Which of the following abbreviations stands for the complete (absolute) domain name for a specific host on the domain or internet?

Which of the following abbreviations stands for the complete (absolute) domain name for a specific host on the domain or internet?

• FQDN
• FDN
• WWW
• CDN 

EXPLANATION

The term “fully qualified domain name”, FQDN for short, refers to the complete and unique address of an internet presence. It consists of the host name and the domain, and is used to locate specific hosts online and access them using name resolution.

Domain names are used to identify one or more IP addresses. For example, the domain name microsoft.com represents about a dozen IP addresses. Domain names are used in URLs to identify particular Web pages. For example, in the URL https://quiz.techlanda.com, the domain name is quiz.techlanda.com

Read More

At startup, a computer will perform a POST. What does POST stand for?

At startup, a computer will perform a POST. What does POST stand for?

• Power-on service template
• Pentium-on self test
• Power-on self-test
• Process-on start task 

EXPLANATION

POST stands for "Power On Self Test." It is a diagnostic program built into the computer's hardware that tests different hardware components before the computer boots up. ... If any of these tests fail, the POST process will return an error message.

Read More

What is the default security mode of Bluetooth devices?

What is the default security mode of Bluetooth devices?

• Mobile policy serve
• Mode 3, enforce link encryption for all traffic
• Mode 2, leaving security up to each application
• Mode 1, "non-secure" mode [By default]

EXPLANATION

Security Features of Bluetooth BR/EDR/HS

Cumulatively, the family of Bluetooth BR/EDR/HS specifications definesfour security modes.Each Bluetooth device must operate in one of thesemodes, called Security Modes 1 through 4.These modes dictate when a Bluetooth device initiates security, not whether it supports security features

Security Mode 1devices are considered non-secure.Security functionality (authentication and encryption) is never initiated, leaving the device and connections susceptible to attackers.In effect, Bluetooth devices in this modeare “indiscriminate” and do not employ any mechanisms to prevent other Bluetooth-enabled devices from establishing connections.However, if a remote deviceinitiates security—such as apairing, authentication, or encryptionrequest—a Security Mode 1 device will participate.Per their respective Bluetooth specification versions, all v2.0 and earlier devices can support Security Mode 1,andv2.1 and later devices can use Security Mode 1 for backward compatibility with older devices.However, NIST recommends never using Security Mode 1. 

In Security Mode 2, a service level-enforced security mode, security procedures may beinitiated after link establishment but before logicalchannel establishment.For this security mode, a local security manager (as specified in the Bluetooth architecture) controls access to specific services.The centralized security manager maintains policies for access control and interfaces with other protocols and device users.Varying security policies and trust levels to restrict access can be defined for applications with different security requirements operating in parallel. It is possible to grant access to some services without providing access to other services.In this mode, the notion of authorization—the process of deciding whether a specific device is allowed to have access to a specific service—is introduced.Typically Bluetooth service discovery can be performed prior to any security challenges (i.e.,authentication, encryption,and/orauthorization).However, all other Bluetooth services should requireall ofthose security mechanisms. 

It is important to note that the authentication and encryption mechanisms used for Security Mode 2 are implemented in the controller,as with Security Mode 3described below.All v2.0 and earlier devices can support Security Mode 2,butv2.1 and laterdevices can only support it for backward compatibility with v2.0 or earlier devices.

Security Mode 3isthe linklevel-enforced security mode, in which a Bluetooth device initiates security procedures before the physical linkis fully established.Bluetooth devices operating in Security Mode 3 mandate authentication and encryptionfor all connectionsto and from the device.Therefore, even service discovery cannot be performed until after authentication, encryption,and authorization havebeenperformed.Once a device has been authenticated, service-level authorization is not typically performedby a Security Mode 3 device. However, NIST recommends that service-levelauthorization should be performed to prevent “authentication abuse”—that is, an authenticated remote device using aBluetooth service without the local device owner’s knowledge. 

All v2.0 and earlier devices can support Security Mode 3,but v2.1 and later devices can only support it for backward compatibilitypurposes.

Similar to Security Mode 2, Security Mode 4 (introduced in Bluetooth v2.1 + EDR) is a service-level-enforced security mode in which security procedures are initiated after physical and logical link setup.Security Mode 4 uses Secure Simple Pairing(SSP),in which Elliptic Curve Diffie-Hellman (ECDH) key agreement replaceslegacy key agreementfor link key generation(see Section 3.1.1).However, the device authentication and encryption algorithms are identical to the algorithms in Bluetooth v2.0 + EDRand earlier versions.Security requirements for services protected by Security Mode 4 must be classified as one of the following:

• Authenticated link key required
• Unauthenticated link key required
• No security required. 

 Whether or not a link key is authenticated depends on the SSPassociation model used(see Section 3.1.1.2).Security Mode 4 requires encryption for all services (except Service Discovery) and is mandatory for communication between v2.1 andlaterBR/EDR devices.However, for backward compatibility, a Security Mode 4 device can fall back to any of the other three Security Modes when communicating with Bluetooth v2.0 and earlier devices that do notsupport Security Mode 4.In this case, NIST recommends using Security Mode 3.

The remainder of this section discusses specific Bluetooth security componentsin more detail—pairing and link key generation, authentication, confidentiality, and other Bluetooth security features. 

Read More

Which one of the following is an example of phishing?

Which one of the following is an example of phishing?

• An email directing the recipient to enter personal details on afake website.
• An email directing the recipient to forward the email tofriends.
• An email warning the recipient of a computer virus threat.
• An email directing the recipient to download an attachment. 

 

EXPLANATION

Phishing is a cybercrime in which a target or targets are contacted by email,
telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.
The information is then used to access important accounts and can result in identity theft and financial loss.

