kyou
  • WHOAMI
    • Robemar Aviles
  • Tryhackme
    • View
      • Advent of Cyber 2024
        • Day 01
        • Day 02
      • Boiler CTF
      • Anonymous
      • Archangel
      • Lian_Yu
      • Gaming Server
      • Chocolate Factory
      • Easy Peasy
      • Brute It
      • Ignite
      • Brooklyn Nine Nine
      • TryHack3M: Bricks Heist
      • Dreaming
      • Overpass 1
      • SQLMAP
      • Chill Hack
      • Year of the rabbit
      • Become a hacker
      • Golden Eye
      • Mr. Robot
      • Linux File System Analysis
      • Skynet
      • Fowsniff
      • Introduction to OWASP Zap
      • Brute Force Heroes
      • Game Zone
      • Lazy Admin
      • Bounty Hacker
      • OOB XXE
      • HackPark
      • Alfred
      • Windows Local Persistence
      • Hacking with PowerShell
      • Phishing
      • Python for Pentesters
      • Wireshark: The Basics
      • Hydra
      • Governance & Regulation
      • Junior Security Analyst Intro
      • Wonderland
      • Burp Suite: The Basics (Old)
      • Burp Suite: Extensions
      • Burp Suite: Other Modules
      • Burp Suite: Intruder
      • Net Sec Challenge
      • Nmap Post Port Scans
      • Nmap Advanced Port Scans
      • Nmap Basic Port Scans
      • Nmap Live Host Discovery
      • Protocols and Servers 2
      • Protocols and Servers
      • Command Injection
      • Cross-Site Scripting
      • Vulnerability Capstone
      • Exploit Vulnerabilities
      • Intro to SSRF
      • File Inclusion
      • IDOR
      • Authentication Bypass
      • Subdomain Enumeration
      • Windows Privilege Escalation
      • Steel Mountain
      • Upload Vulnerabilities
      • Blue
      • Looking Glass
      • Metasploit: Exploitation
      • Metasploit: Meterpreter
      • What the shell?
      • Common Linux Privesc
      • John The Ripper
      • Hashing - Crypto 101
      • Crack the hash
      • Res
      • Wireshark: The Basics
      • Network Services 2
      • Network Services
      • Break Out The Cage
      • Anthem
      • Ice
      • Startup
      • Kenobi
      • Bolt
      • Basic Pentesting
      • Linux Privilege Escalation
      • Source
      • Agent Sudo
      • Red Team Fundamentals
      • Red Team Engagement
      • Cyborg
      • Pre Security
        • OSI Model
        • Packets & Frames
        • Extending your network
        • Putting it all together
        • How websites work
      • Introduction to Cyber Security
        • Intro to Defensive Security
        • Careers in Cyber
        • Network Security
        • Security Operations
        • Operating System Security
  • Hack the box
    • View
      • Oopsie
      • Windows Fundamentals
      • Archetype
      • Bizness
      • Three
      • Redeemer
      • Dancing
      • Fawn
      • Meow
      • Responder
      • Crocodile
      • Sequel
      • Appointment
  • Academy HTB
    • View
      • Bug Bounty Hunter
        • Before exam
        • Exploits
          • HTML Injection
          • Cross-Site Scripting (XSS)
          • Cross-Site Request Forgery (CSRF)
          • SQL Injection
          • Local File Inclusion (LFI)
          • Remote File Inclusion
          • Command Injection
          • Insecure Direct Object Reference (IDOR)
          • XML External Entity (XXE)
        • Commands
          • curl
          • mysql
        • Web Requests
          • Hypertext Transfer Protocol (HTTP)
          • Hypertext Transfer Protocol Secure (HTTPS)
          • HTTP Requests and Responses
          • HTTP Headers
          • HTTP Methods and Codes
          • GET
          • POST
          • CRUD API
        • Introduction to Web Applications
          • Introduction
          • Web Application Layout
          • Front End vs. Back End
          • HTML
          • CSS
          • JavaScript
          • Sensitive Data Exposure
          • HTML Injection
          • Cross-Site Scripting (XSS)
          • Cross-Site Request Forgery (CSRF)
          • Back End Servers
          • Web Servers
          • Databases
          • Development Framework & APIs
          • Common Web Vulnerabilities
          • Public Vulnerabilities
          • Next Steps
        • Attacking Web Application with Ffuf
          • Introduction
          • Web Fuzzing
          • Directory Fuzzing
          • Page Fuzzing
          • Recursive Fuzzing
          • DNS Records
          • Sub-domain Fuzzing
          • Vhost Fuzzing
          • Filtering Results
          • Parameter Fuzzing - GET
          • Parameter Fuzzing - POST
          • Value Fuzzing
          • Skills Assessment
        • SQL Injection Fundamentals
          • Introduction
          • Intro to Databases
          • Types of Databases
          • Intro to MySQL
          • SQL Statements
          • Query Results
          • SQL Operators
          • Intro to SQL Injections
          • Subverting Query Logic
          • Using Comments
          • Union Clause
          • Union Injection
          • Database Enumeration
          • Reading Files
          • Writing Files
          • Mitigating SQL Injection
          • Skills Assessment - SQL Injection Fundamentals
        • File Inclusion
          • Intro to File Inclusions
          • Local File Inclusion (LFI)
          • Basic Bypasses
          • PHP Filters
          • PHP Wrappers
          • Remote File Inclusion (RFI)
          • LFI and File Uploads
          • Log Poisoning
          • Automated Scanning
          • File Inclusion Prevention
          • Skills Assessment - File Inclusion
        • Web Attacks
          • Introduction to Web Attacks
          • Intro to HTTP Verb Tampering
          • Bypassing Basic Authentication
          • Bypassing Security Filters
          • Verb Tampering Prevention
          • Intro to IDOR
          • Identifying IDORs
          • Mass IDOR Enumeration
          • Bypassing Encoded References
          • IDOR in Insecure APIs
          • Chaining IDOR Vulnerabilities
          • IDOR Prevention
          • Intro to XXE
          • Local File Disclosure
          • Advanced File Disclosure
          • Blind Data Exfiltration
          • XXE Injector
          • XXE Prevention
          • Web Attacks - Skills Assessment
      • Penetration Tester
        • Getting Started
          • Infosec Overview
          • Getting Started with a Pentest Distro
          • Staying Organized
          • Connecting Using VPN
          • Common Terms
          • Basic Tools
          • Service Scanning
          • Web Enumeration
          • Public exploits
          • Types of shells
          • Privilege Escalation
          • Transferring Files
          • Starting Out
          • Navigating HTB
          • Nibbles - Enumeration
          • Nibbles - Web Footprinting
          • Nibbles -Initial Foothold
          • Nibbles - Privilege Escalation
          • Nibbles - Alternate User Method - Metasploit
