPsec protocols use a security association, where the communicating parties establish shared security attributes such as algorithms and keys. As such IPsec provides a range of options once it has been determined whether AH or ESP is used.

Answer 15

Internet Security Association and key management protocol

Answer 16

Secure Sockets Layer - Protocol used to secure websites

Answer 17

Transport Layer Security - Protocol used to secure websites- TLS 1.3 latest version

Answer 18

Wireless Equivalent Privacy - 802.11 defined as method to make wireless link equivalent to wire connection - uses RC4 (on data frames) - Shared key security method

Answer 19

Temporary Key integrity protocol - used to make WEP more secure - 802.11I - Per packet mixing function - Message intergrity Code (MIC function) - enhanced IV

Answer 20

WPA improves on WEP in that it provides the TKIP encryption scheme to scramble the encryption key and verify that it hasn't been altered during the data transfer.

Answer 21

Pre shared key - used in WPA and users enter shared secret in AP or client

Answer 22

u+s - File executes as owner o the file

Answer 23

g+s - File executes as the group owner

Answer 24

Sets a special restriction on deleting files. Only owner of file and root can delete files within directory

Answer 25

a command that determines the settings of a mask that controls how file permissions are set for newly created files.

Answer 26

List processes and associated network socket in Windows

Answer 27

List processes and associated network socket in Linux

Answer 28

List processes that own a file or directory (linux)

Answer 29

(Quick Fix Engineering) Windows command that lists all patches

Answer 30

Check which kernel version linux os is running

Answer 31

Queries Top Level Domain (TLD) port 43

Answer 32

Regional Internet Registry ARIN - American Registry of Internet Numbers APNIC - Asian Pacific Network Information Centre LACNIC - Latin America and Caribbean Network Information Centre AfriNIC - African Network Information Centre RIPE NCC - Europe, West Asia and former USSR

Answer 33

Domain Name Server - Port 53 TCP and UDP

Answer 34

Maps host name to IPv4 Address

Answer 35

Maps multiple names (alias) to A record | Canonical Name

Answer 36

Mail Exchange - Maps a domain to a mail server

Answer 37

Name Server - Assigns a DNS zone to access the give authoritative name servers

Answer 38

Pointer - Maps IP addresses to the host names for reverse look ups

Answer 39

Start of Authority - Specifies authoritative info for a DNS zone.

Answer 40

Host Information Resource Record - Provide OS and platform info

Answer 41

Service Locator - Specifies a generic service location record for newer protocols

Answer 42

Maps host name to IPv6 Address

Answer 43

Can be used to preform DNS Zone Transfer - dD

Answer 44

Port 23 - Provides remote access to servers and network equipment - Can be used to get banner from hosts to

Answer 45

Secure Shell Protocol - Port 22 - Replaced Telnet (Ssh more secure)

Answer 46

Trivial File Transfer Protocol - UDP port 69 - Used for unauthenticated file transfers - Need file name and exact location

Answer 47

Simple Network Management Protocol - UDP port 161 - Designed to provide information about network devices, software and systems

Answer 48

Simple Network Management Protocol Management information base which is implemented by some vendors and contain vendor specific information

Answer 49

Network Time Protocol - UDP port 123 - Can be queried for host name OS and ntp version

Answer 50

Packet Capture - API that captures live network packet data. Type of Files: .PCAP,Libpcap,WinPcap,PCAPng,Npcap

Answer 51

Address Resolution Protocol - Used by the internet protocol (IPv4) to map IP network addresses to hardware addresses (MAC Addresses) used by the data link protocol. ARP Request,reply RARP Request,reply

Answer 52

Dynamic Host Configuration Procotol - UDP - used to provide local systems' network settings such as IP address, subnet, default gateway and DNS. port 67 68

Answer 53

Runs on all media that support Subnetwork Access Protocol; LAN,Frame Relay and ATM media - Data link Layer only

Answer 54

Provides redundancy for IP Networks, ensuring that traffic can transparently recover from first hop failures.

Answer 55

VRRP - Computing networking protocol that provides for automatic assignment of available Internet Protocols routers to participating hosts

Answer 56

provides a way for engineers to distribute VLAN configuration information among switches

Answer 57

STP (STP) was introduced into the networking world as a means to prevent layer 2 network loops (frame broadcast storms) from disrupting the service of a local area network.

Answer 58

Terminal Access Controller Access-Control System Plus (TACACS+) is a protocol developed by Cisco and released as an open standard beginning in 1993. Although derived from TACACS, TACACS+ is a separate protocol that handles authentication, authorization, and accounting (AAA) services

Answer 59

Voice Over Internet Protocol -

Answer 60

Private branch exchange - Cost effect solution to telephony services in small and medium sized companies because it provides flexibility and intercommunication throughout companies.

