IT Questions and Answers :)

Thursday, October 25, 2018

You can use which of the following to inject massive amounts of random data into a program or protocol stack for bug detection?

You can use which of the following to inject massive amounts of random data into a program or protocol stack for bug detection?

  • Cross-site scripting
  • Fuzzing
  • Cross-site request forgery
  • Input validation 

You can use which of the following to inject massive amounts of random data into a program or protocol stack for bug detection?

EXPLANATION

You can use fuzzing to inject semi-random data into a program or protocol stack in order to detect bugs.

Fuzz testing or Fuzzing is a Black Box software testing technique, which basically consists in finding implementation bugs using malformed/semi-malformed data injection in an automated fashion.

Fuzz testing was developed at the University of Wisconsin Madison in 1989 by Professor Barton Miller and his students. Their (continued) work can be found at http://www.cs.wisc.edu/~bart/fuzz/ ; it's mainly oriented towards command-line and UI fuzzing, and shows that modern operating systems are vulnerable to even simple fuzzing.


Share:

Tuesday, October 23, 2018

What are VM snapshots intended to be used for?

What are VM snapshots intended to be used for?

  • To shut down the server
  • As a backup tool for your VMs
  • To create albums
  • To easily revert the VM to an earlier state 

What are VM snapshots intended to be used for?

EXPLANATION

Snapshots provide a fast and easy way to revert the virtual machine to a previous state. For this reason, virtual machine snapshots are intended mainly for use in development and test environments. Having an easy way to revert a virtual machine can be very useful if you need to recreate a specific state or condition so that you can troubleshoot a problem.
There are certain circumstances in which it may make sense to use snapshots in a production environment. For example, you can use snapshots to provide a way to revert a potentially risky operation in a production environment, such as applying an update to the software running in the virtual machine.
Many backup products use snapshots in a production environment. They create a snapshot and then processing continues from the snapshot, meanwhile they have an unchanging original to back up. Once the backup is completed the snapshot is merged back into the live environment. This allows a machine to be backed up with very little affect for the users and for them remains up 24/7.
NB: Hyper-V snapshots do not replace backups. Backup usually involves some form of duplication (so two copies of the protected data exist) but in snapshots... there is no duplication whatsoever. All data is in VHD(X) file and changes in AVHD(X) file and if the VHD(X) file is damaged/lost, the data is pretty much gone. Also with most backups you can restore a single file to an earlier state, but with Snapshots, it's all or nothing (meaning if an user wants a file from last week, you'd have to bring the whole system back a week). There are other concerns as well (there might be performance  issues with multiple snapshots, snapshots usually lose value as they age and there are issues with disk space)

SOURCE

https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1015180
Share:

Monday, October 22, 2018

If Windows cannot find an active DHCP server, which network does it use by default for the network port?

If Windows cannot find an active DHCP server, which network does it use by default for the network port?

  • 192.168.0.0/16
  • 169.254.0.0/16
  • 172.16.0.0/12
  • 127.0.0.1/32 

 
If Windows cannot find an active DHCP server, which network does it use by default for the network port?

EXPLANATION

The 169.254.0.0/16 network is used for Automatic Private IP Addressing, or APIPA. If a DHCP client attempts to get an address, but fails to find a DHCP server after the timeout and retries period it will randomly assume an address from this network. This is defined in RFC 3927.
192.168.0.0/16 and 172.16.0.0/12 are defined for private use networks (LANs). It has to be configured by manual installation as a static IP or by a DHCP Server.
127.0.0.1/32 is the loopback address of the PC. The loopback address can be used to test the performance of TCP/IP by pinging 127.0.0.1. Upon receiving a response, you can assume that the software associated with the protocol is fine.

Share:

Friday, October 19, 2018

In Microsoft SQL Server, why does SELECT 1/2 return 0?

In Microsoft SQL Server, why does SELECT 1/2 return 0?

  • Numerator and denominator are both integers, so the result will be an integer
  • It doesn't - it returns 0.5
  • A bug in the code performing the division
  • A bug in the display in SSMS 

 
In Microsoft SQL Server, why does SELECT 1/2 return 0?

EXPLANATION

Due to the data type of the numerator and denominator being an "int", the return type is also assigned as an integer. While internally, the engine performs the calculation as 0.5, because the data type is an integer, the value gets converted to 0 and is returned as such.
Another way to say this is that the mathematical answer is 0.5 but because the system is only able to return an integer (whole number) the answer becomes 0 (the "whole number" in the answer).

Share:

Wednesday, October 17, 2018

Which of the following Windows console commands deletes a folder (c:\test), whether or not it is empty, without issuing any warnings?

Which of the following Windows console commands deletes a folder (c:\test), whether or not it is empty, without issuing any warnings?

  • rd test
  • rd test\* /q
  • del c:\test\*.* /s
  • rd c:\test /s /q 

Which of the following Windows console commands deletes a folder (c:\test), whether or not it is empty, without issuing any warnings?

EXPLANATION

The /s switch deletes ALL elements recursively inside the specified folder.
The /q switch is the silent mode, meaning there will be absolutely no warnings.
Caution

When you run rd /s in quiet mode, the entire directory tree is deleted without confirmation. Ensure that important files are moved or backed up before using the /q command-line option.
 
Share:

Thursday, October 11, 2018

What is the maximum number of devices that you can connect to a single USB 2.x controller?

What is the maximum number of devices that you can connect to a single USB 2.x controller?

  • 255
  • 31
  • 63
  • 127

What is the maximum number of devices that you can connect to a single USB 2.x controller?

EXPLANATION

Technically, a USB network is capable of supporting 128 nodes, though the USB controller itself is also a node.
In addition, any USB hubs, self-powered or bus-powered, count as additional nodes and reduce the number of nodes you can connect to the controller.
https://en.wikipedia.org/wiki/USB_hub#Physical_layout
 
Share:

Which of the following is NOT a daemon in Postfix?

Which of the following is NOT a daemon in Postfix?

  • qmgr
  • master
  •  crond
  • smtpd 

 
Which of the following is NOT a daemon in Postfix?

EXPLANATION

The crond daemon is a Linux daemon, not a Postfix daemon.
The master daemon is the brain of the Postfix mail system. It spawns all other daemons. The smtpd daemon (server) handles incoming connections. The qmgr daemon is the heart of the Postfix mail system. It processes and controls all messages in the mail queues.


Share:

Popular Posts