          • Common Pitfalls
          • Getting Help
          • Next Steps
          • Knowledge Check
        • File Transfer
          • Introduction
          • Windows File Transfer Methods
          • Linux File Transfer Methods
          • Transferring Files with Code
          • Miscellaneous File Transfer Methods
          • Protected File Transfers
          • Living off The Land
          • Detection
          • Evading Detection
        • Using the Metasploit Framework
          • Preface
          • Introduction to Metasploit
          • Introduction to MSFconsole
          • Modules
          • Targets
          • Payload
          • Encoders
          • Databases
          • Plugins
          • Sessions
          • Meterpreter
          • Writing and Importing Modules
          • Introduction to MSFVenom
          • Firewall and IDS/IPS Evasion
          • Metasploit-Framework Updates - August 2020
        • Shells & Payloads
          • Shells Jack Us In, Payloads Deliver Us Shells
          • CAT5 Security's Engagement Preparation
          • Anatomy of a Shell
          • Bind Shells
          • Reverse Shells
          • Introduction to Payloads
          • Automating Payloads & Delivery with Metasploit
          • Crafting Payloads with MSFvenom
          • Infiltrating Windows
          • Infiltrating Unix/Linux
          • Spawning Interactive Shells
          • Introduction to Web Shells
          • Laudanum, One Webshell to Rule Them All
          • Antak Webshell
          • PHP Web Shells
          • The Live Engagement
          • Detection & Prevention
        • Penetration Testing Process
          • Introduction to the Penetration Tester Path
          • Academy Modules Layout
          • Academy Exercises & Questions
          • Penetration Testing Overview
          • Laws and Regulations
          • Penetration Testing Process
          • Pre-Engagement
          • Information Gathering
          • Vulnerability Assessment
          • Exploitation
          • Post-Exploitation
          • Lateral Movement
          • Proof-of-Concept
          • Post-Engagement
          • Practice
        • Network Enumeration with Nmap
          • Enumeration
          • Introduction to Nmap
          • Host Discovery
          • Host and Port Scanning
          • Saving the Results
          • Service Enumeration
          • Nmap Scripting Engine
          • Performance
          • Firewall and IDS/IPS Evasion
          • Firewall and IDS/IPS Evasion - Easy Lab
          • Firewall and IDS/IPS Evasion - Medium Lab
          • Firewall and IDS/IPS Evasion - Hard Lab
        • Footprinting
          • Enumeration Principles
          • Enumeration Methodology
          • Domain Information
          • Cloud Resources
          • Staff
          • FTP
          • SMB
          • NFS
          • DNS
          • SMTP
          • IMAP / POP3
          • SNMP
          • MySQL
          • MSSQL
          • Oracle TNS
          • IPMI
          • Linux Remote Management Protocols
          • Windows Remote Management Protocols
          • Easy Lab
          • Medium Lab
          • Hard Lab
        • Information Gathering - Web Edition
          • Information Gathering
          • Whois
          • DNS
          • Passive Subdomain Enumeration
          • Passive Infrastructure Identification
          • Active Infrastructure Identification
          • Active Subdomain Enumeration
          • Virtual Hosts
          • Crawling
          • Information Gathering - Web - Skills Assessment
        • Attacking Common Services
          • Interacting with Common Services
          • The Concept of Attacks
          • Service Misconfigurations
          • Finding Sensitive Information
          • Attacking FTP
          • Latest FTP Vulnerabilities
          • Attacking SMB
          • Latest SMB Vulnerabilities
          • Attacking SQL Databases
          • Latest SQL Vulnerabilities
          • Attacking RDP
          • Latest RDP Vulnerabilities
          • Attacking DNS
          • Latest DNS Vulnerabilities
          • Attacking Email Services
          • Latest Email Service Vulnerabilities
          • Attacking Common Services - Easy Lab
          • Attacking Common Services - Medium
          • Attacking Common Services - Hard
        • Login Brute Forcing
          • Introduction to Brute Forcing
          • Password Attacks
          • Default Passwords
          • Username Brute Force
          • Hydra Modules
          • Determine Login Parameters
          • Login Form Attacks
          • Personalized Wordlists
          • Service Authentication Brute Forcing
          • Skills Assessment
          • Skills Assessment 2
        • Password Attacks
          • Theory of Protection
          • Credential Storage
          • John The Ripper
          • Network Services
          • Password Mutations
          • Password Reuse / Default Passwords
          • Attacking SAM
          • Attacking LSASS
          • Attacking Active Directory & NTDS.dit
          • Credential Hunting in Windows
          • Credential Hunting in Linux
          • Passwd, Shadow & Opasswd
          • Pass the Hash (PtH)
          • Pass the Ticket (PtT) from Windows
          • Pass the Ticket (PtT) from Linux
          • Protected Files
          • Protected Archives
          • Password Policies
          • Password Managers
          • Password Attacks Lab - Easy
          • Password Attacks Lab - Medium
          • Password Attacks Lab - Hard
        • Pivoting, Tunneling, and Port Forwarding
          • Introduction to Pivoting, Tunneling, and Port Forwarding
          • The Networking Behind Pivoting
          • Dynamic Port Forwarding with SSH and SOCKS Tunneling
          • Remote/Reverse Port Forwarding with SSH
          • Meterpreter Tunneling & Port Forwarding
          • Socat Redirection with a Reverse Shell
          • Socat Redirection with a Bind Shell
          • SSH for Windows: plink.exe
          • SSH Pivoting with Sshuttle
          • Web Server Pivoting with Rpivot
          • Port Forwarding with Windows Netsh
          • DNS Tunneling with Dnscat2
          • SOCKS5 Tunneling with Chisel
          • ICMP Tunneling with SOCKS
          • RDP and SOCKS Tunneling with SocksOverRDP
          • Skills Assessment
        • Active Directory Enumeration & Attacks
          • Introduction to Active Directory Enumeration & Attacks
          • Tools of the Trade
          • Scenario
          • External Recon and Enumeration Principles
          • Initial Enumeration of the Domain
          • LLMNR/NBT-NS Poisoning - from Linux
          • LLMNR/NBT-NS Poisoning - from Windows
          • Password Spraying Overview
          • Enumerating & Retrieving Password Policies
          • Password Spraying - Making a Target User List
          • Internal Password Spraying - from Linux
