Which is the disk size of a 4 Gb pen drive?
- Same as 4GB
- 4096 MB
- 512 MB
- 4000 MB
EXPLANATION
multiply the digital storage value by 1000
1000 x 4 = 4000
Which is the disk size of a 4 Gb pen drive?
Monday, December 30, 2019
Which of the following IP addresses can be classified as a private IP address?
Which of the following IP addresses can be classified as a private IP address?
- 192.128.0.1
- 10.255.255.3
- 200.192.32.15
- 172.31.15.2
EXPLANATION
| Class | Private Networks | Subnet Mask |
|---|---|---|
| A | 10.0.0.0 | 255.0.0.0 |
| B | 172.16.0.0 - 172.31.0.0 | 255.240.0.0 |
| C | 192.168.0.0 | 255.255.0.0 |
Which statement is INCORRECT about penetration testing?
Which statement is INCORRECT about penetration testing?
- It is an unintentional attack?
- Pen testing does discover security flaws/weaknesses?
- Pen testing is used for security assessments?
- Pen testing improves the security of the system?
EXPLANATION
A pentest is an intentional attack on a system using the pen testing skills to improve the defense strategy.
Unintentional, insider-originated security breaches are the result of
simple negligence, inattention, or lack of education. Unintentional
mistakes such as a system administrator errors, operator errors and
programming errors for example, are common.
What does SSID stand for?
What does SSID stand for?
- Secure Service Identifier
- Security Set Identifier
- Service Security Identifier
- Service Set Identifier
EXPLANATION
The SSID (Service Set IDentifier) is the name of a wireless network.
The SSID (Service Set IDentifier) is the name of a wireless network.
If a router can create more than one network, then each can have its
own name/SSID. Whether each should have its own name is a debatable issue, but not a security one.
You should change the default SSID(s), for a couple reasons, one technical one not.
Using a default or common SSID, can make it easier for bad guys to crack the WPA2 encryption. The network name is part of the encryption algorithm, and password cracking dictionaries (rainbow tables) include common SSIDs. Thus, a popular SSID makes the hacker’s job easier.
On a totally different level, you don't appear to be technically clueless. Anyone who has not changed the default network name is immediately pegged as a non-techie whose defenses are likely to be poor. There might as well be a "hack me" sign on the network.
I have seen others argue that changing an SSID that has the vendor name in it is good for security, as it hides the company that made your router. It does not. The identity of the hardware vendor is advertised for the world to see in the MAC address that the router broadcasts. Even if you change a default SSID of "Linksys" to "Netgear", anyone with a Wi-Fi survey app such as WiFi Analyzer on Android can tell that the router was made by Linksys.
You should change the default SSID(s), for a couple reasons, one technical one not.
Using a default or common SSID, can make it easier for bad guys to crack the WPA2 encryption. The network name is part of the encryption algorithm, and password cracking dictionaries (rainbow tables) include common SSIDs. Thus, a popular SSID makes the hacker’s job easier.
On a totally different level, you don't appear to be technically clueless. Anyone who has not changed the default network name is immediately pegged as a non-techie whose defenses are likely to be poor. There might as well be a "hack me" sign on the network.
I have seen others argue that changing an SSID that has the vendor name in it is good for security, as it hides the company that made your router. It does not. The identity of the hardware vendor is advertised for the world to see in the MAC address that the router broadcasts. Even if you change a default SSID of "Linksys" to "Netgear", anyone with a Wi-Fi survey app such as WiFi Analyzer on Android can tell that the router was made by Linksys.
Which is NOT a transport layer vulnerability?
Which is NOT a transport layer vulnerability?
- Unauthorized network access
- The vulnerability that allows "fingerprints" and other enumeration of host information
- Mishandling of undefined, poorly defined
- Overloading transport-layer mechanisms
EXPLANATION
The different vulnerabilities of the Transport layer are mishandling of
undefined, poorly defined,
Vulnerability that allow “fingerprinting” & other enumeration of host information, Overloading of transport-layer mechanisms etc. Unauthorized network access is an example of physical layer vulnerability.
Vulnerability that allow “fingerprinting” & other enumeration of host information, Overloading of transport-layer mechanisms etc. Unauthorized network access is an example of physical layer vulnerability.
In Windows 10, what are Active Hours
In Windows 10, what are Active Hours
- The number of hours Windows has been active.
- Windows will not auto-update during this time.
- Windows will not auto-reboot during this time.
- PC will not hibernate during this time.
EXPLANATION
Active Hours is a new update-related feature of the upcoming Anniversary Update for Windows 10
that is already available in the latest Insider Build. The main idea
behind the feature is to make operating system updates less annoying by
preventing automatic restarts of the system during active hours
What Protocol Does the Open-Source VNC Remote Desktop Application Use?
What Protocol Does the Open-Source VNC Remote Desktop Application Use?
- Remote Desktop Protocol (RDP)
- Open Source Screen Share (OSSS)
- Virtual Network Connect (VNC)
- Remote Frame Buffer (RFB)
EXPLANATION
RFB (“remote framebuffer”) is an open simple protocol for remote access to graphical user interfaces. Because it works at the framebuffer level it is applicable to all windowing systems and applications, including Microsoft Windows, macOS and the X Window System. RFB is the protocol used in Virtual Network Computing (VNC) and its derivatives.| Software | Protocols | Free for commercial use |
|---|---|---|
| TightVNC | RFB (VNC) | Yes |
| Timbuktu | Proprietary | Yes |
| TurboVNC | RFB (VNC) | Yes |
| UltraVNC | RFB (VNC) | Yes |
