IT Questions and Answers :)

Tuesday, April 9, 2019

When installing Oracle Real Application Clusters on Linux/Unix, what is the default port number and protocol?

When installing Oracle Real Application Clusters on Linux/Unix, what is the default port number and protocol?

  • 11000/TCP
  • 61000/TCP
  • Dynamic/UDP
  • 1521/TCP 

 
When installing Oracle Real Application Clusters on Linux/Unix, what is the default port number and protocol?

EXPLANATION

Oracle Real Application Clusters (UNIX) uses a dynamic UDP port number that is assigned automatically during installation.
Oracle Real Application Clusters (Cluster Interconnect: Windows only) uses port 11000/TCP
Oracle Real Application Clusters (Local Host: Windows only) uses port 61000/TCP
Oracle SQL*Net Listener uses port 1521/TCP for Oracle client connections to the database over Oracle's SQL*Net protocol.

SOURCE

https://docs.oracle.com/en/database/oracle/oracle-database/12.2/rilin/port-numbers-and-protocols-of-oracle-components.html#GUID-D168F70C-BECE-4F9A-B616-D9103A35F1FF
Share:

Monday, April 8, 2019

What is the minimum number of passes in a DOD-Level Data Wipe?

What is the minimum number of passes in a DOD-Level Data Wipe?

  • Three
  • Five
  • Six
  • Two 

EXPLANATION

How Does a DOD-Level Data Wipe Work? Three Pass Overwrite
A three pass overwrite means that the data is overwritten with a set of characters three times. There is a verification pass as well to check that all the data on the drive has been overwritten.
There is a standard process for the three pass overwrite: a single pass with a “0” character, followed by a single pass with a “1” character, and a final pass with a random character.
Seven Pass Overwrite
Like the three pass overwrite, the seven pass pattern overwrites the data many times with a specific pattern of characters.
The standard seven pass process is: a “0” character pass, a “1” character pass, random character pass, a second random character pass, a “0” character pass, a “1” character pass, and a random character pass before the final verification pass.

SOURCE

http://www.reliant-technology.com/storage_blog/dod-data-wipe-standards/
Share:

Friday, April 5, 2019

Which of the following is a step used to harden a database application?


Which of the following is a step used to harden a database application?

Disabling default accounts and changing passwords
Enabling all services
Disabling SQL
Disabling stored procedures 
Which of the following is a step used to harden a database application?

EXPLANATION

Application hardening, which includes hardening database applications, consists of disabling default accounts and changing default passwords.
Application hardening includes disabling unnecessary services, not enabling all of them. You shouldn't disable SQL in a database application. Stored procedures increase performance, which can help prevent SQL injection attacks and shouldn't be disabled.
Share:

Thursday, April 4, 2019

What port does SMTP traffic use by default?

What port does SMTP traffic use by default?

25
21
443
80 
What port does SMTP traffic use by default?

EXPLANATION

SMTP (Simple Mail Transfer Protocol) traffic flows across TCP port 25. Some ISPs block end users from sending via this port in an effort to reduce spam and it seems to be working.
 
Share:

Wednesday, April 3, 2019

When called without an argument, which of the following returns the SQL Server login of the current security context.

When called without an argument, which of the following returns the SQL Server login of the current security context.

  • SUSER_SNAME()
  • SUSER_SID()
  • ORIGINAL_LOGIN()
  • USER_NAME() 

 
When called without an argument, which of the following returns the SQL Server login of the current security context.

EXPLANATION

SUSER_SNAME() - returns the login of the current security context.

ORIGINAL_LOGIN() - returns login of original connection context. It is not affected by context-switching.

USER_NAME() - returns the database user name of the current security context.

SUSER_SID() - Returns the Security Identifier (SID) of the current security context.

SQL Server has system-level logins and database users. While they often have the same username, they are distinct from one another. Logins are needed to gain access and set system-level permissions to SQL Server, while Users are needed for access and permissions to specific databases.

The current security context in SQL Server can be changed, known as context-switching or impersonation, with the use of the EXECUTE AS and REVERT statements in a script or batch.

Additional reading:
SQL Server Security Principals - https://docs.microsoft.com/en-us/sql/relational-databases/security/authentication-access/principals-database-engine?view=sql-server-2017
Context-switching - https://sqlity.net/en/1783/changing-security-context-execute-revert/

SOURCE

https://docs.microsoft.com/en-us/sql/t-sql/functions/security-functions-transact-sql?view=sql-server-2017
Share:

Popular Posts