          • Internal Password Spraying - from Windows
          • Enumerating Security Controls
          • Credentialed Enumeration - from Linux
          • Credentialed Enumeration - from Windows
      • SOC Analyst
        • Incident Handling Process
          • Incident Handling
          • Cyber Kill Chain
          • Incident Handling Process Overview
          • Preparation Stage (Part 1)
          • Preparation Stage (Part 2)
          • Detection & Analysis Stage (Part 1)
          • Detection & Analysis Stage (Part 2)
          • Containment, Eradication, & Recovery Stage
          • Post-Incident Activity Stage
        • Security Monitoring & SIEM Fundamentals
          • SIEM Definition & Fundamentals
          • Introduction To The Elastic Stack
          • SOC Definition & Fundamentals
          • MITRE ATT&CK & Security Operations
          • SIEM Use Case Development
          • SIEM Visualization Example 1: Failed Logon Attempts (All Users)
          • SIEM Visualization Example 2: Failed Logon Attempts (Disabled Users)
          • SIEM Visualization Example 3: Successful RDP Logon Related To Service Accounts
          • SIEM Visualization Example 4: Users Added Or Removed From A Local Group (Within A Specific Timeframe
        • Understanding Log Sources & Investigating with Splunk
          • Introduction To Splunk & SPL
      • Windows Fundamentals
        • Introduction to Windows
        • Operating System Structure
        • File System
        • NTFS vs. Share Permissions
        • Windows Services & Processes
        • Service Permissions
        • Windows Sessions
        • Interacting with the Windows Operating System
        • Windows Management Instrumentation (WMI)
        • Microsoft Management Console (MMC)
        • Windows Subsystem for Linux (WSL)
        • Desktop Experience vs. Server Core
        • Windows Security
        • Skills Assessment - Windows Fundamentals
      • Introduction to Active Directory
        • Why Active Directory?
        • Active Directory Research Over the Years
        • Active Directory Structure
        • Active Directory Terminology
        • Active Directory Objects
        • Active Directory Functionality
        • Kerberos, DNS, LDAP, MSRPC
        • NTLM Authentication
        • User and Machine Accounts
        • Active Directory Groups
        • Active Directory Rights and Privileges
        • Security in Active Directory
        • Examining Group Policy
        • AD Administration: Guided Lab Part I
        • AD Administration: Guided Lab Part II
        • Wrapping It Up
      • Introduction to Networking
        • Networking Overview
        • Network Types
        • Networking Topologies
        • Proxies
        • Networking Models
        • The OSI Model
        • The TCP/IP Model
        • Network Layer
        • IP Addresses
        • Subnetting
  • Over The Wire
    • View
      • Bandit
        • Level 0
        • Level 1
        • Level 2
        • Level 3
        • Level 4
        • Level 5
        • Level 6
        • Level 7
        • Level 8
        • Level 9
        • Level 10
        • Level 11
        • Level 12
  • Under The Wire
    • View
  • PicoCTF
    • View
      • flag_shop
      • plumbing
      • Based
      • useless
      • chrono
      • First Find
      • runme.py
      • Serpentine
      • repetitions
      • Permissions
      • ASCII Numbers
      • Big Zip
      • PW Crack 4
      • PW Crack 3
      • PW Crack 2
      • PW Crack 1
      • HashingJobApp
      • Glitch Cat
      • fixme2.py
      • fixme1.py
      • convertme.py
      • Codebook
      • First Grep
      • Bases
      • strings it
      • what's a net cat?
      • Magikarp Ground Mission
      • Tab, Tab, Attack
      • Static ain't always noise
      • Transformation
      • Nice netcat...
      • information
      • Wave a flag
      • Python Wrangling
      • Mod 26
      • Obedient Cat
  • Portswigger
    • View
  • Hacker101
    • View
      • Micro-CMS v1
      • Trivial
  • Python
    • View
      • Files
        • Number 1 to 100
      • Hackerrank
        • Power - Mod Power
        • Mod Divmod
        • String Split and Join
        • What's Your Name?
        • Find the Runner-Up Score!
        • Print Function
        • Loops
        • Division
        • Arithmetic
        • Python If-Else
        • Hello World
  • SQL
    • View
      • Hackerrank
        • Higher Than 75 Marks
        • Weather Observation Station 1
        • Weather Observation Station 3
        • Weather Observation Station 4
        • Select By ID
        • Select All
        • Revising the Select Query II
        • Revising the Select Query I
        • Japanese Cities' Attributes
        • Japanese Cities' Name
  • Notes
    • View
      • IMPORTANTTTTT
        • Metasploit
        • Nmap
        • Laudanum
        • Sudo
        • LXD/LXC
      • Windows
        • Windows Management Instrumentation (WMI)
        • Windows Remote Management (WinRM)
        • NTDS.DIT
        • Built-in AD Groups
        • Schema Active Directory
        • Trusts Active Directory
        • Foreign Security Principals (FSPs)
        • Replication
        • SYSVOL
        • Fully Qualified Domain Name (FQDN)
        • Read-Only Domain Controller (RODC)
        • FSMO Roles
        • Global Unique Identifier (GUID)
        • Registry
        • User Account Control (UAC)
        • Access Control Entries (ACE)
        • Copying SAM Registry Hives
        • Security Accounts Manager (SAM)
        • Security Identifier (SID)
        • Execution Policy
        • Windows non-interactive accounts
        • Security Descriptor Definition Language (SDDL)
        • Windows System Structure
        • DACL and SACL
      • Nmap
        • Nmap UDP Scan
        • Nmap TCP Scans
        • Nmap Scripting Engine
      • Endpoint Detection and Response
      • SIEM
      • DMARC
      • Forward Proxy and Reverse Proxy
      • Brute Force/ Dictionary Attack
      • SMTP/IMAP/POP
      • Downloading subfinder
      • DNS
      • MITRE ATT&CK
      • Staged vs. Stageless Payloads
      • Server Log Poisoning
      • PHP Session Poisoning
      • secure_file_priv
      • Metasploit Payload
      • Metasploit Types
      • Types of Box
      • Vulnerable Machine/Applications
      • Cron Jobs
      • Webroot
      • Subdomains and Virtual hosts
      • Fuzzing/Gobuster Extensions
      • URI and URL
      • eXtensible Markup Language (XML)
      • Time to Live (TTL)
      • Stateful and Stateless Firewalls
      • IDS vs IPS vs SIEM
      • Intrusion Detection System (IDS) and Intrusion Prevention System (IPS)
      • Reconnaissance and Enumeration
      • Address Resolution Protocol
      • SSL Certificate
      • Transmission Control Protocol (TCP)
      • Dictionary and Brute Force Attack
      • Encoding, Encryption, Cryptography
  • Commands
    • View
      • Windows
        • Get-ADGroupMember
