kyou
  • WHOAMI
    • Robemar Aviles
  • Tryhackme
    • View
      • Advent of Cyber 2024
        • Day 01
        • Day 02
      • Boiler CTF
      • Anonymous
      • Archangel
      • Lian_Yu
      • Gaming Server
      • Chocolate Factory
      • Easy Peasy
      • Brute It
      • Ignite
      • Brooklyn Nine Nine
      • TryHack3M: Bricks Heist
      • Dreaming
      • Overpass 1
      • SQLMAP
      • Chill Hack
      • Year of the rabbit
      • Become a hacker
      • Golden Eye
      • Mr. Robot
      • Linux File System Analysis
      • Skynet
      • Fowsniff
      • Introduction to OWASP Zap
      • Brute Force Heroes
      • Game Zone
      • Lazy Admin
      • Bounty Hacker
      • OOB XXE
      • HackPark
      • Alfred
      • Windows Local Persistence
      • Hacking with PowerShell
      • Phishing
      • Python for Pentesters
      • Wireshark: The Basics
      • Hydra
      • Governance & Regulation
      • Junior Security Analyst Intro
      • Wonderland
      • Burp Suite: The Basics (Old)
      • Burp Suite: Extensions
      • Burp Suite: Other Modules
      • Burp Suite: Intruder
      • Net Sec Challenge
      • Nmap Post Port Scans
      • Nmap Advanced Port Scans
      • Nmap Basic Port Scans
      • Nmap Live Host Discovery
      • Protocols and Servers 2
      • Protocols and Servers
      • Command Injection
      • Cross-Site Scripting
      • Vulnerability Capstone
      • Exploit Vulnerabilities
      • Intro to SSRF
      • File Inclusion
      • IDOR
      • Authentication Bypass
      • Subdomain Enumeration
      • Windows Privilege Escalation
      • Steel Mountain
      • Upload Vulnerabilities
      • Blue
      • Looking Glass
      • Metasploit: Exploitation
      • Metasploit: Meterpreter
      • What the shell?
      • Common Linux Privesc
      • John The Ripper
      • Hashing - Crypto 101
      • Crack the hash
      • Res
      • Wireshark: The Basics
      • Network Services 2
      • Network Services
      • Break Out The Cage
      • Anthem
      • Ice
      • Startup
      • Kenobi
      • Bolt
      • Basic Pentesting
      • Linux Privilege Escalation
      • Source
      • Agent Sudo
      • Red Team Fundamentals
      • Red Team Engagement
      • Cyborg
      • Pre Security
        • OSI Model
        • Packets & Frames
        • Extending your network
        • Putting it all together
        • How websites work
      • Introduction to Cyber Security
        • Intro to Defensive Security
        • Careers in Cyber
        • Network Security
        • Security Operations
        • Operating System Security
  • Hack the box
    • View
      • Oopsie
      • Windows Fundamentals
      • Archetype
      • Bizness
      • Three
      • Redeemer
      • Dancing
      • Fawn
      • Meow
      • Responder
      • Crocodile
      • Sequel
      • Appointment
  • Academy HTB
    • View
      • Bug Bounty Hunter
        • Before exam
        • Exploits
          • HTML Injection
          • Cross-Site Scripting (XSS)
          • Cross-Site Request Forgery (CSRF)
          • SQL Injection
          • Local File Inclusion (LFI)
          • Remote File Inclusion
          • Command Injection
          • Insecure Direct Object Reference (IDOR)
          • XML External Entity (XXE)
        • Commands
          • curl
          • mysql
        • Web Requests
          • Hypertext Transfer Protocol (HTTP)
          • Hypertext Transfer Protocol Secure (HTTPS)
          • HTTP Requests and Responses
          • HTTP Headers
          • HTTP Methods and Codes
          • GET
          • POST
          • CRUD API
        • Introduction to Web Applications
          • Introduction
          • Web Application Layout
          • Front End vs. Back End
          • HTML
          • CSS
          • JavaScript
          • Sensitive Data Exposure
          • HTML Injection
          • Cross-Site Scripting (XSS)
          • Cross-Site Request Forgery (CSRF)
          • Back End Servers
          • Web Servers
          • Databases
          • Development Framework & APIs
          • Common Web Vulnerabilities
          • Public Vulnerabilities
          • Next Steps
        • Attacking Web Application with Ffuf
          • Introduction
          • Web Fuzzing
          • Directory Fuzzing
          • Page Fuzzing
          • Recursive Fuzzing
          • DNS Records
          • Sub-domain Fuzzing
          • Vhost Fuzzing
          • Filtering Results
          • Parameter Fuzzing - GET
          • Parameter Fuzzing - POST
          • Value Fuzzing
          • Skills Assessment
        • SQL Injection Fundamentals
          • Introduction
          • Intro to Databases
          • Types of Databases
          • Intro to MySQL
          • SQL Statements
          • Query Results
          • SQL Operators
          • Intro to SQL Injections
          • Subverting Query Logic
          • Using Comments
          • Union Clause
          • Union Injection
          • Database Enumeration
          • Reading Files
          • Writing Files
          • Mitigating SQL Injection
          • Skills Assessment - SQL Injection Fundamentals
        • File Inclusion
          • Intro to File Inclusions
          • Local File Inclusion (LFI)
          • Basic Bypasses
          • PHP Filters
          • PHP Wrappers
          • Remote File Inclusion (RFI)
          • LFI and File Uploads
          • Log Poisoning
          • Automated Scanning
          • File Inclusion Prevention
          • Skills Assessment - File Inclusion
        • Web Attacks
          • Introduction to Web Attacks
          • Intro to HTTP Verb Tampering
          • Bypassing Basic Authentication
          • Bypassing Security Filters
          • Verb Tampering Prevention
          • Intro to IDOR
          • Identifying IDORs
          • Mass IDOR Enumeration
          • Bypassing Encoded References
          • IDOR in Insecure APIs
          • Chaining IDOR Vulnerabilities
          • IDOR Prevention
          • Intro to XXE
          • Local File Disclosure
          • Advanced File Disclosure
          • Blind Data Exfiltration
          • XXE Injector
          • XXE Prevention
          • Web Attacks - Skills Assessment
      • Penetration Tester
        • Getting Started
          • Infosec Overview
          • Getting Started with a Pentest Distro
          • Staying Organized
          • Connecting Using VPN
          • Common Terms
          • Basic Tools
          • Service Scanning
          • Web Enumeration
          • Public exploits
          • Types of shells
          • Privilege Escalation
          • Transferring Files
          • Starting Out
          • Navigating HTB
          • Nibbles - Enumeration
          • Nibbles - Web Footprinting
          • Nibbles -Initial Foothold
          • Nibbles - Privilege Escalation
          • Nibbles - Alternate User Method - Metasploit
