Which of the following is not an example of a denial-of-service attack?

Which of the following is not an example of a denial-of-service attack?

• Fraggle
• Smurf
• Teardrop
• Roadrunner 

EXPLANATION

 Smurf / Smurfing

When conducting a smurf attack, attackers will use spoof their IP address to be the same as the victim’s IP address. This will cause great confusion on the victim’s network, and a massive flood of traffic will be sent to the victim’s networking device, if done correctly.

Most firewalls protect against smurf attacks, but if you do notice one, there are several things you can do. If you have access to the router your network or website is on, simply tell it to not forward packets to broadcast addresses. In a Cisco router, simply use the command: no ip directed-broadcast.

This won’t necessarily nullify the smurf attack, but it will greatly reduce the impact and also prevent your network or website from attacking others by passing on the attack. Optionally, you could upgrade your router to newer Cisco routers, which automatically filter out the spoofed IP addresses that smurf attacks rely on.

Fraggle

A Fraggle attack is exactly the same as a smurf attack, except that it uses the user datagram protocol, or UDP, rather than the more common transmission control protocol, or TCP. Fraggle attacks, like smurf attacks, are starting to become outdated and are commonly stopped by most firewalls or routers.

If indeed you think you are being plagued by a fraggle attack, simply block the echo port, located at port 7. You may also wish to block port 19, which is another commonly used fraggle exploitable port. This attack is generally less powerful than the smurf attack, since the TCP protocol is much more widely used than the UDP protocol.

Teardrop

In the teardrop attack, packet fragments are sent in a jumbled and confused order. When the receiving device attempts to reassemble them, it obviously won’t know how to handle the request. Older versions of operating systems will simply just crash when this occurs.

Operating systems such as Windows NT, Windows 95, and even Linux versions prior to version 2.1.63 are vulnerable to the teardrop attack. As stated earlier, upgrading your network hardware and software is the best way to stay secure from these types of attacks.

Fraggle, Smurf, and Teardrop are all actual denial-of-service attacks. Roadrunner is not.

Read More

Which of the following is the main purpose of a parked CPU core?

Which of the following is the main purpose of a parked CPU core?

• Saves Power
• Increase performance of applications
• Reserves CPU core for specific application process
• To prolong the lifespan of the CPU 

 

EXPLANATION

This process essentially puts your CPU cores in a sleep state, and wakes them up when an application depends on higher core usage. Majority of the time this is left enabled unless your a power user or a gamer. It can increase performance slightly for those situations. On some processors, this option cannot be disabled.

SOURCE

https://ttcshelbyville.wordpress.com/2013/12/29/what-is-core-parking-and-should-you-adjust-it/

Read More

In Vmware, what file extension does the disk descriptor file use?

In Vmware, what file extension does the disk descriptor file use?

• .vmtm
• .vmx
• .vmdk
• .vmdf 

EXPLANATION

The correct answer is .VMDK.
Two files can have this extension, the disk descriptor file and the flat vmdk file.
Source : https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&external...
Source : http://cdn.ttgtmedia.com/digitalguide/images/Misc/anatomy_avm_4.jpg

Read More

What do you call the feature in packet-based data transmission protocols (Like TCP) that governs the amount of data (number of packets) the receiver is able to accept from the sender?

What do you call the feature in packet-based data transmission protocols (Like TCP) that governs the amount of data (number of packets) the receiver is able to accept from the sender?

• Sequence Number
• Jitter
• CiDR
• Sliding Window 

EXPLANATION

The sliding window feature informs the sender how much data (packets) the receiver can accept.  Since networks are dynamic and are prone to congestion this number fluctuates depending on a number of variables.  Essentially if my PC is sending a file to the server it may send 10 packets out of 20,000 to start the transfer.  If the server was able to receive all of those packets it may request more.
 This will continue until the server either can't accept more because its buffer is full or some packets were missed because of congestion.  The sender will then retransmit missed packets and begin to scale down the window until the server and the receiver are in sync.  This back and forth continues to the end of the transfer.
https://www.google.com/search?num=50&q=sliding+window+protocol&oq=Sliding+Window+pr&gs_l...

Read More

What is cgroups in modern Linux kernels?

What is cgroups in modern Linux kernels?

• A set of tools for paravirtualization
• A feature that isolates and limits resource usage of processes
• A friendly IPtables manager written in C
• A collection of tools that prevents malware using mandatory access controls policies 

 

EXPLANATION

Cgroups (abbreviated from control groups) is a Linux kernel feature that limits, accounts for, and isolates the resource usage (CPU, memory, disk I/O, network, etc.) of a collection of processes.
If you are using Docker give it a try! This may be useful for hungry Java apps ;)
See more at Wikipedia and kernel.org

Read More

What is the default TCP port used by Microsoft SQL server?

What is the default TCP port used by Microsoft SQL server?

• 1433
• 3389
• 1723
• 987

EXPLANATION

The default (and IANA official port) for Microsoft SQL Server is TCP 1433.
Port 3389 is the default port for Microsoft RDP.
Port 1723 is the default port for PPTP VPN.
Port 987 is used by the Companyweb sharepoint site on Microsoft Small Business Server 2008 and later.

SOURCE

https://msdn.microsoft.com/en-us/library/cc646023.aspx

Read More

You can use which of the following to inject massive amounts of random data into a program or protocol stack for bug detection?

You can use which of the following to inject massive amounts of random data into a program or protocol stack for bug detection?

• Cross-site scripting
• Fuzzing
• Cross-site request forgery
• Input validation 

EXPLANATION

You can use fuzzing to inject semi-random data into a program or protocol stack in order to detect bugs.

Fuzz testing or Fuzzing is a Black Box software testing technique, which basically consists in finding implementation bugs using malformed/semi-malformed data injection in an automated fashion.

Fuzz testing was developed at the University of Wisconsin Madison in 1989 by Professor Barton Miller and his students. Their (continued) work can be found at http://www.cs.wisc.edu/~bart/fuzz/ ; it's mainly oriented towards command-line and UI fuzzing, and shows that modern operating systems are vulnerable to even simple fuzzing.

Read More