        • Get-ADGroup
        • Get-ADTrust
        • Get-ADUser
        • Get-ADDomain
        • Discover Modules
        • Get-LAPSComputers
        • Find-AdmPwdExtendedRights
        • Get-AppLockerPolicy
        • DomainPasswordSpray
        • PowerView
        • Inveight
        • Rubeus.exe
        • mimikatz.exe
        • Invoke-TheHash
        • laZagne.exe
        • Copying NTDS.dit via evil-winrm
        • Copying Registry Hives with reg.exe
        • reg add
        • net start
        • tscon
        • query user
        • New-PSDrive
        • findstr
        • dir
        • net use
        • net
        • Get-MpComputerStatus
        • Get-WmiObject
        • Get-ExecutionPolicy
        • get-alias
        • Get-ChildItem
        • Get-ACL
        • services.msc
        • tree
        • wmic
        • sc
        • icacls
        • winPEAS
        • Invoke-WebRequest
        • Certutil
        • Get-Service
      • Linux
        • steganography
          • Binwalk
          • Exiftool
          • steghide
          • stegseek
        • password cracking
          • John
          • Hashcat
        • remote desktop
          • rdesktop
          • xfreerdp
          • Remmina
        • common commands
          • grep
          • sed
          • env
          • watch
          • locate
          • tree
          • who
          • last/lastlog
          • stat
          • $PATH
          • 4 characters rockyou.txt
          • TR / CUT
          • Find
          • hexedit
          • Background Process
          • Sudo
          • netstat
          • xxd
        • web enumeration
          • Gobuster
          • ffuf/wfuzz
          • whatweb
        • linux blue team
          • chkrootkit
          • rkhunter
        • linux priv esc
          • laZagne
          • Getcap
          • Linpeas/LinEnum
          • SUID
          • crontab
        • credential hunting
          • Configuration Files
          • Credentials in Configuration Files
          • Databases
          • Notes
          • Scripts
          • Cronjobs
          • SSH
          • Bash History
          • Logs
          • mimipenguin.py
          • laZagne.py
          • firefox_decrypt.py
        • Zip files
          • gunzip
          • unzip
        • FTP
          • FTP - Connect
        • SSH
          • SSH - Connect
          • scp
        • DNS
          • host
          • subbrute
          • sublist3r
          • dnsdumpster
          • subfinder
          • dnsenum
          • dig
          • nslookup
          • fierce
        • SMTP
          • swaks
          • o365spray
          • smtp-user-enum
          • msfconsole
        • SMB
          • Hydra
          • metasploit
          • Sans SMB Cheatsheet
          • ntlmrelayx
          • Mount
          • SMB - Connect
          • netexec
          • Enum4Linux-ng
          • CrackMapExec
          • smbmap
          • rpcclient
          • impacket
          • Psexec
        • IMAP/POP3
          • telnet
          • Evolution
          • curl
          • openssl
          • IMAP - Commands
          • POP3 - Commands
        • SNMP
          • onesixtyone
          • snmpwalk
          • braa
        • Oracle TNS
          • odat
          • sqlplus
        • IPMI
          • msfconsole
        • Rsync
          • rsync
          • nc
          • nmap
        • R-Services
          • nmap
          • rlogin
          • rwho
          • rusers
        • MSSQL
          • MSSQL Commands
          • mssqlclient.py
          • sqsh
          • xp_cmdshell
        • RDP
          • Hydra
          • Crowbar
        • MySQL
        • NFS
        • WinRM
          • crackmapexec
          • Evil-Winrm
        • LDAP
          • ldapsearch
          • windapsearch
        • impacket
          • impacket-wmiexec
          • impacket-smbserver
          • impacket-samrdump
          • impacket-psexec
          • impacket-secretdumps
        • Port Forward
          • ssh
          • proxychains
          • chisel
          • rpivot
          • Netsh
        • bloodhound-python
        • kerbrute
        • tcpdump
        • Ping sweep
        • static binaries
        • Linikatz
        • Finding keytab
        • PS
        • realm
        • pypykatz
        • creds
        • cewl
        • username-anarchy
        • cupp
        • theHarvester
        • Responder
        • msf-virustotal
        • perl
        • php
        • ruby
        • aquatone
        • wafw00f
        • curl
        • msfconsole/meterpreter
        • sqlmap
        • arp-scan
        • nmap
        • Msfvenom
        • Res/PHP
        • enum4linux
        • md5sum
        • Python
        • Redis
        • Telnet
        • RSA
        • Medusa
        • Hydra
        • curl to python
      • LOLbas/GTFObins
      • SQL Injection
      • LFI
  • Google Chrome Password
    • Decrypt Google Chrome Password
    • LaZagne
  • Comptia Security+ 701
    • Professor Messor
      • Security Control
      • Zero Trust
      • Deception and Disruption
      • Change Management
      • Key exchange
      • Encryption Technologies
      • Obfuscation
      • Hashing and Digital Signatures
      • Blockchain Technology
      • Certificates
      • Threat Actors
      • Common Threat Vectors
      • Race Conditions
      • Hardware Vulnerabilities
      • Virtualization Vulnerabilities
      • Mobile Device Vulnerabilities
      • Spyware and Bloatware
      • Other Malware Types
      • Wireless Attacks
      • On-path Attacks
      • Replay Attacks
      • Cryptographic Attacks
      • Indicators of Compromise
      • Segmentation and Access Control
      • Mitigation Techniques
      • Hardening Techniques
      • Cloud Infrastructures
      • Network Infrastructure Concepts
      • Other Infrastructure Concepts
      • Infrastructure Considerations
      • Secure Infrastructures
      • Intrusion Prevention
      • Network Appliances
      • Port Security
      • Firewall Types
      • Secure Communication
      • Data Types and Classifications
      • States of Data
      • Protecting Data
      • Resiliency
      • Recovery Testing
      • Backups
      • Power Resiliency
      • Secure Baselines
      • Hardening Targets
      • Securing Wireless and Mobile
      • Wireless Security Settings
      • Application Security
      • Asset Management
      • Vulnerability Scanning
      • Threat Intelligence
      • Analyzing Vulnerabilities
      • Security Tools
      • Firewalls
      • Operating System Security
      • Email Security
      • Monitoring Data
      • Endpoint Security
      • Identity and Access Management
      • Access Controls
      • Multifactor Authentication
      • Password Security
      • Scripting and Automation
      • Incident Planning
      • Digital Forensics
      • Log Data
      • Security Policies
      • Security Procedures
      • Security Considerations