SOURCE

http://www.phishing.org/what-is-phishing

Read More

Which of the following terms is used specifically to identify the entity created when encapsulating data inside data link layer headers and trailers?

Which of the following terms is used specifically to identify the entity created when encapsulating data inside data link layer headers and trailers?

• Frame
• Hitching
• Segment
• Packet 

 

EXPLANATION

Encapsulation of data occurs through each layer of the TCP/IP Networking model.
Each layer adds a header to the data it receives from the layer above it. At the Transport Layer, the encapsulated data is called a Segment. At the Network Layer, the encapsulated data is called a Packet. At the Data Link Layer, the encapsulated data is called a Frame.

SOURCE

https://www.ccnahub.com/ip-fundamentals/understanding-data-link-layer-encapsulation/

Read More

What is something that generally wouldn't help with avoiding Trojan infections on Symbian-based devices?

What is something that generally wouldn't help with avoiding Trojan infections on Symbian-based devices?

• Upgrade your device every 12 months
• Use mobile security software
• Keep firmware and OS versions up to date.
• Install only Symbian-signed or trusted programs 

EXPLANATION

A Trojan is a program that looks genuine but has a disruptive agenda. The motive behind designing a Trojan is to get access to data inside a person’s computer.
It gives access to your most sensitive data that may include credit card information. This is done by creating a backdoor. You can protect yourself against Trojans by downloading software and programs that come from known and verified sources, and not obtained by a random search on the Internet.

 

Read More

Which feature was first included by default in PowerShell version 5?

Which feature was first included by default in PowerShell version 5?

• PowerShellGet
• Desired State Configuration
• Workflow
• Automatic module import 

EXPLANATION

New features in Windows PowerShell Desired State Configuration

• Windows PowerShell language enhancements let you define Windows PowerShell Desired State Configuration (DSC) resources by using classes. Import-DscResource is now a true dynamic keyword; Windows PowerShell parses the specified module’s root module, searching for classes that contain the DscResource attribute. You can now use classes to define DSC resources, in which neither a MOF file nor a DSCResource subfolder in the module folder is required. A Windows PowerShell module file can contain multiple DSC resource classes.
• A new parameter, ThrottleLimit, has been added to the following cmdlets in the PSDesiredStateConfiguration module. Add the ThrottleLimit parameter to specify the number of target computers or devices on which you want the command to work at the same time.
  • Get-DscConfiguration
  • Get-DscConfigurationStatus
  • Get-DscLocalConfigurationManager
  • Restore-DscConfiguration
  • Test-DscConfiguration
  • Compare-DscConfiguration
  • Publish-DscConfiguration
  • Set-DscLocalConfigurationManager
  • Start-DscConfiguration
  • Update-DscConfiguration
• With centralized DSC error reporting, rich error information is not only logged in the event log, but it can be sent to a central location for later analysis. You can use this central location to store DSC configuration errors that have occurred for any server in their environment. After the report server is defined in the meta-configuration, all errors are sent to the report server, and then stored in a database. You can set up this functionality regardless of whether or not a target node is configured to pull configurations from a pull server.
• Improvements to Windows PowerShell ISE ease DSC resource authoring. You can now do the following.
  • List all DSC resources within a configuration or node block by entering Ctrl+Space on a blank line within the block.
  • Automatic completion on resource properties of the enumeration type.
  • Automatic completion on the DependsOn property of DSC resources, based on other resource instances in the configuration.
  • Improved tab completion of resource property values.
• A new DscLocalConfigurationManager attribute designates a configuration block as a meta-configuration, which is used to configure the DSC Local Configuration Manager. This attribute restricts a configuration to containing only items which configure the DSC Local Configuration Manager. During processing, this configuration generates a *.meta.mof file that is then sent to the appropriate target nodes by running the Set-DscLocalConfigurationManager cmdlet.
• Partial configurations are now allowed in Windows PowerShell 5.0. You can deliver configuration documents to a node in fragments. For a node to receive multiple fragments of a configuration document, the node’s Local Configuration Manager must be first set to specify the expected fragments
• Cross-computer synchronization is new in DSC in Windows PowerShell 5.0. By using the built-in WaitFor* resources (WaitForAll, WaitForAny, and WaitForSome), you can now specify dependencies across computers during configuration runs, without external orchestrations. These resources provide node-to-node synchronization by using CIM connections over the WS-Man protocol. A configuration can wait for another computer’s specific resource state to change.
• Just Enough Administration (JEA), a new delegation security feature, leverages DSC and Windows PowerShell constrained runspaces to help secure enterprises from data loss or compromise by employees, whether intentional or unintentional. For more information about JEA, including where you can download the xJEA DSC resource, seeJust Enough Administration, Step by Step.
• The following new cmdlets have been added to the PSDesiredStateConfiguration module.
  • A new Get-DscConfigurationStatus cmdlet gets high-level information about configuration status from a target node. You can obtain the status of the last, or of all configurations.
  • A new Compare-DscConfiguration cmdlet compares a specified configuration with the actual state of one or more target nodes.
  • A new Publish-DscConfiguration cmdlet copies a configuration MOF file to a target node, but does not apply the configuration. The configuration is applied during the next consistency pass, or when you run the Update-DscConfiguration cmdlet.
  • A new Test-DscConfiguration cmdlet lets you verify that a resulting configuration matches the desired configuration, returning either True if the configuration matches the desired configuration, or False if the actual configuration does not match the desired configuration.
  • A new Update-DscConfiguration cmdlet forces a configuration to be processed. If the Local Configuration Manager is in pull mode, the cmdlet gets the configuration from the pull server before applying it.

Read More