Answer 61

Skinny Call Control Protocol - lightweight protocol used in IP telephony and call management - developed by Cisco

Answer 62

Session Initiation Protocol - Session management protocol - UDP and TCP and supports TLS

Answer 63

INVITE, ACK, BYE, CANCEL, REGISTER, OPTIONS

Answer 64

device supports TKIP and AES

Answer 65

Lightweight Extensible Authentication protocol - LEAP takes an MS CHAPv2 challenge and responses and transmits them clearly over the wireless network - Password used - Made from CISCO

Answer 66

Point to point tunnelling protocol - TCP 1723 - to negotiate and establish connection and IP 47 (GRE) for data communication (legacy protocol)

Answer 67

``` Port 3306 (Maria db is free version) netstat or telnet to ID version ```

Answer 68

Microsoft SQL Server TCP 1433 1434(SSRS) - provides referral service for mutiple SQL server instances TCP 2433 - Hidden Mode

Answer 69

Use Transparent Network Substrate (TNS Protocol) to connect to the database port 1521 or (1526,1541)

Answer 70

used by OEM (Oracle Enterprise Manager) intelligent agent to log on automatically to remote servers, to provide information to oracle enterprise manager - SELECT ANY DICTIONARY priv needed Default password needs to be changed to prevent access to sys.user$

Answer 71

No output from Store procedure because not ran on the front end presentation tier xp_cmdshell - query and execute OS calls directly sp_makewebtask - dump results of SQL SELECT to HTML file xp_regread - dump registry keys from database server and can obtain password

Answer 72

designing of security flaws or vulnerability of an application by thinking based on specific functionality. User Functionality Business Logic Software Package version installed on the system

Answer 73

Cross Site Scripting is a common attack vector that injects malicious code into a vulnerable web application.

Answer 74

Attacker modifies a string that he/she knows will be processed by an SQL server running in the backend to form an SQL.

Answer 75

UDP port 137 - Provides NetBIOS Name Table - nbtstat -n or nbtstat -A IP

Answer 76

list local and global groups user belongs to

Answer 77

UDP 138- gets info from datagram header and store in NetBios name cache and TCP 139 - Authentication across windows workgroups or domain and provides access to resources such as printers

Answer 78

used to show all computers within a network

Answer 79

will show accessible SMB shares

Answer 80

Important part of AD - SYSVOL folder is shared on an NTFS volume on all domains controllers in a domain and used to deliver policy and logon scripts to domain members

Answer 81

Simple Network Management Protocol - UDP 161 - found on infrastructure devices such as switches and routers

Answer 82

Lightweight Directory Access Protocol - Provides directory information to clients LDAP Global Catalogue (GC) TCP 3268 - ldapsearch is a tool used for enum

Answer 83

Flexible Single Master Operations - Five roles divided used in AD

Answer 84

Primary Domain Controller - Emulator operation master - Only one allowed in the forest - Only DC that can update AD schema

Answer 85

The relative Identifier (RID) operation master - Responsible for adding and removing DC to and from the AD forest

Answer 86

PDC operation master role is domain wide setting (each domain in forest will have one) - responsible for synchronisation - PDCs sync time with forest root domain PDC role-holder and sync time with external time sources - ALSO, responsible for password change replications

Answer 87

Domain wide setting (each domain has one) - responsible for maintaining a poll of relative identifiers that will be used when creating objects in the domain - RID is used in the process of creating a Security Identifier (SID) - Once RID is used to generate SID, it is not used again.

Answer 88

Role responsible for replicating SID and Distinguished name (DN) value change to cross-domains- Checks its database at regular intervals for foreigns group members from other domains and once it finds objects it check SID and DN values with the global catalogue servers. If mismatch it will replace its value with the global catalogue

Answer 89

The first DC in a AD forest will hold all five FSMO roles

Answer 90

Component thats runs windows server OS and holds AD domain services role.

Answer 91

Global catalogue server holds the full writable copy of objects in its host domain and a partial copy of objects in other domains in the same forest

Answer 92

Without DNS an AD domain infrastructure cannot work because it wouldn't be able to locate Domain Controllers and maintain a hierarchical infrastructure design.

Answer 93

Maintains a databse to store schema information, configuration information and domain information. ntds.dit file is the AD database file - contains classes, attributes and relationships between the two. C:\Windows\System32\ntds.dit C:\Windows\NTDS\ntds.dit

Answer 94

Rules applied to manage application settings, security setting and system setting of the AD Objects A set of Group Policy configurations is called a Group Policy Object (GPO)

Answer 95

Set of information about the security of a local computer - 1, domain trusted to authenticate logon attempts 2.which users can access systems 3.privilege assigned to accounts 4. security auditing policy Local Security Authority stores the local policy info in a set of LSA policy Objects