          • Common Pitfalls
          • Getting Help
          • Next Steps
          • Knowledge Check
        • File Transfer
          • Introduction
          • Windows File Transfer Methods
          • Linux File Transfer Methods
          • Transferring Files with Code
          • Miscellaneous File Transfer Methods
          • Protected File Transfers
          • Living off The Land
          • Detection
          • Evading Detection
        • Using the Metasploit Framework
          • Preface
          • Introduction to Metasploit
          • Introduction to MSFconsole
          • Modules
          • Targets
          • Payload
          • Encoders
          • Databases
          • Plugins
          • Sessions
          • Meterpreter
          • Writing and Importing Modules
          • Introduction to MSFVenom
          • Firewall and IDS/IPS Evasion
          • Metasploit-Framework Updates - August 2020
        • Shells & Payloads
          • Shells Jack Us In, Payloads Deliver Us Shells
          • CAT5 Security's Engagement Preparation
          • Anatomy of a Shell
          • Bind Shells
          • Reverse Shells
          • Introduction to Payloads
          • Automating Payloads & Delivery with Metasploit
          • Crafting Payloads with MSFvenom
          • Infiltrating Windows
          • Infiltrating Unix/Linux
          • Spawning Interactive Shells
          • Introduction to Web Shells
          • Laudanum, One Webshell to Rule Them All
          • Antak Webshell
          • PHP Web Shells
          • The Live Engagement
          • Detection & Prevention
        • Penetration Testing Process
          • Introduction to the Penetration Tester Path
          • Academy Modules Layout
          • Academy Exercises & Questions
          • Penetration Testing Overview
          • Laws and Regulations
          • Penetration Testing Process
          • Pre-Engagement
          • Information Gathering
          • Vulnerability Assessment
          • Exploitation
          • Post-Exploitation
          • Lateral Movement
          • Proof-of-Concept
          • Post-Engagement
          • Practice
        • Network Enumeration with Nmap
          • Enumeration
          • Introduction to Nmap
          • Host Discovery
          • Host and Port Scanning
          • Saving the Results
          • Service Enumeration
          • Nmap Scripting Engine
          • Performance
          • Firewall and IDS/IPS Evasion
          • Firewall and IDS/IPS Evasion - Easy Lab
          • Firewall and IDS/IPS Evasion - Medium Lab
          • Firewall and IDS/IPS Evasion - Hard Lab
        • Footprinting
          • Enumeration Principles
          • Enumeration Methodology
          • Domain Information
          • Cloud Resources
          • Staff
          • FTP
          • SMB
          • NFS
          • DNS
          • SMTP
          • IMAP / POP3
          • SNMP
          • MySQL
          • MSSQL
          • Oracle TNS
          • IPMI
          • Linux Remote Management Protocols
          • Windows Remote Management Protocols
          • Easy Lab
          • Medium Lab
          • Hard Lab
        • Information Gathering - Web Edition
          • Information Gathering
          • Whois
          • DNS
          • Passive Subdomain Enumeration
          • Passive Infrastructure Identification
          • Active Infrastructure Identification
          • Active Subdomain Enumeration
          • Virtual Hosts
          • Crawling
          • Information Gathering - Web - Skills Assessment
        • Attacking Common Services
          • Interacting with Common Services
          • The Concept of Attacks
          • Service Misconfigurations
          • Finding Sensitive Information
          • Attacking FTP
          • Latest FTP Vulnerabilities
          • Attacking SMB
          • Latest SMB Vulnerabilities
          • Attacking SQL Databases
          • Latest SQL Vulnerabilities
          • Attacking RDP
          • Latest RDP Vulnerabilities
          • Attacking DNS
          • Latest DNS Vulnerabilities
          • Attacking Email Services
          • Latest Email Service Vulnerabilities
          • Attacking Common Services - Easy Lab
          • Attacking Common Services - Medium
          • Attacking Common Services - Hard
        • Login Brute Forcing
          • Introduction to Brute Forcing
          • Password Attacks
          • Default Passwords
          • Username Brute Force
          • Hydra Modules
          • Determine Login Parameters
          • Login Form Attacks
          • Personalized Wordlists
          • Service Authentication Brute Forcing
          • Skills Assessment
          • Skills Assessment 2
        • Password Attacks
          • Theory of Protection
          • Credential Storage
          • John The Ripper
          • Network Services
          • Password Mutations
          • Password Reuse / Default Passwords
          • Attacking SAM
          • Attacking LSASS
          • Attacking Active Directory & NTDS.dit
          • Credential Hunting in Windows
          • Credential Hunting in Linux
          • Passwd, Shadow & Opasswd
          • Pass the Hash (PtH)
          • Pass the Ticket (PtT) from Windows
          • Pass the Ticket (PtT) from Linux
          • Protected Files
          • Protected Archives
          • Password Policies
          • Password Managers
          • Password Attacks Lab - Easy
          • Password Attacks Lab - Medium
          • Password Attacks Lab - Hard
        • Pivoting, Tunneling, and Port Forwarding
          • Introduction to Pivoting, Tunneling, and Port Forwarding
          • The Networking Behind Pivoting
          • Dynamic Port Forwarding with SSH and SOCKS Tunneling
          • Remote/Reverse Port Forwarding with SSH
          • Meterpreter Tunneling & Port Forwarding
          • Socat Redirection with a Reverse Shell
          • Socat Redirection with a Bind Shell
          • SSH for Windows: plink.exe
          • SSH Pivoting with Sshuttle
          • Web Server Pivoting with Rpivot
          • Port Forwarding with Windows Netsh
          • DNS Tunneling with Dnscat2
          • SOCKS5 Tunneling with Chisel
          • ICMP Tunneling with SOCKS
          • RDP and SOCKS Tunneling with SocksOverRDP
          • Skills Assessment
        • Active Directory Enumeration & Attacks
          • Introduction to Active Directory Enumeration & Attacks
          • Tools of the Trade
          • Scenario
          • External Recon and Enumeration Principles
          • Initial Enumeration of the Domain
          • LLMNR/NBT-NS Poisoning - from Linux
          • LLMNR/NBT-NS Poisoning - from Windows
          • Password Spraying Overview
          • Enumerating & Retrieving Password Policies
          • Password Spraying - Making a Target User List
          • Internal Password Spraying - from Linux