      • Data Roles and Responsibilities
      • Risk Management
      • Risk Analysis
      • Risk Management Strategies
      • Third-party Risk Assessment
      • Agreement Types
      • Compliance
      • Privacy
      • Audits and Assessments
      • Security Awareness
      • User Training
    • Incident Response Plan, Cyber kill chain
    • SD-WAN
    • MTTR, MTBF, RTO, RPO
    • NetFlow Logs
    • MTBF, MTTR, RPO, RTO
    • Data in-use, at-rest, in-transit
    • Disassociate vs Deauthentication
    • Data Custodians, Data Stewards, Data states, Data subject
    • Data Owners, Data Controllers, Data Processors
    • Public, Sensitive, Confidential, Restricted, Private, Critical
    • Bluejacking, Bluesnarfing, Bluebugging, Blueborne, Bluesmack
    • Private,Secret,Legal,Confidential
    • CTO,DPO,CIO,CSO
    • Amplified, Volumetric, Reflected, Application
    • Resource reuse, Resource exhaustion, Concurrent session usage
    • Rootkit, Backdoor
    • WPS,WAP,WPA,WAF,WPA2,WEP
    • MD5, SHA-3, RIPEMD-160,HMAC
    • CBC, GCM, ECB, CFB
    • ECDHE, ECDSA
    • PFS, PFX, ECB
    • Symmetric, Asymmetric
    • KEK
    • ECC, RC4, MD5, SHA-1, IDEA, DHE,DES,AES
    • TKIP, CCMP
    • AH, ESP, IKE
    • SMTPS,SRTP,SHTTP,S/MIME
    • GPG, PGP
    • FDE, EFS, SED
    • PKCS, PKI
    • BPA, BIA, SLE, and BCP
    • DLP, Radius, IPsec
    • keylogger
    • Compliance reporting, chain of custody, password vaults
    • SLE, ARO,ALE,RTO
    • Data owner, processor, subject, custodian
    • SCAP
    • SASE, RTOS, CRL
    • Playbook, Responsibility matrix, audit committee, right-to-audit
    • Blockchain, Secure enclave, Hashing
    • COPE, CYOD, SSO, BYOD
    • 802.1X, WPA3, PSK, MFA
    • Journaling
    • Record & Full-disk encryption
    • DMARC, SPF ,NAC, DKIM
    • RAS server
    • Vendors, Supplier, Distributors and MSP
    • Gap Analysis
    • Deception and disruption technology
    • Honeypot, token, file and net
    • Non-Repudiation
    • Data masking / Tokenization
    • open public ledger vs block chain
    • cryptographic key management (HSM, TPM, Secure Enclave, KMS)
    • Authentication methods
    • Wi-Fi Evolution | 802.11 Standards Explained
    • AAA and RADIUS vs TACACS+
    • asdasd
    • Phishing tactics
    • IDS/IPS - True/False Positive/Negative
    • Login Pacific
      • Chapter 1
      • Chapter 2
      • Chapter 3
      • Chapter 4
      • Chapter 5
      • Chapter 6
      • Chapter 7
    • Exam Compass
      • 601 - Test 1
      • Data Protection Concepts Quiz
      • Indicators of Malicious Activity Quiz
      • Application Attacks Quiz
      • Network Attacks Quiz
      • Malware Attacks Quiz
      • Security Vulnerabilities Quiz
      • Social Engineering Quiz
      • Threat Vectors & Attack Surfaces Quiz
      • Threat Actor Types Quiz
      • Digital Signatures Quiz
      • Hashing Quiz
      • Encryption Quiz
      • Security Controls Quiz
      • 701 - Test 1
      • 701 - Test 2
      • 701 - Test3
    • Udemy
      • CompTIA Security+ SY0-701: The Ultimate Practice Exam 2024
    • Crucial exam
      • Just 20 free qusetions
  • CCNA
    • Cisco Router, Firewall, Switch
    • UTP Cables / IEEE Ethernet Standard
    • OSI Model & TCP/IP Suite
    • Intro to the CLI
    • Ethernet LAN Switching
    • Ethernet LAN Switching (Part 2)
    • IPv4 Addressing (Part 1)
    • IPv4 Addressing (Part 2)
    • Switch Interfaces
    • IPv4 Header
    • Routing Fundamentals (Part 1)
    • Static Routing (Part 2)
    • The Life of a Packet
    • TRUE FORM OF SUBNET
    • Subnetting (Part 1)
    • Subnetting (Part 2)
    • Subnetting (Part 3 - VLSM)
    • VLANs (Part 1)
    • VLANs (Part 2)
    • VLANs (Part 3)
    • DTP/VTP
  • Malware Analysis Lab
  • TCM
    • Linux 100: Fundamentals
      • IP Sweep
    • Programming 100: Fundamentals
      • Functions
      • Basic Calculator
      • Lists
      • Tuples
      • Dictionaries
      • Importing
      • Sockets
      • Strings Revisite
      • Scanner
      • Writing Reusable and Testable Code
    • Practical Bug Bounty
      • LABS
        • Authentication 0x01
        • Authentication 0x02
        • Authentication 0x03 [Challenge]
        • Auth 0x04 IDOR 0x01
        • Auth 0x05 APIs 0x01
        • Auth 0x06
        • File Inclusion 0x01
        • File Inclusion 0x02
        • File Inclusion 0x03 [Challenge]
        • Injection 0x01
        • Injection 0x02
        • Injection 0x03 [Challenge]
        • Injection 0x04
        • XSS 0x01
        • XSS 0x02
        • XSS 0x03
        • Command Injection 0x01
        • Command Injection 0x02
        • Command injection 0x03 [Challenge]
        • SSTI 0x01
        • SSTI 0x02
        • XXE 0x01
        • Insecure file upload 0x01
        • Insecure file upload 0x02
        • Insecure file upload 0x03
        • CSRF 0x01
        • CSRF 0x02
        • SSRF 0x01
        • Open Redirect 0x01
      • Importantttttttt
      • Automated Scanner
      • XXE
      • SSTI
      • Command Injection
      • LFI/RFI
      • XSS
      • SQLi
      • Sites
      • sqlmap
      • curl
      • nmap
      • ffuf
      • dirb
      • dirbuster
      • subfinder
      • assetfinder
      • amass
      • Combining all result
      • httprobe
      • gowitness
      • burpsuite
      • hydra
      • JWT
      • authorize - burpsuite
    • Practical Web Hacking
      • Authentication
        • Lab: Password reset broken logic
        • Lab: Username enumeration via different responses
        • Lab: Username enumeration via subtly different responses
        • Lab: Username enumeration via response timing
        • Lab: Brute-forcing a stay-logged-in cookie
        • Lab: 2FA simple bypass
      • Access Control
        • Lab: User ID controlled by request parameter
        • Lab: Unprotected admin functionality
        • Lab: Insecure direct object references
        • Lab: Multi-step process with no access control on one step
        • Lab: Referer-based access control
      • SSRF
        • Lab: Basic SSRF against the local server
        • Lab: Basic SSRF against another back-end system
        • Lab: Blind SSRF with out-of-band detection
        • Lab: Blind SSRF with Shellshock exploitation
      • LFI/RFI
        • lab 1
        • lab 2
        • Lab: File path traversal, simple case
        • Lab: File path traversal, traversal sequences blocked with absolute path bypass
        • Lab: File path traversal, validation of start of path
      • XXE
        • Lab: Exploiting XXE using external entities to retrieve files
        • Exploiting XXE via image file upload
        • Lab: Exploiting XInclude to retrieve files
      • JWTs
        • jwt.io
        • Lab: JWT authentication bypass via unverified signature
        • Lab: JWT authentication bypass via flawed signature verification
      • find
      • ffuf
    • Web pen
Powered by GitBook
On this page
  1. Comptia Security+ 701
  2. Login Pacific