Answer 96

Password Rules and Lock out policies, lifetime and password complexities

Answer 97

This setting control the threshold for this response and the actions to be taken after that threshold has been reach

Answer 98

Lan manager - old technique that Microsoft used back in the 1980s to create hash passwords. 14 character max, find in SAM or NTDS database on a DC - encrypted with DES - disabled in older systems like vista or 2008 srv

Answer 99

New Technology Lan Manager is the new way that Microsoft uses to hash password. In SAM db or NTDS.dit database. - RC4 Cipher (which is an old cryptographic methods such as AES or SHA-512 Version 2 use MD5 hash Both unsalted hashes

Answer 100

Is a field on system management that involves acquiring, testing and installing patches to a computer

Answer 101

Free patch management tool from Microsoft to help system admins to deploy security patches - Each workstation connects to the SUS server and gets update from there

Answer 102

2003 - Provides a rich management and servicing solution. Can be used to manage networked windows embedded standard- based devices alongside windows desktop and sever.

Answer 103

WSUS enables system administrators to deploy the latest Microsoft product updates- WSUS server can be the update source for other WSUS servers within the organisation (upstream server)

Answer 104

MSBA helps to stay on top of regular network auditing tasks by scanning both local and remote Microsoft systems from security Misconfigurations. Also can identify any missing security updates and service packs available through the Microsoft update technologies

Answer 105

A small issue leads to another increasing severity and risk.

Answer 106

Extended SMTP feature - Once connected to server EHLO command will enum authentication types

Answer 107

SMBv1 vulnerability - 2017 - Mishandles specially-crafted packets from remote packets allowing an arbitrary code to be executed on the target. Wannacry ransom used Eternalblue to spread itself

Answer 108

Finger protocol is a app level protocol that provides an interface between the finger command and the fingerd daemon - returns information about the users currently logged in to a specified host TCP port 79 - 'finger @IP' or 'finger oracle@IP' or 'finger user@IP' users with string user

Answer 109

RPC service endpoint which listens to dynamic port - First connects to RPC port mapper and returns whereabouts of the rusersd service. If rusersd is running you can use 'r -l 192.168.1.5' to see users logged in.

Answer 110

rwhod service listens on port 513 - and if it is accessible, use the command rwho to query the service and get list of currents users logged in to the remote host

Answer 111

Allows a malicious user to bypass authentication due to improper sanitation of input (Crafting a special telnet string)

Answer 112

TCP 20 - used to send data from server to client TCP 21 - used to accept and process FTP commands from the client. ID banner by using quote help or syst command rwt in tmp directory with anonymous access

Answer 113

Protocol for sending emails through several software packages such as sendmail, Microsoft exchange etc. Commands: HELP,VRFY,EXPN, RCPT TO. MAIL FROM

Answer 114

Post Office Protocol is a standard mail protocol used to receive emails from a remote server to a local email client. common to not have a Lockout Policy so susceptible to brute forcing

Answer 115

Internet Message Access Protocol an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. Plain text and also susceptible to brute forcing

Answer 116

Network File System is a distributed file system protocol that allows a user on a client computer to access files over a computer network much like local storage is accessed. Port 2049 - UDP and TCP and NFSv4 is latest version

Answer 117

Read only on NFS

Answer 118

Read write on NFS

Answer 119

Root on NFS is treated as nfsnobody by NFS server (security measure) - to disable such protection use no_squash_root

Answer 120

Nosuid - disables set user identifier or set group identifier bits to prevent remote users from gaining higher privileges Noexec - prevents execution of binaries on mounted file systems

Answer 121

The most popular are “rsh” for a remote shell, “rlogin” for a remote login, and “rexec” for remote execution. exec 512/tcp login 513/tcp shell 514/tcp uses Pluggable Authentication Modules (PAM) username and password for auth, which can be overridden by ~/.rhost and /etc/hosts.equiv

Answer 122

X provides the basic framework for a GUI environment: drawing and moving windows on the display device and interacting with a mouse and keyboard. X server 6000 to 6063 xhost + or - used to give access or remove access host

Answer 123

Magic cookie saved when user logs into X windows under the users home directory

Answer 124

get information about X windows using a build-in utility in Kali xwininfo -tree -root -display IP

Answer 125

A number of Linux daemons run as remote procedure call services using dynamic ports. rpcinfo can be used to query RPC port mapper to list the accessible RPC service endpoints

Answer 126

TCP and UDP port 111 or 32771

Answer 127