          • Internal Password Spraying - from Windows
          • Enumerating Security Controls
          • Credentialed Enumeration - from Linux
          • Credentialed Enumeration - from Windows
      • SOC Analyst
        • Incident Handling Process
          • Incident Handling
          • Cyber Kill Chain
          • Incident Handling Process Overview
          • Preparation Stage (Part 1)
          • Preparation Stage (Part 2)
          • Detection & Analysis Stage (Part 1)
          • Detection & Analysis Stage (Part 2)
          • Containment, Eradication, & Recovery Stage
          • Post-Incident Activity Stage
        • Security Monitoring & SIEM Fundamentals
          • SIEM Definition & Fundamentals
          • Introduction To The Elastic Stack
          • SOC Definition & Fundamentals
          • MITRE ATT&CK & Security Operations
          • SIEM Use Case Development
          • SIEM Visualization Example 1: Failed Logon Attempts (All Users)
          • SIEM Visualization Example 2: Failed Logon Attempts (Disabled Users)
          • SIEM Visualization Example 3: Successful RDP Logon Related To Service Accounts
          • SIEM Visualization Example 4: Users Added Or Removed From A Local Group (Within A Specific Timeframe
        • Understanding Log Sources & Investigating with Splunk
          • Introduction To Splunk & SPL
      • Windows Fundamentals
        • Introduction to Windows
        • Operating System Structure
        • File System
        • NTFS vs. Share Permissions
        • Windows Services & Processes
        • Service Permissions
        • Windows Sessions
        • Interacting with the Windows Operating System
        • Windows Management Instrumentation (WMI)
        • Microsoft Management Console (MMC)
        • Windows Subsystem for Linux (WSL)
        • Desktop Experience vs. Server Core
        • Windows Security
        • Skills Assessment - Windows Fundamentals
      • Introduction to Active Directory
        • Why Active Directory?
        • Active Directory Research Over the Years
        • Active Directory Structure
        • Active Directory Terminology
        • Active Directory Objects
        • Active Directory Functionality
        • Kerberos, DNS, LDAP, MSRPC
        • NTLM Authentication
        • User and Machine Accounts
        • Active Directory Groups
        • Active Directory Rights and Privileges
        • Security in Active Directory
        • Examining Group Policy
        • AD Administration: Guided Lab Part I
        • AD Administration: Guided Lab Part II
        • Wrapping It Up
      • Introduction to Networking
        • Networking Overview
        • Network Types
        • Networking Topologies
        • Proxies
        • Networking Models
        • The OSI Model
        • The TCP/IP Model
        • Network Layer
        • IP Addresses
        • Subnetting
  • Over The Wire
    • View
      • Bandit
        • Level 0
        • Level 1
        • Level 2
        • Level 3
        • Level 4
        • Level 5
        • Level 6
        • Level 7
        • Level 8
        • Level 9
        • Level 10
        • Level 11
        • Level 12
  • Under The Wire
    • View
  • PicoCTF
    • View
      • flag_shop
      • plumbing
      • Based
      • useless
      • chrono
      • First Find
      • runme.py
      • Serpentine
      • repetitions
      • Permissions
      • ASCII Numbers
      • Big Zip
      • PW Crack 4
      • PW Crack 3
      • PW Crack 2
      • PW Crack 1
      • HashingJobApp
      • Glitch Cat
      • fixme2.py
      • fixme1.py
      • convertme.py
      • Codebook
      • First Grep
      • Bases
      • strings it
      • what's a net cat?
      • Magikarp Ground Mission
      • Tab, Tab, Attack
      • Static ain't always noise
      • Transformation
      • Nice netcat...
      • information
      • Wave a flag
      • Python Wrangling
      • Mod 26
      • Obedient Cat
  • Portswigger
    • View
  • Hacker101
    • View
      • Micro-CMS v1
      • Trivial
  • Python
    • View
      • Files
        • Number 1 to 100
      • Hackerrank
        • Power - Mod Power
        • Mod Divmod
        • String Split and Join
        • What's Your Name?
        • Find the Runner-Up Score!
        • Print Function
        • Loops
        • Division
        • Arithmetic
        • Python If-Else
        • Hello World
  • SQL
    • View
      • Hackerrank
        • Higher Than 75 Marks
        • Weather Observation Station 1
        • Weather Observation Station 3
        • Weather Observation Station 4
        • Select By ID
        • Select All
        • Revising the Select Query II
        • Revising the Select Query I
        • Japanese Cities' Attributes
        • Japanese Cities' Name
  • Notes
    • View
      • IMPORTANTTTTT
        • Metasploit
        • Nmap
        • Laudanum
        • Sudo
        • LXD/LXC
      • Windows
        • Windows Management Instrumentation (WMI)
        • Windows Remote Management (WinRM)
        • NTDS.DIT
        • Built-in AD Groups
        • Schema Active Directory
        • Trusts Active Directory
        • Foreign Security Principals (FSPs)
        • Replication
        • SYSVOL
        • Fully Qualified Domain Name (FQDN)
        • Read-Only Domain Controller (RODC)
        • FSMO Roles
        • Global Unique Identifier (GUID)
        • Registry
        • User Account Control (UAC)
        • Access Control Entries (ACE)
        • Copying SAM Registry Hives
        • Security Accounts Manager (SAM)
        • Security Identifier (SID)
        • Execution Policy
        • Windows non-interactive accounts
        • Security Descriptor Definition Language (SDDL)
        • Windows System Structure
        • DACL and SACL
      • Nmap
        • Nmap UDP Scan
        • Nmap TCP Scans
        • Nmap Scripting Engine
      • Endpoint Detection and Response
      • SIEM
      • DMARC
      • Forward Proxy and Reverse Proxy
      • Brute Force/ Dictionary Attack
      • SMTP/IMAP/POP
      • Downloading subfinder
      • DNS
      • MITRE ATT&CK
      • Staged vs. Stageless Payloads
      • Server Log Poisoning
      • PHP Session Poisoning
      • secure_file_priv
      • Metasploit Payload
      • Metasploit Types
      • Types of Box
      • Vulnerable Machine/Applications
      • Cron Jobs
      • Webroot
      • Subdomains and Virtual hosts
      • Fuzzing/Gobuster Extensions
      • URI and URL
      • eXtensible Markup Language (XML)
      • Time to Live (TTL)
      • Stateful and Stateless Firewalls
      • IDS vs IPS vs SIEM
      • Intrusion Detection System (IDS) and Intrusion Prevention System (IPS)
      • Reconnaissance and Enumeration
      • Address Resolution Protocol
      • SSL Certificate
      • Transmission Control Protocol (TCP)
      • Dictionary and Brute Force Attack
      • Encoding, Encryption, Cryptography
  • Commands
    • View
      • Windows
        • Get-ADGroupMember
