What is the default TCP port used by ORACLE SQL Developer

What is the default TCP port used by ORACLE SQL Developer

• 3389
• 8080
• 1521
• 1433 

EXPLANATION

4. Provide information for the following settings:

Role: This is the set of privileges to be associated with the connection. Accept default for this connection.OS Authentication: Leave this unchecked for this connection.Proxy Connection: Leave this unchecked for this connection.Hostname: This is the host system for the Oracle Database instance. Enter an IP address, a machine name, or localhost (when connecting to a database on the same machine as Oracle SQL Developer).
The default is localhost .Port: This is the listener port for the database. The default port for Oracle Database is 1521.SID: This is the system identifier, such as orcl (the default for Oracle Database 10g and Oracle Database 11g) or xe (the default for Oracle Database 10g Express Edition).Service name: This is the network service name of the database. Select either SID or Service name.

SOURCE

http://www.oracle.com/technetwork/issue-archive/2008/08-may/o38sql-102034.html

Read More

The term “ping” is short for:

The term “ping” is short for:

• Packet Information Generator
• Packet Tracking
• Process-Improvement Networking Group
• Packet Internet Groper 

EXPLANATION

It is often believed that "Ping" is an abbreviation for Packet Internet Groper, but Ping's author has stated that the names comes from the sound that a sonar makes.

 

Read More

In threat hunting, what China based APT group was exposed and dismantled by U.S. based security organization Mandiant?

In threat hunting, what China based APT group was exposed and dismantled by U.S. based security organization Mandiant?

• APT 3
• APT18
• APT 1
• APT 12 

EXPLANATION

2004, Mandiant has investigated computer security breaches at hundreds of organizations around the world. The majority of these security breaches are attributed to advanced threat actors referred to as the “Advanced Persistent Threat” (APT). We first published details about the APT in our January 2010 M-Trends report. As we stated in the report, our position was that “The Chinese government may authorize this activity, but there’s no way to determine the extent of its involvement.” Now, three years later, we have the evidence required to change our assessment. The details we have analyzed during hundreds of investigations convince us that the groups conducting these activities are based primarily in China and that the Chinese Government is aware of them.3Mandiant continues to track dozens of APT groups around the world; however, this report is focused on the most prolific of these groups. We refer to this group as “APT1” and it is one of more than 20 APT groups with origins in China. APT1 is a single organization of operators that has conducted a cyber espionage campaign against a broad range of victims since at least 2006. From our observations, it is one of the most prolific cyber espionage groups in terms of the sheer quantity of information stolen. The scale and impact of APT1’s operations compelled us to write this report.The activity we have directly observed likely represents only a small fraction of the cyber espionage that APT1 has conducted. Though our visibility of APT1’s activities is incomplete, we have analyzed the group’s intrusions against nearly 150 victims over seven years. From our unique vantage point responding to victims, we tracked APT1 back to four large networks in Shanghai, two of which are allocated directly to the Pudong New Area. We uncovered a substantial amount of APT1’s attack infrastructure, command and control, and modus operandi (tools, tactics, and procedures). In an effort to underscore there are actual individuals behind the keyboard, Mandiant is revealing three personas we have attributed to APT1. These operators, like soldiers, may merely be following orders given to them by others.Our analysis has led us to conclude that APT1 is likely government-sponsored and one of the most persistent of China’s cyber threat actors. We believe that APT1 is able to wage such a long-running and extensive cyber espionage campaign in large part because it receives direct government support. In seeking to identify the organization behind this activity, our research found that People’s Liberation Army (PLA’s) Unit 61398 is similar to APT1 in its mission, capabilities, and resources. PLA Unit 61398 is also located in precisely the same area from which APT1 activity appears to origina

Read More

What allows you to move the cursor on a screen?

What allows you to move the cursor on a screen?

• This one time, at band camp
• Mouse
• A series of well organised sausagerolls performing a electronic coup
• The feeling when you just know youve forgotten something but cant remember what. 

EXPLANATION

If your machine is equipped with arrow keys, try these now. You should be able to move the cursor freely about the screen by using combinations of the up, down, right, and left arrow keys.
...
Moving With Arrow Keys

• To move left, press h .
• To move right, press l .
• To move down, press j .
• To move up, press k .

 he cursor?

You can simply press Shift-right-arrow, and then start typing. In contrast, to these combination shift-arrow commands which move the cursor to the beginning and end of lines, the Ctrl-left-arrow and Ctrl-right-arrow keys move the screen image 20 spaces in the opposite direction to the arrow, without moving the cursor.

Read More

What is the command to resync a workstation's time to the NTP server?

What is the command to resync a workstation's time to the NTP server?

• w32tm /resync
• timeservice /update
• wintime /sync
• win / update -timeserver

EXPLANATION

 Run "cmd.exe" as administrator. w32tm /resync. Visually check that the seconds in the "Date and Time" control panel are ticking at the same time as your authoritative clock(s).

Read More

Which of these is NOT an OSI network layer?

Which of these is NOT an OSI network layer?

• The Security Layer
• The Transport Layer
• The Application Layer
• The Physical Layer 

EXPLANATION

The Open System Interconnection (OSI) model defines a networking framework to implement protocols in seven layers.
...
The 7 Layers of the OSI

1. Layer 1 - Physical.
2. Layer 2 - Data Link.
3. Layer 3 - Network.
4. Layer 4 - Transport.
5. Layer 5 - Session.
6. Layer 6 - Presentation.
7. Layer 7 - Application.

 

Read More

An admin is investigating an unusual amount of traffic originating from a 2016 Server to the internet. The first event log was ID 1102. The outbound traffic is traversing over ports commonly associated with DNS. These symptoms are known as what?

An admin is investigating an unusual amount of traffic originating from a 2016 Server to the internet. The first event log was ID 1102. The outbound traffic is traversing over ports commonly associated with DNS. These symptoms are known as what?

• Vulnerability
• Threat
• Risk
• Indicator of Comprimise (IoC) 

EXPLANATION

Yet another event type worth monitoring is related to event log clearing. Checking for event ID 104 in the System log whether it is cleared, while searching for 1102 in the Audit log does the same. But clearing the application log puts nothing in the application event log?  

Although the application log clear does not result in a log clear entry in the actual application log, it does write an entry to the system log which was previously mentioned.  Is clearing event logs considered a normal activity? Granted, the act may not always result from malicious intent, but it should be considered enough of a non-standard event that it warrants closer examination. When log clears are performed in conjunction with other events, it is clearly a great way to cover your tracks if you were previously creating services, making firewall rules changes, etc. In some cases, if a system is functioning on an island without log forwarding or any other outside communication, this singular event might be your only indication of a much larger issue.  But wait... There are several ways to clear out the log files. Let us examine several of them to see how they work and ensure our monitoring will detect them. Obviously using the Windows native method of clearing event logs (Figure 9) is going to generate the event IDs we are looking for above. Event ID 104 is created just as expected when clearing out the System log.   

Read More