Chapter 3

What function does URL filtering perform within a unified threat management (UTM) security appliance?

It blocks access to certain sites based on their URL

Which of the following best describes a DoS and a DDoS attack?

A DoS attack is a service attack from a single source that attempts to disrupt the services provided by another system. A DDoS attack includes multiple computers attacking a single target.

What is the role of a PTR record in the Domain Name System (DNS)?

It enables a DNS client to query DNS with the IP address to get a name.

What is the key difference between a transparent proxy and a non-transparent proxy?

A non-transparent proxy modifies or filters requests, while a transparent proxy forwards them without modification

Based on the information in RFC 7123 about the security implications of using IPv6 on an internal network, which of the following statements is true?

Internal networks can continue to use IPv4 without issue.

What is the purpose of the DHCP Offer in the DHCP communication process?

It is the response of a DHCP server offering a lease to the client including an IP address, subnet mask, default gateway among others.

Which protocol provides connection-oriented traffic with guaranteed delivery?

TCP

What is the primary function of a router in a network?

To connect multiple networks together to create larger networks

What is the function of the AAAA-record in a Domain Name System (DNS)?

It holds the hostname and IPv6 address.

Which protocol is commonly blocked at firewalls and routers, disabling a ping response, preventing attackers from discovering devices in a network?

ICMP

What is the purpose of LDAPS (LDAP Secure) in directory services?

LDAPS uses encryption to protect LDAP transmissions.

What is the main purpose of Domain Name System Security Extensions (DNSSEC)?

To provide validation for DNS responses using digitally signed records

What is the function of an MX record in a DNS server?

 It identifies a mail server used for email.

What protocol is the most commonly used for time synchronization?

NTP

What is the purpose of caching content in a proxy server for performance enhancement?

To reduce Internet bandwidth usage

What is the major difference between a stateful and a stateless firewall?

A stateful firewall makes decisions based on traffic context or state, while a stateless firewall does not.

What does MAC filtering in port security do?

Limits each port’s connectivity to a specific device using a certain MAC address

Which protocol is commonly used for transporting voice and video over a network and provides encryption, message authentication, and integrity for RTP?

SRTP

What is the purpose of the ’route add’ command in a system’s routing table?

To add a path to a different network

In the context of Stateless Firewall Rules, what does the term ’implicit deny strategy’ refer to?

The strategy that blocks all traffic not explicitly permitted.

What does the ’route print’ command display on a computer system?

 All the paths known by the computer to other networks

What happens if a network has too many computers on a single segment?

Broadcasts can result in excessive collisions and reduce network performance

Which of the following statements about File Transfer Protocol (FTP) are correct?

FTP passive mode uses a random TCP port for data, this random port is often blocked by firewall

What is an intranet in terms of networking?

An internal network used for communication and content sharing

What is the primary purpose of a network appliance?

To fulfill a specific need

What is the purpose of the ’id_rsa’ file in an OpenSSH system?

 It is the private key that must remain private and stays on the client’s machine.

What is the main difference between an Intranet and an Extranet?

Intranet is restricted to internal users while Extranet can be accessed by authorized external entities

What function does a firewall serve in a network?