        • Get-ADGroup
        • Get-ADTrust
        • Get-ADUser
        • Get-ADDomain
        • Discover Modules
        • Get-LAPSComputers
        • Find-AdmPwdExtendedRights
        • Get-AppLockerPolicy
        • DomainPasswordSpray
        • PowerView
        • Inveight
        • Rubeus.exe
        • mimikatz.exe
        • Invoke-TheHash
        • laZagne.exe
        • Copying NTDS.dit via evil-winrm
        • Copying Registry Hives with reg.exe
        • reg add
        • net start
        • tscon
        • query user
        • New-PSDrive
        • findstr
        • dir
        • net use
        • net
        • Get-MpComputerStatus
        • Get-WmiObject
        • Get-ExecutionPolicy
        • get-alias
        • Get-ChildItem
        • Get-ACL
        • services.msc
        • tree
        • wmic
        • sc
        • icacls
        • winPEAS
        • Invoke-WebRequest
        • Certutil
        • Get-Service
      • Linux
        • steganography
          • Binwalk
          • Exiftool
          • steghide
          • stegseek
        • password cracking
          • John
          • Hashcat
        • remote desktop
          • rdesktop
          • xfreerdp
          • Remmina
        • common commands
          • grep
          • sed
          • env
          • watch
          • locate
          • tree
          • who
          • last/lastlog
          • stat
          • $PATH
          • 4 characters rockyou.txt
          • TR / CUT
          • Find
          • hexedit
          • Background Process
          • Sudo
          • netstat
          • xxd
        • web enumeration
          • Gobuster
          • ffuf/wfuzz
          • whatweb
        • linux blue team
          • chkrootkit
          • rkhunter
        • linux priv esc
          • laZagne
          • Getcap
          • Linpeas/LinEnum
          • SUID
          • crontab
        • credential hunting
          • Configuration Files
          • Credentials in Configuration Files
          • Databases
          • Notes
          • Scripts
          • Cronjobs
          • SSH
          • Bash History
          • Logs
          • mimipenguin.py
          • laZagne.py
          • firefox_decrypt.py
        • Zip files
          • gunzip
          • unzip
        • FTP
          • FTP - Connect
        • SSH
          • SSH - Connect
          • scp
        • DNS
          • host
          • subbrute
          • sublist3r
          • dnsdumpster
          • subfinder
          • dnsenum
          • dig
          • nslookup
          • fierce
        • SMTP
          • swaks
          • o365spray
          • smtp-user-enum
          • msfconsole
        • SMB
          • Hydra
          • metasploit
          • Sans SMB Cheatsheet
          • ntlmrelayx
          • Mount
          • SMB - Connect
          • netexec
          • Enum4Linux-ng
          • CrackMapExec
          • smbmap
          • rpcclient
          • impacket
          • Psexec
        • IMAP/POP3
          • telnet
          • Evolution
          • curl
          • openssl
          • IMAP - Commands
          • POP3 - Commands
        • SNMP
          • onesixtyone
          • snmpwalk
          • braa
        • Oracle TNS
          • odat
          • sqlplus
        • IPMI
          • msfconsole
        • Rsync
          • rsync
          • nc
          • nmap
        • R-Services
          • nmap
          • rlogin
          • rwho
          • rusers
        • MSSQL
          • MSSQL Commands
          • mssqlclient.py
          • sqsh
          • xp_cmdshell
        • RDP
          • Hydra
          • Crowbar
        • MySQL
        • NFS
        • WinRM
          • crackmapexec
          • Evil-Winrm
        • LDAP
          • ldapsearch
          • windapsearch
        • impacket
          • impacket-wmiexec
          • impacket-smbserver
          • impacket-samrdump
          • impacket-psexec
          • impacket-secretdumps
        • Port Forward
          • ssh
          • proxychains
          • chisel
          • rpivot
          • Netsh
        • bloodhound-python
        • kerbrute
        • tcpdump
        • Ping sweep
        • static binaries
        • Linikatz
        • Finding keytab
        • PS
        • realm
        • pypykatz
        • creds
        • cewl
        • username-anarchy
        • cupp
        • theHarvester
        • Responder
        • msf-virustotal
        • perl
        • php
        • ruby
        • aquatone
        • wafw00f
        • curl
        • msfconsole/meterpreter
        • sqlmap
        • arp-scan
        • nmap
        • Msfvenom
        • Res/PHP
        • enum4linux
        • md5sum
        • Python
        • Redis
        • Telnet
        • RSA
        • Medusa
        • Hydra
        • curl to python
      • LOLbas/GTFObins
      • SQL Injection
      • LFI
  • Google Chrome Password
    • Decrypt Google Chrome Password
    • LaZagne
  • Comptia Security+ 701
    • Professor Messor
      • Security Control
      • Zero Trust
      • Deception and Disruption
      • Change Management
      • Key exchange
      • Encryption Technologies
      • Obfuscation
      • Hashing and Digital Signatures
      • Blockchain Technology
      • Certificates
      • Threat Actors
      • Common Threat Vectors
      • Race Conditions
      • Hardware Vulnerabilities
      • Virtualization Vulnerabilities
      • Mobile Device Vulnerabilities
      • Spyware and Bloatware
      • Other Malware Types
      • Wireless Attacks
      • On-path Attacks
      • Replay Attacks
      • Cryptographic Attacks
      • Indicators of Compromise
      • Segmentation and Access Control
      • Mitigation Techniques
      • Hardening Techniques
      • Cloud Infrastructures
      • Network Infrastructure Concepts
      • Other Infrastructure Concepts
      • Infrastructure Considerations
      • Secure Infrastructures
      • Intrusion Prevention
      • Network Appliances
      • Port Security
      • Firewall Types
      • Secure Communication
      • Data Types and Classifications
      • States of Data
      • Protecting Data
      • Resiliency
      • Recovery Testing
      • Backups
      • Power Resiliency
      • Secure Baselines
      • Hardening Targets
      • Securing Wireless and Mobile
      • Wireless Security Settings
      • Application Security
      • Asset Management
      • Vulnerability Scanning
      • Threat Intelligence
      • Analyzing Vulnerabilities
      • Security Tools
      • Firewalls
      • Operating System Security
      • Email Security
      • Monitoring Data
      • Endpoint Security
      • Identity and Access Management
      • Access Controls
      • Multifactor Authentication
      • Password Security
      • Scripting and Automation
      • Incident Planning
      • Digital Forensics
      • Log Data
      • Security Policies
      • Security Procedures
      • Security Considerations
