Exploits of generally unknown vulnerabilities that typically don't have patches yet are called:

Exploits of generally unknown vulnerabilities that typically don't have patches yet are called:

• Fast response
• Unrecognized threat
• Quick acting
• Zero-day 

EXPLANATION

A zero-day vulnerability is a computer-software vulnerability that is unknown to those who would be interested in mitigating the vulnerability. Until the vulnerability is mitigated, hackers can exploit it to adversely affect computer programs, data, additional computers or a network. An exploit directed at a zero-day vulnerability is called a zero-day exploit, or zero-day attack.

 Things to remember about zero-day vulnerabilities. Keep your software up-to-date to help protect yourself against a zero-day vulnerability. Check for a solution when a zero-day vulnerability is announced. Most software vendors work quickly to patch a security vulnerability. Don't underestimate the threat.

Read More

An often secret or hidden method of bypassing security mechanisms is known as a:

An often secret or hidden method of bypassing security mechanisms is known as a:

• Backdoor
• Trick door
• Secret passage
• Pass through 

EXPLANATION

A backdoor is a method, often secret, of bypassing normal authentication or encryption in a computer system, a product, or an embedded device, or its embodiment, e.g. as part of a cryptosystem, an algorithm, a chipset, or a "homunculus computer". Backdoors are often used for securing remote access to a computer, or obtaining access to plaintext in cryptographic systems.

Read More

What kind of attack comes from many sources and overwhelms a server, making it unavailable?

What kind of attack comes from many sources and overwhelms a server, making it unavailable?

• Man in the middle
• DDoS
• Identity spoofing
• Watering hole 

 

EXPLANATION

A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. They target a wide variety of important resources, from banks to news websites, and present a major challenge to making sure people can publish and access important information.

$150 can buy a week-long DDoS attack on the black market. TrendMicro Research

 

More than 2000 daily DDoS Attacks are observed world-wide by Arbor Networks. ATLAS Threat Report

 

1/3 of all downtime incidents are attributed to DDoS attacks. Verisign/Merril Research

Building Capacity

Attackers build networks of infected computers, known as 'botnets', by spreading malicious software through emails, websites and social media. Once infected, these machines can be controlled remotely, without their owners' knowledge, and used like an army to launch an attack against any target. Some botnets are millions of machines strong. 

 

 

Read More

What type of software monitors networks or systems for malicious activities or policy violations?

What type of software monitors networks or systems for malicious activities or policy violations?

• Anti-malware
• Antivirus
• Intrusion detection system
• Home security system 

EXPLANATION

Intrusion Detection Systems

 An intrusion detection system is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station.

An intrusion detection system is a device or software application that monitors a network or systems for malicious activity or policy violations. Any malicious activity or violation is typically reported either to an administrator or collected centrally using a security information and event management system. A SIEM system combines outputs from multiple sources, and uses alarm filtering techniques to distinguish malicious activity from false alarms.

 

Read More

What technology is used to monitor and manage Windows servers?

What technology is used to monitor and manage Windows servers?

• POP3
• WMI
• LMP
• IMAP 

EXPLANATION

 About WMI

Windows Management Instrumentation (WMI) is the Microsoft implementation of Web-Based Enterprise Management (WBEM), which is an industry initiative to develop a standard technology for accessing management information in an enterprise environment. WMI uses the Common Information Model (CIM) industry standard to represent systems, applications, networks, devices, and other managed components. CIM is developed and maintained by the Distributed Management Task Force (DMTF).

Note

The next-generation of WMI, known as the Windows Management Infrastructure (MI), is currently available. MI is fully compatible with previous versions of WMI, and provides a host of features and benefits that make designing and developing providers and clients easier than ever. For example, many newer providers are written using the MI framework, but can be accessed using WMI scripts and applications. For more information about the differences between the two technologies, see Why Use MI?

Managing Remote Computer Systems with WMI

The ability to obtain management data from remote computers is what makes WMI useful. Remote WMI connections are made through DCOM. An alternative is to use Windows Remote Management (WinRM), which obtains remote WMI management data using the WS-Management SOAP-based protocol.

Read More

What protocol is commonly used to connect to and monitor Linux servers?

What protocol is commonly used to connect to and monitor Linux servers?

• SSH
• SSL
• SMS
• PGP 

 

EXPLANATION

 SSH, or Secure Shell, is a protocol used to securely log onto remote systems. It is the most common way to access remote Linux and Unix-like servers. In this guide, we will discuss how to use SSH to connect to a remote system. Basic Syntax. The tool on Linux for connecting to a remote system using SSH is called, unsurprisingly, ssh.

Basic Syntax

The tool on Linux for connecting to a remote system using SSH is called, unsurprisingly, ssh.
The most basic form of the command is:

ssh remote_host

The remote_host in this example is the IP address or domain name that you are trying to connect to.
This command assumes that your username on the remote system is the same as your username on your local system.
If your username is different on the remote system, you can specify it by using this syntax:

ssh remote_username@remote_host

Once you have connected to the server, you will probably be asked to verify your identity by providing a password.
Later, we will cover how to generate keys to use instead of passwords.
To exit back into your local session, simply type:

exit

Read More

Which of these is NOT a core function of a mobile device management product?

Which of these is NOT a core function of a mobile device management product?

• Authentication
• Remote wipe of device
• Device location
• Anti-malware 

EXPLANATION

 Anti-malware is any resource that protects computers and systems against malware, including viruses, spyware and other harmful programs. 

Anti-malware resources are comprehensive solutions that maintain computer security and protect sensitive data that is transmitted by a network or stored on local devices. Anti-malware tools often include multiple components, including anti-spyware and phishing tools, as well as antivirus solutions for prominent viruses, which are isolated and identified by security resources.

Anti-malware tools may employ scanning, strategies, freeware or licensed tools to detect rootkits, worms, Trojans and other types of potentially damaging software. Each type of malware resource carries its own interface and system requirements, which impact user solutions for a given device or system.

Read More