It filters incoming and outgoing traffic for a single host or between networks

What is the use of the jump server in a network environment?

To connect and manage devices in another network with a different security zone

What is one of the key features that distinguishes a next-generation firewall (NGFW) from first and second generation firewalls?

NGFW uses deep-packet inspection

What is the primary function of a Zero Trust Network?

It trusts no devices by default.

Which protocol is an implementation of FTP that uses SSH to transmit files in an encrypted format?

SFTP

What are the methods for achieving logical separation and segmentation in networking?

All of the above
Using routers and ACLs
Dividing IP address ranges with subnetting
Implementing firewalls and packet-filtering rules

What does the term ’East-West traffic’ refer to within a network?

Traffic between servers.

What is the purpose of the malware inspection component in a UTM appliance?

It scans incoming data for known malware and blocks it

What is the function of the Address Resolution Protocol (ARP)?

It resolves IPv4 addresses to media access control (MAC) addresses.

Which of the following protocols is used to transfer smaller amounts of data, such as when communicating with network devices, and uses UDP port 69?

TFTP

In computing, which TCP port does IMAP4 use for unencrypted connections, and which port for encrypted connections?

Port 143 for unencrypted, port 993 for encrypted

What functionalities does Spanning Tree Protocol (STP) or Rapid STP (RSTP) provide on a network?

 Broadcast storm prevention and loop prevention

Which of the following statements about nslookup and dig command-line tools is correct?

The dig and nslookup tools can be used to query specific records such as mail servers and the lowest number preference identifies the primary mail server when there are multiple ones

Which of the following is not true about network-based firewalls?

It is an application running on a system

What is the correct form of a private IP address according to RFC 1918 in the IPv4 protocol?

10.0.0.0 through 10.255.255.255

What is the function of the DDoS mitigator in a unified threat management (UTM) appliance?

Attempts to detect and block DDoS attacks

What is the primary purpose of physical isolation and air gaps in a network security context?

To reduce risks by completely separating one network from another

Which of the following best defines a unified threat management (UTM)?

A single solution that combines multiple security controls and aims to provide better security while also simplifying management requirements.

What does the Real-time Transport Protocol (RTP) particularly deliver over IP networks?

Audio and Video

What is the protocol number for ICMP?

1

What is the primary purpose of an A-record in the Domain Name System (DNS)?

It holds the hostname and IPv4 address and is the most commonly used record in a DNS server.

What is true about network address allocation using Dynamic Host Configuration Protocol (DHCP)?

It dynamically assigns IP addresses to hosts within a network.

What does a DHCP client do to start getting a lease from a DHCP server?

Sends a DHCP Discover message

What does the term ’Extranet’ refer to in network security?

A part of the network that can be accessed by authorized entities from outside of the network.

What does a ’Content inspection’ feature in a Unified Threat Management (UTM) system involve?

It includes a combination of different content filters and monitors incoming data streams to block malicious content.

What determines which protocols are enabled in a network?

Organizational goals and needs

How can Access Control Lists (ACLs) be utilized within a router for security?

To block traffic based on IP addresses and networks

Which statement correctly describes the User Datagram Protocol (UDP)?

UDP provides connectionless sessions and makes a best effort basis for delivery with no guarantee.

What does DHCP snooping prevent on a network?

Operation of unauthorized DHCP servers

What is the primary purpose of the Domain Name System (DNS)?

To resolve hostnames to IP addresses

Which TCP port does the Post Office Protocol v3 (POP3) use for encrypted connections?

Port 995

Which command should Maggie use to create a public/private key pair for passwordless SSH login?

ssh-keygen -t rsa

What is the purpose of the ’ssh-keygen -t rsa’ command in OpenSSH?

It creates a public/private key pair

What is the role of the Data Link layer in the Open Systems Interconnection (OSI) model?

It is responsible for ensuring that data is transmitted to specific devices on the network by formatting the data into frames and adding media access control (MAC) addresses for the source and destination devices.

What is the role of a Web Application Firewall (WAF)?

To protect a web server from various web application attacks

What does a firewall’s implicit deny strategy do?

It blocks all traffic that is not explicitly allowed.

What is one of the primary functions of the Rapid Spanning Tree Protocol (RSTP)?

It provides broadcast storm prevention and loop prevention for switches.

What are the only three IPv4 address ranges that should be allocated within a private network?

10.0.0.0 through 10.255.255.255, 172.16.0.0 through 172.31.255.255, 192.168.0.0 through 192.168.255.255

Secure Shell (SSH) is used for which of the following?

Encrypting traffic in transit, including other protocols such as FTP

Which protocol is the designated replacement for SSL and should be used instead of SSL for browsers using HTTPS?

TLS

What is a key difference between SNMPv1/v2 and SNMPv3?

SNMPv3 encrypts credentials before sending them over the network

Which protocol and port number are used by SSH for encrypting traffic in transit?

SSH, TCP port 22

What does the STARTTLS command allow in relation to SMTP?

It enables protocol to use the same port for cleartext and ciphertext.

What is the fundamental difference between a physical and a logical port in network devices?

A physical port is where the cable is plugged in a network device, while a logical port is a number in a packet that identifies services and protocols

How does the Spanning Tree Protocol (STP) or the Rapid STP (RSTP) protect a network?

By providing broadcast storm prevention and loop prevention for switches

What distinguishes FTPS from SFTP according to the provided information?

FTPS uses TLS for encryption, while SFTP uses SSH.

What command would Maggie use to initiate an SSH connection to the gcga server using the root account of the remote system?

ssh root@gcga

Which of the following commands should Maggie use to create a public and private key pair?

ssh-keygen -t rsa

What is one major benefit of Network Address Translation (NAT)?

It allows multiple users to connect to the Internet using a single public IP address

What does the ’Permission’ element in ACLs for firewalls typically indicate?

It identifies whether the traffic should be permitted or denied.

What are some common protocols used for Subscription Services Use Cases?

HTTPS and TLS

Which of the following best describes how IPv6 addresses are expressed?

They use 128-bit addresses expressed in hexadecimal format

What does the Quality of Service refer to in relation to network management?

The measure and control of different traffic types on a network

What does the ’implicit deny’ rule accomplish in an ACL?