      • Data Roles and Responsibilities
      • Risk Management
      • Risk Analysis
      • Risk Management Strategies
      • Third-party Risk Assessment
      • Agreement Types
      • Compliance
      • Privacy
      • Audits and Assessments
      • Security Awareness
      • User Training
    • Incident Response Plan, Cyber kill chain
    • SD-WAN
    • MTTR, MTBF, RTO, RPO
    • NetFlow Logs
    • MTBF, MTTR, RPO, RTO
    • Data in-use, at-rest, in-transit
    • Disassociate vs Deauthentication
    • Data Custodians, Data Stewards, Data states, Data subject
    • Data Owners, Data Controllers, Data Processors
    • Public, Sensitive, Confidential, Restricted, Private, Critical
    • Bluejacking, Bluesnarfing, Bluebugging, Blueborne, Bluesmack
    • Private,Secret,Legal,Confidential
    • CTO,DPO,CIO,CSO
    • Amplified, Volumetric, Reflected, Application
    • Resource reuse, Resource exhaustion, Concurrent session usage
    • Rootkit, Backdoor
    • WPS,WAP,WPA,WAF,WPA2,WEP
    • MD5, SHA-3, RIPEMD-160,HMAC
    • CBC, GCM, ECB, CFB
    • ECDHE, ECDSA
    • PFS, PFX, ECB
    • Symmetric, Asymmetric
    • KEK
    • ECC, RC4, MD5, SHA-1, IDEA, DHE,DES,AES
    • TKIP, CCMP
    • AH, ESP, IKE
    • SMTPS,SRTP,SHTTP,S/MIME
    • GPG, PGP
    • FDE, EFS, SED
    • PKCS, PKI
    • BPA, BIA, SLE, and BCP
    • DLP, Radius, IPsec
    • keylogger
    • Compliance reporting, chain of custody, password vaults
    • SLE, ARO,ALE,RTO
    • Data owner, processor, subject, custodian
    • SCAP
    • SASE, RTOS, CRL
    • Playbook, Responsibility matrix, audit committee, right-to-audit
    • Blockchain, Secure enclave, Hashing
    • COPE, CYOD, SSO, BYOD
    • 802.1X, WPA3, PSK, MFA
    • Journaling
    • Record & Full-disk encryption
    • DMARC, SPF ,NAC, DKIM
    • RAS server
    • Vendors, Supplier, Distributors and MSP
    • Gap Analysis
    • Deception and disruption technology
    • Honeypot, token, file and net
    • Non-Repudiation
    • Data masking / Tokenization
    • open public ledger vs block chain
    • cryptographic key management (HSM, TPM, Secure Enclave, KMS)
    • Authentication methods
    • Wi-Fi Evolution | 802.11 Standards Explained
    • AAA and RADIUS vs TACACS+
    • asdasd
    • Phishing tactics
    • IDS/IPS - True/False Positive/Negative
    • Login Pacific
      • Chapter 1
      • Chapter 2
      • Chapter 3
      • Chapter 4
      • Chapter 5
      • Chapter 6
      • Chapter 7
    • Exam Compass
      • 601 - Test 1
      • Data Protection Concepts Quiz
      • Indicators of Malicious Activity Quiz
      • Application Attacks Quiz
      • Network Attacks Quiz
      • Malware Attacks Quiz
      • Security Vulnerabilities Quiz
      • Social Engineering Quiz
      • Threat Vectors & Attack Surfaces Quiz
      • Threat Actor Types Quiz
      • Digital Signatures Quiz
      • Hashing Quiz
      • Encryption Quiz
      • Security Controls Quiz
      • 701 - Test 1
      • 701 - Test 2
      • 701 - Test3
    • Udemy
      • CompTIA Security+ SY0-701: The Ultimate Practice Exam 2024
    • Crucial exam
      • Just 20 free qusetions
  • CCNA
    • Cisco Router, Firewall, Switch
    • UTP Cables / IEEE Ethernet Standard
    • OSI Model & TCP/IP Suite
    • Intro to the CLI
    • Ethernet LAN Switching
    • Ethernet LAN Switching (Part 2)
    • IPv4 Addressing (Part 1)
    • IPv4 Addressing (Part 2)
    • Switch Interfaces
    • IPv4 Header
    • Routing Fundamentals (Part 1)
    • Static Routing (Part 2)
    • The Life of a Packet
    • TRUE FORM OF SUBNET
    • Subnetting (Part 1)
    • Subnetting (Part 2)
    • Subnetting (Part 3 - VLSM)
    • VLANs (Part 1)
    • VLANs (Part 2)
    • VLANs (Part 3)
    • DTP/VTP
  • Malware Analysis Lab
  • TCM
    • Linux 100: Fundamentals
      • IP Sweep
    • Programming 100: Fundamentals
      • Functions
      • Basic Calculator
      • Lists
      • Tuples
      • Dictionaries
      • Importing
      • Sockets
      • Strings Revisite
      • Scanner
      • Writing Reusable and Testable Code
    • Practical Bug Bounty
      • LABS
        • Authentication 0x01
        • Authentication 0x02
        • Authentication 0x03 [Challenge]
        • Auth 0x04 IDOR 0x01
        • Auth 0x05 APIs 0x01
        • Auth 0x06
        • File Inclusion 0x01
        • File Inclusion 0x02
        • File Inclusion 0x03 [Challenge]
        • Injection 0x01
        • Injection 0x02
        • Injection 0x03 [Challenge]
        • Injection 0x04
        • XSS 0x01
        • XSS 0x02
        • XSS 0x03
        • Command Injection 0x01
        • Command Injection 0x02
        • Command injection 0x03 [Challenge]
        • SSTI 0x01
        • SSTI 0x02
        • XXE 0x01
        • Insecure file upload 0x01
        • Insecure file upload 0x02
        • Insecure file upload 0x03
        • CSRF 0x01
        • CSRF 0x02
        • SSRF 0x01
        • Open Redirect 0x01
      • Importantttttttt
      • Automated Scanner
      • XXE
      • SSTI
      • Command Injection
      • LFI/RFI
      • XSS
      • SQLi
      • Sites
      • sqlmap
      • curl
      • nmap
      • ffuf
      • dirb
      • dirbuster
      • subfinder
      • assetfinder
      • amass
      • Combining all result
      • httprobe
      • gowitness
      • burpsuite
      • hydra
      • JWT
      • authorize - burpsuite
    • Practical Web Hacking
      • Authentication
        • Lab: Password reset broken logic
        • Lab: Username enumeration via different responses
        • Lab: Username enumeration via subtly different responses
        • Lab: Username enumeration via response timing
        • Lab: Brute-forcing a stay-logged-in cookie
        • Lab: 2FA simple bypass
      • Access Control
        • Lab: User ID controlled by request parameter
        • Lab: Unprotected admin functionality
        • Lab: Insecure direct object references
        • Lab: Multi-step process with no access control on one step
        • Lab: Referer-based access control
      • SSRF
        • Lab: Basic SSRF against the local server
        • Lab: Basic SSRF against another back-end system
        • Lab: Blind SSRF with out-of-band detection
        • Lab: Blind SSRF with Shellshock exploitation
      • LFI/RFI
        • lab 1
        • lab 2
        • Lab: File path traversal, simple case
        • Lab: File path traversal, traversal sequences blocked with absolute path bypass
        • Lab: File path traversal, validation of start of path
      • XXE
        • Lab: Exploiting XXE using external entities to retrieve files
        • Exploiting XXE via image file upload
        • Lab: Exploiting XInclude to retrieve files
      • JWTs
        • jwt.io
        • Lab: JWT authentication bypass via unverified signature
        • Lab: JWT authentication bypass via flawed signature verification
      • find
      • ffuf
    • Web pen
Powered by GitBook
On this page
  1. Comptia Security+ 701
  2. Login Pacific