Secure Shell Protocol- encrypted access to linux, unix and windows OS and allows file access using secure copy (SCP) secure FTP (SFTP) and SSH Port forwarding.

Answer 128

Web browser and mobile clients support rich functionality using Javascript and other client-side technologies which interact with server APIs and Endpoints

Answer 129

Application server supports code execution written in languages like Java,Ruby,Python and Microsoft ASP.NET. Connectors and adaptors are used to negotiate the communications between the clients and applications.

Answer 130

The data stores used with web applications are databases, key-values stores and distributed file systems.

Answer 131

Hypertext Transfer Protocol - Application level protocol for hypermedia information systems. Connectionless, Independent Media and Stateless

Answer 132

Uniform Resource Identifiers formatted case-insensitive strings containing a name, location and much more in order to identify a resource such as a website

Answer 133

TLS (Transport Layer Security) and SSL (Secure Socket Layer) are cryptographic protocols which provide secure communication over the HTTP protocol

Answer 134

Passes parameters to the web app through URL

Answer 135

Passes data to the server through the body of the request

Answer 136

Gets the HTTP header without sending any payload

Answer 137

when this method is used, the server bounces back the TRACE response with the original request message in the body of the response - used to Identify alterations to the request by intermediates devices such as firewalls and proxies

Answer 138

PUT is used to upload and DELETE is used to remove data

Answer 139

Used to query the server for the methods that it supports

Answer 140

used to establish a tunnel to the server identified by a five URI

Answer 141

Informational - Request received and the process continued

Answer 142

Success - Action successfully recieved nd understood and accepted

Answer 143

Redirection - Further action must be taken in order to complete the request

Answer 144

Client Error - The request contains incorrect syntax or cannot be fulfilled

Answer 145

Server Error - The server failed to fulfill an apparently valid request

Answer 146

Simple Object Access Protocol - XML message protocol in order for computers to exchange information. - Communication protocol for internet - Can extend HTTP for XML messaging - Can exchange complete documents or call a remote procedure - Can be used to broadcast a message - Is platform and language - independent - Enables clients applications to easily connect to remote services and invoke remote methods - Is an EML way to define what information is sent and how

Answer 147

gives instructions to the broswer if and when a page should be displayed as part of another page

Answer 148

HTST - HTTP Strict Transport Security - instructs browser to enforce a HTTPS connection

Answer 149

Instructs website to used Cross-site Scripting protection

Answer 150

Sent from server to demand the location where scripts can be loaded

Answer 151

header may contain different flags. Expire sets a date til the cookie is valid

Answer 152

Max-Age or Expires attribute and stored on disk by web browser until the expiration date.

Answer 153

Stored in RAM on the client computer and deleted when the browser is closed

Answer 154

Forces the web browser to send cookies though an encrypted connection such as HTTPS which prevents eavesdropping.

Answer 155

instructs the web browser not to expose the cookie through client-side scripts thus disallowing access to the cookie from any script

Answer 156

Extensible Markup Language XML Document Type Definition (DTD) is a document used to validate an XML document for a certain criteria. Acts as a validation template containing a definition a valid structure attributes and elements for an XML document.

Answer 157

Scripting language and interpreter are used on the server-side (on ISS and Apache) to support PHP functionality.

Answer 158

Asynchronous Javascript and XML is a combination of technologies used to create fast and dynamic pages. Uses an asynchronous request-response method which makes the application more interactive. Allows content of a web page to be updated without submitting the entire page to the server.

Answer 159

Dynamic Object Model - is a framework to organise elements in an HTML or XML document. Convention for representing and interacting with HTML objects.

Answer 160

Set of APIs that support an advanced type system,data,graphics,network and what is needed to write enterprise apps in a Microsoft ecosystem.

Answer 161

Internet Server Application Programming Interface provides application support within ISS through DLL that are mapped with specific file extensions

Answer 162

Common Gateway Interface is a way for a web server to pass a user request to an application programme and to receive data to forward them to the user. (part of HTTP protocol)

Answer 163

5. 0 2000 5. 1 Windows XP 6. 0 W Server 2003 7. 0 W Server 2008 and Vista 7. 5 Windows 7 8. 0 Server 2012 and windows 8 8. 5 Windows 2012 R2 and Windows 8.1 10. 0 Windows 2016

Answer 164

Extensible Authentication Protocol - Used to authenticated people to wireless networks (WPA and WPA2 use it)

Answer 165

Protected Extensible Authentication Protocol - TLS tunnel (SSL) authentication communication is encrypted in the tunnel