It blocks all traffic that isn’t explicitly allowed.

What does a switch do when it turns on with no prior knowledge?

Waits for traffic to determine computer connections

Which encryption protocol is designated as the replacement for SSL and should be used instead of SSL for browsers using HTTPS?

TLS

What is the primary purpose of a screened subnet or DMZ?

To shield Internet-facing servers from direct attacks

Why is physical isolation such as an air gap important in a supervisory control and data acquisition (SCADA) system?

It reduces risks to the SCADA system by minimizing the reach of potential attackers

What can help to prevent switching loop problems and broadcast storms in a network?

Implementing Spanning Tree Protocol (STP) or Rapid STP (RSTP)

What is the function of proxy servers?

To forward requests for services from clients and restrict access to inappropriate websites.

What is the primary use case of Unicast in an IPv4 network?

One-to-one traffic. One host sends traffic to other host using a IP address

What are some elements involved in creating a secure network?

Use of various topologies and network appliances

What is the main role of a ’reverse proxy’ in a network?

It acts like a web server for clients but forwards requests to the actual web server

What is the purpose of an ’air gap’ in relation to network security?

To physically isolate one network from another

Why do organizations replace hubs with switches, according to the given passage?

Switches increase the efficiency of a network and reduce the risk of data capture by protocol analyzers

What is the main function of a host-based firewall?

Monitor traffic going in and out of a single host

What is the purpose of a CNAME record in a DNS server?

Allows a single system to have multiple names associated with a single IP address

What are the TCP ports used by SMTP, POP3, IMAP4, HTTP and HTTPS common protocols?

SMTP uses ports 25 and 587; POP3 uses 110 and 995; IMAP4 uses 143 and 993; HTTP and HTTPS 80 and 443.

What are the three primary factors used to filter packets by router ACLs?

IP addresses, ports, and protocol numbers

What is a common reason users cannot connect to systems using Remote Desktop Protocol (RDP)?

Port 3389 is blocked on a host-based or network firewall

What is layer 2 of the Open Systems Interconnection (OSI) model responsible for?

Transmitting data to specific devices on the network

What is the primary purpose of DHCP snooping?

 To prevent unauthorized DHCP servers from operating on a network.

Based on the passage, how can ACLs on a router be used to filter traffic?

All of the above
By blocking specific IP addresses
By blocking traffic on specific ports
By allowing or blocking traffic based on protocol number

What is a sniffing attack in the context of network security?

An attack where a protocol analyzer is used to capture and easily read data sent over a network if it’s in cleartext.

Why is TLS recommended over SSL?

SSL has been compromised and is not maintained or patched

What happens when the DHCP sends an ’Acknowledge’ packet?

The DHCP allocates the offered IP address to the client and won’t offer the same IP to other clients

Which of the following is the primary purpose of HTTPS?

Encrypt web traffic to ensure it is secure while in transit

What is the function of the broadcast method in IPv4 addressing of TCP/IP traffic?

Broadcasting allows one host to send data to all other hosts on the same subnet.

What does the ’Protocol’ element in an Access Control List (ACL) rule typically refer to on a firewall?

 The type of traffic that is dealt with, such as TCP, UDP, ICMP or IP

What is the function of a Bridge Protocol Data Unit (BPDU) Guard feature in a network?

It monitors edge ports for BPDU messages and disables the port if any are detected.

What is the primary advantage of using VLANs in a network?

They allow the logical grouping and separation of computers regardless of physical location

In the example provided, what command could Maggie use to connect to a server named ’gcga’ in the network while also initiating SSH connection using the root account of the remote system?

ssh root@gcga

Which of the following best describes Dynamic NAT?

A form of NAT that translates public IP addresses to private IP addresses, using multiple public IP addresses based on load

What is the purpose of a poisoning attack?

Corrupt cache with different data

What is the purpose of executing the command ’ssh-copy-id gcga’ in the context of a Linux system using OpenSSH?

To copy the public key to the remote server

What is the key feature of Static NAT?

It uses a single public IP address in a one-to-one mapping

How is the ’Source’ defined within rules implemented in ACLs by stateless firewalls?

The source IP address traffic comes from

What is the main difference between Network Time Protocol (NTP) and Simple NTP (SNTP) in terms of time synchronization?

NTP uses complex algorithms and queries multiple time servers to identify the most accurate time, while SNTP does not.

What is one of the benefits of using Network Address Translation (NAT)?

It allows multiple computers to access the Internet through one router running NAT

What is the primary function of the Session Initiation Protocol (SIP) in relation to voice, video, and messaging sessions?

It initiates, maintains, and terminates the sessions

Which of these common protocols do Google Mail uses for storing email on an email server?

IMAP4

Which protocol provides both broadcast storm prevention and loop prevention for switches?

STP or RSTP

What is the purpose of the ’Destination’ in rules within Access Control Lists (ACLs) used by firewalls?

To identify IP addresses to allow or block traffic

Which of these protocols is used for connectionless sessions without a three-way handshake?

UDP

Which of the following use cases is NOT supported by switches?

Providing secure management of network devices

What are the primary functions of the Secure Real-time Transport Protocol (SRTP)?

It provides encryption, message authentication, and integrity for RTP.

What’s one disadvantage of Network Address Translation (NAT)?

It is not compatible with IPsec.

Which of the following protocols is used for testing basic connectivity and includes tools such as ping, pathping, and tracert?

ICMP

Which of the following best describes port security as described in the passage?

All of the above
Restricting each physical port to only a single specific MAC address as an advanced method
Disabling unused ports to prevent unauthorized connections
Allowing only one or two MAC addresses to connect per port and blocking all others

Which protocol can be used to transfer encrypted files over a network and uses TCP port 22?

SSH

Which of the following protocols is NOT recommended for use when remotely administering systems, due to its lack of security?

Telnet

What is the primary function of the ’route’ command in both Windows and Linux systems?

To display or modify a system’s routing table

What is the purpose of the SOA (start of authority) record in DNS?

It includes information about the DNS zone and some of its settings

What does the ’-J’ switch in the ’ssh -J maggie@jump maggie@ca1’ command represent?

It instructs ssh to connect to the jump server and then use TCP forwarding to connect to the CA server
PreviousChapter 2NextChapter 4

Last updated 10 months ago