Chapter 4

Which of the following tunneling protocols encrypts VPN traffic using TLS over port 443?

Secure Socket Tunneling Protocol (SSTP)

What does a healthy Network Access Control (NAC) client typically require?

Up-to-date operating system with all patches and fixes, enabled firewall, and up-to-date antivirus software

Which of the following describes the operation of a RADIUS server in WPA2 Enterprise mode?

It requires users to authenticate with unique credentials, and blocks access if proper credentials are not provided.

What is the difference between wireless routers and wireless access points (APs) according to the CompTIA Security+ exam study material?

All wireless routers are APs, but not all APs are wireless routers.

What is a main benefit of using IPsec’s Tunnel mode over Transport mode?

The IP addresses that are used within the internal network are encrypted.

What is the purpose of a Wi-Fi analyzer in a site survey?

To identify activity on channels within the wireless spectrum and analyze activity in the 2.4-GHz and 5-GHz frequency ranges

What is a primary security concern when using direct access VPNs over a public network?

Unauthorized disclosure of encapsulated and encrypted traffic

Which of the following represents a common type of RFID attack?

Sniffing or eavesdropping

What is the primary purpose of MAC cloning in a security context?

To bypass MAC filtering by pretending to be an authorized system

What is one of the goals of a honeypot?

To allow security professionals to observe an attacker’s techniques.

Which of the following statements about Wi-Fi Protected Setup (WPS) is not true?

WPS is safe if it is used with WPA2.

What is the difference between the use of credentials in the Enterprise mode and PSK mode in WPA2, and which one provides the authentication?

Enterprise mode uses unique credentials for each user for authentication while PSK mode uses only a passphrase for authorization, not authentication

What is Bluejacking in the context of Bluetooth device attacks?

 It is the practice of sending unsolicited messages to nearby Bluetooth devices

What is a false positive in the context of IDSs?

It is when an IDS sends an alarm or alert when there is no actual attack.

Why is it a good practice to change the default SSID of an Access Point (AP)?

It prevents attackers from guessing the make and model of the AP

What is the main difference between Intrusion Detection Systems (IDSs) and Intrusion Prevention Systems (IPSs)?

IDSs detect potential attacks and IPSs prevent them

What is a primary indication of a Near Field Communication (NFC) attack?

Unauthorized charges on a credit card statement

What is the main difference between an Omni and directional antenna?

Omnidirectional antennas transmit and receive signals in all directions while directional antennas transmit in one direction.

What is one significant characteristic of the EAP-TTLS authentication protocol?

It allows systems to use some older authentication methods such as Password Authentication Protocol (PAP) within a TLS tunnel

What is the official default port for a RADIUS server in the context of WPA2 Enterprise mode?

1812

What is the primary difference between War Driving and War Flying?

War Driving involves walking or driving, while War Flying involves flying on planes or drones.

Which of the following statements about PAP (Password Authentication Protocol) and CHAP (Challenge Handshake Authentication Protocol) is correct?

PAP sends passwords over a network in cleartext.

EX - The Password Authentication Protocol (PAP) sends passwords across a network in cleartext, which is a significant security risk. Unlike PAP, the Challenge Handshake Authentication Protocol (CHAP) does not send passwords over the network in cleartext, making it more secure.

What is a significant weakness of the Password Authentication Protocol (PAP)?

It sends passwords over the network in cleartext.

