Which is the disk size of a 4 Gb pen drive?
- Same as 4GB
- 4096 MB
- 512 MB
- 4000 MB
EXPLANATION
multiply the digital storage value by 1000
1000 x 4 = 4000
Which is the disk size of a 4 Gb pen drive?
Monday, December 30, 2019
Which of the following IP addresses can be classified as a private IP address?
Which of the following IP addresses can be classified as a private IP address?
- 192.128.0.1
- 10.255.255.3
- 200.192.32.15
- 172.31.15.2
EXPLANATION
| Class | Private Networks | Subnet Mask |
|---|---|---|
| A | 10.0.0.0 | 255.0.0.0 |
| B | 172.16.0.0 - 172.31.0.0 | 255.240.0.0 |
| C | 192.168.0.0 | 255.255.0.0 |
Which statement is INCORRECT about penetration testing?
Which statement is INCORRECT about penetration testing?
- It is an unintentional attack?
- Pen testing does discover security flaws/weaknesses?
- Pen testing is used for security assessments?
- Pen testing improves the security of the system?
EXPLANATION
A pentest is an intentional attack on a system using the pen testing skills to improve the defense strategy.
Unintentional, insider-originated security breaches are the result of
simple negligence, inattention, or lack of education. Unintentional
mistakes such as a system administrator errors, operator errors and
programming errors for example, are common.
What does SSID stand for?
What does SSID stand for?
- Secure Service Identifier
- Security Set Identifier
- Service Security Identifier
- Service Set Identifier
EXPLANATION
The SSID (Service Set IDentifier) is the name of a wireless network.
The SSID (Service Set IDentifier) is the name of a wireless network.
If a router can create more than one network, then each can have its
own name/SSID. Whether each should have its own name is a debatable issue, but not a security one.
You should change the default SSID(s), for a couple reasons, one technical one not.
Using a default or common SSID, can make it easier for bad guys to crack the WPA2 encryption. The network name is part of the encryption algorithm, and password cracking dictionaries (rainbow tables) include common SSIDs. Thus, a popular SSID makes the hacker’s job easier.
On a totally different level, you don't appear to be technically clueless. Anyone who has not changed the default network name is immediately pegged as a non-techie whose defenses are likely to be poor. There might as well be a "hack me" sign on the network.
I have seen others argue that changing an SSID that has the vendor name in it is good for security, as it hides the company that made your router. It does not. The identity of the hardware vendor is advertised for the world to see in the MAC address that the router broadcasts. Even if you change a default SSID of "Linksys" to "Netgear", anyone with a Wi-Fi survey app such as WiFi Analyzer on Android can tell that the router was made by Linksys.
You should change the default SSID(s), for a couple reasons, one technical one not.
Using a default or common SSID, can make it easier for bad guys to crack the WPA2 encryption. The network name is part of the encryption algorithm, and password cracking dictionaries (rainbow tables) include common SSIDs. Thus, a popular SSID makes the hacker’s job easier.
On a totally different level, you don't appear to be technically clueless. Anyone who has not changed the default network name is immediately pegged as a non-techie whose defenses are likely to be poor. There might as well be a "hack me" sign on the network.
I have seen others argue that changing an SSID that has the vendor name in it is good for security, as it hides the company that made your router. It does not. The identity of the hardware vendor is advertised for the world to see in the MAC address that the router broadcasts. Even if you change a default SSID of "Linksys" to "Netgear", anyone with a Wi-Fi survey app such as WiFi Analyzer on Android can tell that the router was made by Linksys.
Which is NOT a transport layer vulnerability?
Which is NOT a transport layer vulnerability?
- Unauthorized network access
- The vulnerability that allows "fingerprints" and other enumeration of host information
- Mishandling of undefined, poorly defined
- Overloading transport-layer mechanisms
EXPLANATION
The different vulnerabilities of the Transport layer are mishandling of
undefined, poorly defined,
Vulnerability that allow “fingerprinting” & other enumeration of host information, Overloading of transport-layer mechanisms etc. Unauthorized network access is an example of physical layer vulnerability.
Vulnerability that allow “fingerprinting” & other enumeration of host information, Overloading of transport-layer mechanisms etc. Unauthorized network access is an example of physical layer vulnerability.
