What does the acronym DDR stand for?

What does the acronym DDR stand for?

• Direct Data Replication
• Double Data Rate
• Double Diet Rampage
• Direct Duplication Requirement

EXPLANATION

In computing, a computer bus operating with double data rate transfers data on both the rising and falling edges of the clock signal. This is also known as double pumped, dual-pumped, and double transition. The term toggle mode is used in the context of NAND flash memory.

SOURCE

https://en.wikipedia.org/wiki/Double_data_rate

Read More

CentOS is to RedHat Enterprise Linux as Elementary OS is to......?

CentOS is to RedHat Enterprise Linux as Elementary OS is to......?

• Fedora
• Mint
• Ubuntu
• Scientific

EXPLANATION

Scientific Linux is an Enterprise Linux rebuild sponsored by Fermi National Accelerator Laboratory.


Fedora is a Linux distribution developed by the community-supported Fedora Project and sponsored by Red Hat. Fedora contains software distributed under various free and open-source licenses and aims to be on the leading edge of such technologies. Fedora is the upstream source of the commercial Red Hat Enterprise Linux distribution

SOURCE

https://en.wikipedia.org/wiki/Fedora_(operating_system)

Read More

How do you get the status of anti-malware software in your system using Powershell

How do you get the status of anti-malware software in your system using Powershell

• Get-ComputerStatusMalpro
• Get-MpComputerStatus
• Get-MpStatus
• Get-MalproComputer

EXPLANATION

The Defender module is only supported on Windows 8.1, Windows 10, Server 2012 R2 and Server 2016 TP.

Gets the status of antimalware software on the computer.

Syntax

PowerShell

Get-MpComputerStatus
   [-CimSession <CimSession[]>]
   [-ThrottleLimit <Int32>]
   [-AsJob]
   [<CommonParameters>]

Description

The Get-MpComputerStatus cmdlet gets the status of antimalware software installed on the computer.

Examples

Example 1: Get the computer status

PowerShell

PS C:\> Get-MpComputerStatus
AMEngineVersion                 : 1.1.9700.0
AMProductVersion                : 4.3.9463.0
AMServiceEnabled                : True
AMServiceVersion                : 4.3.9463.0
AntispywareEnabled              : True
AntispywareSignatureAge         : 0
AntispywareSignatureLastUpdated : 7/30/2013 3:01:45 AM
AntispywareSignatureVersion     : 1.155.1107.0
AntivirusEnabled                : True
AntivirusSignatureAge           : 0
AntivirusSignatureLastUpdated   : 7/30/2013 3:01:45 AM
AntivirusSignatureVersion       : 1.155.1107.0
BehaviorMonitorEnabled          : True
ComputerID                      : A69DA5B8-06B3-4A00-B2C1-D18ED66BAD40
ComputerState                   : 0
FullScanAge                     : 4294967295
FullScanEndTime                 :
FullScanStartTime               :
IoavProtectionEnabled           : True
LastFullScanSource              : 0
LastQuickScanSource             : 2
NISEnabled                      : False
NISEngineVersion                : 2.1.9700.0
NISSignatureAge                 : 0
NISSignatureLastUpdated         : 7/30/2013 1:30:46 PM
NISSignatureVersion             : 106.0.0.0
OnAccessProtectionEnabled       : True
QuickScanAge                    : 0
QuickScanEndTime                : 7/30/2013 1:50:24 PM
QuickScanStartTime              : 7/30/2013 1:49:15 PM
RealTimeProtectionEnabled       : True
RealTimeScanDirection           : 0

This command gets the status of antimalware protection software installed on the computer.

SOURCE

https://docs.microsoft.com/en-us/powershell/module/defender/Get-MpComputerStatus?view=win10-ps

Read More

In terms of digital information storage which of the following is a multiple of a bit?

In terms of digital information storage which of the following is a multiple of a bit?

• overbite
• zebibit
• cubit
• weebit

EXPLANATION

Zetta- and Zebi-

• Zettabit. A unit of information or storage abbreviated Zbit or Zb. One zettabit most typically equals 10²¹ or 1,000,000,000,000,000,000,000 bits (one sextillion or one trilliard in long scale measure*). Note: Zettabit is not yet used; thought it’s only a matter of time before it is.
• Zebibit. A unit of information or storage abbreviated Zibit or Zib. This is the absolute binary measure equaling 1,180,591,620,717,411,303,424 (2⁷⁰) bits. Use it when precision is needed. Note: Zebibit is not yet used; thought it’s only a matter of time before it is.
• Zettabyte. A unit of information or storage abbreviated ZB. Again, there are/will be confusing interpretations for this term for different contexts (also see the more general discussion above).
• 1,000,000,000,000,000,000,000 bytes (10²¹) when used in a networking context, clocks, or performance measures.
• 1,180,591,620,717,411,303,424 (2⁷⁰) bytes. This definition is used for memory, file and formatted disk size, and other contexts where binary notation fits better.
• Zebibyte. A unit of information or storage abbreviated ZiB. This is the specific measure of the binary representation of 1,180,591,620,717,411,303,424 (2⁷⁰) bytes. When precision is demanded, this is the term to use.

SOURCE

https://www.cknow.com/cms/ref/bits-bytes-and-multiple-bytes.html

Read More

XML is a widely used data format used in everything from web services to documents to images. Where XML is used, there must be an XML parser. Which type of attack takes advantage of a widely available feature of XML parsers?

XML is a widely used data format used in everything from web services to documents to images. Where XML is used, there must be an XML parser. Which type of attack takes advantage of a widely available feature of XML parsers?

• XML Entropy Scoping (XXS)
• XML Extra Sanitizing (XXS)
• XML Extensive Threads (XXT)
• XML External Entities (XXE) 

EXPLANATION

An XML External Entity (XXE) attack (sometimes called an XXE injection attack) is based on Server Side Request Forgery (SSRF). This type of attack abuses a widely available but rarely used feature of XML parsers. Using XXE, an attacker is able to cause Denial of Service (DoS) as well as access local and remote content and services.

SOURCE

https://www.acunetix.com/blog/articles/xml-external-entity-xxe-vulnerabilities/

Read More

Which of these would be a good way to mitigate against some of the most common security misconfigurations?

Which of these would be a good way to mitigate against some of the most common security misconfigurations?

• Have a patch management process that includes a task to check current vulnerability databases.
• Have a patch management process that includes a task to back up critical drives.
• Have a patch management process that includes a task to review and update configurations.
• Have a patch management process that includes a task to reboot servers monthly. 

EXPLANATION

 

Patch Priority	System patch distribution shall begin by:	System patch installation/application shall be completed by:
Critical	Distribution shall begin within 72 hours of patch availability.	100% of systems - 30 days
High	Distribution shall begin within 5 business days of patch availability.	100% of systems - 30 days
Medium	Distribution shall begin within 30 calendar days of patch availability.	100% of systems - 90 days
Low	Distribution shall begin within 90 calendar days of patch availability.	100% of systems - 150 days

 

 

Read More

Which one of the following is not a legitimate form of Cross-Site Scripting?

Which one of the following is not a legitimate form of Cross-Site Scripting?

• Bypass XXS
• DOM XXS
• Stored XXS
• Reflected XXS 

EXPLANATION

There are several types of Cross-site Scripting attacks: stored/persistent XSS, reflected/non-persistent XSS, and DOM-based XSS. You can read more about them in an article titled Types of XSS.

SOURCE

https://www.acunetix.com/websitesecurity/cross-site-scripting/

Read More