What is one of the issues related to wireless networks mentioned in the text?

They are susceptible to vulnerabilities and many users don’t understand how to properly secure them.

In IPsec, what is the benefit of using Tunnel mode over Transport mode?

Tunnel mode encrypts both the payload and the packet headers, hiding internal networking addresses.

Which of the following accurately describes the term ’Bluesnarfing’?

It refers to the unauthorized access to, or theft of information from, a Bluetooth device

Which wireless security protocol is most vulnerable to attacks?

WPA with TKIP

What differentiates an always-on VPN from an on-demand VPN?

Always-on VPNs create a connection as soon as the user’s device connects to the Internet.

What is the main consequence of a SYN flood attack?

Resources on the server are consumed and can cause it to crash

Which of the following is the BEST description of an Evil Twin in network security?

It is a rogue access point that uses the same (or similar) SSID as a legitimate access point to trick users into connecting with it.

What were some of the early wireless cryptographic protocols, and why are they not recommended for use today?

WEP and WPA, because they are easy to exploit

Where should sensors be installed if you want to monitor all attacks on your network?

On the Internet side of the firewall

What does an HTML5 VPN portal use to encrypt its sessions?

TLS

What describes a key way in which heuristic/behavioral detection systems operate?

They compare current network behavior against a baseline of normal operating conditions to detect potential attacks.

What are the two primary detection methods used for attack detection in an IDS (Intrusion detection system)?

Signature-based and anomaly-based

What is the primary purpose of a honeypot in a live network?

 To deceive attackers and divert them from the live network

Which of the following statements is correct regarding Wireless Access Points (APs) and wireless routers based on the given text?

All wireless routers are APs, but not all APs are wireless routers.

What is a true negative in IDS or IPS?

When an IDS or IPS does not send an alarm or alert, and there is no actual attack.

What are the two essential security benefits that TACACS+ provides over RADIUS?

TACACS+ encrypts the entire authentication process and uses multiple challenges and responses

What is a primary feature or capability of signature-based IDSs?

They use a database of known vulnerabilities or known attack patterns to detect threats

Which cryptographic protocol does WPA3 use instead of the Pre-shared Key (PSK) used with WPA2?

Simultaneous Authentication of Equals (SAE)

Ex - WPA3 uses Simultaneous Authentication of Equals (SAE) instead of the Pre-shared Key (PSK) used with WPA2. This leads to a stronger security protocol.

Which of the following best describes a ’false negative’ in the context of an Intrusion Detection System (IDS)?

It is when an attacker is actively attacking the network, but the system fails to detect it.

What is the best protection against wireless replay attacks?

Implementing WPA2 and WPA3

Ex - WPA2 and WPA3 are resistant to replay attacks, thus they offer the best protection against such attacks.

Which wireless standard uses both the 2.4 GHz and 5 GHz bands?

801.11n

What type of acknowledgment does a captive portal typically ask for when offering free Internet access?

Users to check a box agreeing to an acceptable use policy (AUP)

What is the purpose of a honeynet in cyber security?

To deceive attackers and prevent them from attacking the live network

What is a captive portal and how can it be used as an alternative to IEEE 802.1X?

It is a network management solution that redirects users to a splash page before granting them access to the Internet.

What is the function of the Authentication Header (AH) in IPsec?

It allows the IPsec conversation hosts to authenticate with each other

What is the main function of a honeyfile in cybersecurity?

It’s a decoy file designed to lure and deceive attackers

What is the difference between a wireless access point (AP) and a wireless router according to the CompTIA Security+ SY0-701 text?

All wireless routers are APs, but not all APs are wireless routers

What is the primary difference between IPS and IDS systems?

An IPS can detect, react to, and prevent attacks, while an IDS only monitors and responds to attacks after they’ve commenced.

What are the limitations of a Network-based Intrusion Detection System (NIDS)?

 It cannot detect anomalies on individual systems or decrypt encrypted traffic

Where does the traffic pass through for a host-based intrusion detection system (HIDS) to monitor?

Through the network interface card (NIC)

What does Chapter 3, ’Exploring Network Technologies and Tools’, cover?

Basic network technologies and protocols

What are the cryptographic protocols used by WPA2 (IEEE 802.11i)?

AES and CCMP

Ex - WPA2 (IEEE 802.11i) uses strong cryptographic protocols such as Advanced Encryption Standard (AES) and Counter-mode/CBC-MAC Protocol (CCMP).

What is the primary purpose of a honeypot in a network security context?

To deceive attackers and divert them from the live network

How does the Challenge Handshake Authentication Protocol (CHAP) maintain security during authentication as compared to Password Authentication Protocol (PAP)?

CHAP combines the shared secret with a nonce, hashes it, and sends it over the network.

Ex - CHAP is more secure than PAP as it does not send the shared secret (similar to a password) in plaintext over the network. Instead, it combines the shared secret with a unique, non-repeating number (nonce), hashes it, and sends it over the network, thereby preventing interception and misuse of the data.

Which EAP method provides an extra layer of protection for the usual EAP method by encapsulating and encrypting the EAP conversation in a Transport Layer Security (TLS) tunnel?

PEAP

Ex - PEAP (Protected EAP) provides an additional layer of protection for standard EAP by encapsulating and encrypting the EAP conversation within a Transport Layer Security (TLS) tunnel. This ensures the communication channel is secured, even in situations where the physical security might be compromised.

What is the purpose of reporting based on rules within an Intrusion Detection System (IDS)?

To allow administrators to configure rules based on organizational requirements

What is meant by ’True Positive’ in the context of Intrusion Detection Systems (IDS)?

It occurs when an IDS or IPS sends an alarm or alert after recognizing an attack.

What is unique about using the PSK mode with WPA2, as opposed to Enterprise mode?

PSK mode does not provide authentication

Ex - PSK mode offers access to the network anonymously using a pre-shared key or a passphrase, but it does not provide authentication. The user’s identity is not established in PSK mode, which is why it is less secure than Enterprise mode.

What is the primary purpose of a captive portal?

To force users using web browsers to complete a certain process before allowing network access

Which of the following protocols does NOT provide all three AAA services; authentication, authorization, and accounting?

Kerberos

Ex - Kerberos is sometimes referred to as an AAA protocol, but it does not provide any accounting services.

What is the main purpose of RADIUS Federation in 802.1X servers?

To enable a federation using 802.1X and RADIUS servers, allowing users to log on once and access shared resources with the other entity without logging on again

What is the primary purpose of a captive portal in the context of paid internet access?

To authenticate users

Why is L2TP not used by itself for VPN traffic?

L2TP does not provide any encryption

Ex - L2TP does not provide any encryption. Because of this, it cannot be used by itself for VPN traffic. Instead, data must be encrypted with another protocol, such as IPsec, before being passed to L2TP for transport over the VPN.

Which of the following statements is correct according to the text?

All wireless routers are APs.

What is one of the major benefits of using a centralized RADIUS server as compared to separate databases for each VPN server?

It cuts down on labor and potential errors associated with updating multiple databases

Ex -  As per the information provided, RADIUS is a centralized authentication service, which means it eliminates the need for keeping separate databases for each VPN server. When there’s a change, like modification to the password, it’s easier to update one central server than multiple separate ones. Thus, the use of a RADIUS server can simplify operations and reduce potential errors as well as labor involved.

Which of the following authentication protocols was designed by Cisco as a secure replacement for Lightweight EAP (LEAP), and supports but does not require certificates?

EAP-FAST

Ex - Cisco designed EAP-FAST (Flexible Authentication via Secure Tunneling) as a secure replacement for Lightweight EAP (LEAP). Digital certificates are supported in EAP-FAST, but they are not mandatory.

What makes Protected EAP (PEAP) different from other authentication protocols?

PEAP provides an extra layer of protection by encapsulating and encrypting the EAP conversation in a Transport Layer Security (TLS) tunnel.

What does a heat map produced by a site survey tool show in a wireless network?

The color-coded representation of wireless signals strength.

Ex - A heat map, created by a site survey tool, provides a color-coded representation of wireless signal strengths within the surveyed area. This allows administrators to identify where wireless signals are strongest and spots where signals may be weak or non-existent.

Why is physical security important for Access Points (APs)?

Unauthorized devices can be connected to APs by attackers to collect network traffic

Ex - If attackers can physically access an AP, they can connect unauthorized devices to it and collect network traffic. This activity can compromise sensitive information and disrupt network operations.

What is a common method used by attackers to degrade the performance of a wireless network?

Transmitting noise or another radio signal on the same frequency used by the network

What is the difference between a split tunnel and a full tunnel in the context of a VPN?

A full tunnel encrypts all traffic after a user has connected to a VPN while a split tunnel only encrypts traffic destined for the VPN’s private network.

What is a key requirement for conducting a sniffing or eavesdropping attack on an RFID system?

The attacker needs to know the system frequency of the RFID

Ex - To successfully sniff or eavesdrop on an RFID system, an attacker must know the RFID system’s frequency and have a receiver tuned to that frequency. Additionally, the attacker needs to know the protocols used by the RFID system to interpret the data.

What is the potential threat of fake telemetry data in SCADA systems as shown in the Massachusetts example?

It can cause excessive pressure leading to explosions

Ex - The example provided shows that incorrect telemetry data can prompt the system to produce excessive pressure in natural gas lines, potentially leading to dangerous explosions.

Which of the following best describes a Denial-of-Service (DoS) attack on an RFID system?

Flooding the RFID system’s frequency with noise causing disruption in normal services

Which EAP method requires certificates on both the server and the clients?

EAP-TLS

Ex - EAP-Transport Layer Security (EAP-TLS) is one of the most secure EAP standards. It requires certificates on both the 802.1X server and the clients. These certificates help provide strong authentication and encryption services.

Which of the following best describes the action of a ’bluebugging’ attack?

Install a backdoor after gaining full access to a Bluetooth device, allowing the attacker to listen in on conversations and access other functionality of the phone

What is a rogue access point (rogue AP) as discussed in the text?

An access point installed within a network without official authorization

Ex - As described in the text, a rogue AP is an access point placed within a network without official authorization. It might be installed by an employee bypassing security or by an attacker.

What is the main vulnerability of WEP protocol that makes it easy to crack?

It uses a small initialization vector (IV) and reuses keys

Ex - WEP, an early wireless security protocol, uses a relatively small 24-bit number for the IV. This small IV resulted in wireless networks reusing keys, which means the same IV gets used repeatedly, making WEP easy to crack by enabling the attacker to predict the IV and thus decrypt the communication.

What role must be enabled to create a VPN on a Windows server?

Direct Access VPN role

Ex - If you have a Windows server, you can enable the Direct Access VPN role and configure the Routing and Remote Access console to create a VPN.

Which version of an NAC agent is mistakenly referred to as an ’agentless’ capability by some NAC vendors according to the text?

Dissolvable agent

Ex - According to the text, some NAC vendors refer to dissolvable agents as an agentless capability, even though this is somewhat of a misnomer. A dissolvable agent is downloaded and runs on the client when the client logs on remotely, provides information and status back to the NAC system, then removes itself.

What method can an attacker use to bypass MAC filtering in a wireless network?

Impersonating an allowed MAC address

What is a false positive in the context of IDS or IPS?

When an IDS or IPS sends an alarm or alert when there is no actual attack.

What does a Replay attack in the context of RFID systems refer to?

Configuring a bogus tag to mimic the tag attached to a valuable object

Ex - A Replay attack in RFID systems typically involves an attacker eavesdropping on communication to gather data from a legitimate tag. The attacker then uses this data to configure a bogus tag that mimics the original, allowing them to fool the system into thinking that the stolen object is still in place.

What is the role of an 802.1X server in a network?

It provides port-based authentication and prevents rogue devices from connecting.

Ex - The 802.1X server provides port-based authentication, ensuring only authorized clients can connect to the device or network. It can prevent rogue devices from connecting by requiring authentication for each port. This means before a client can gain access to the network, they must authenticate themselves. If they cannot do this, network access is blocked.

What is a disassociation attack?

It’s an attack that involves sending a disassociation frame to the wireless access point with a spoofed MAC address of the victim.

What is a key advantage of the site-to-site VPN model as compared to a traditional remote access VPN?

It requires no additional steps from the user

Ex - The site-to-site VPN model allows networks to connect without requiring additional steps on the user’s part. This is a key advantage over traditional remote access VPNs (host-to-gateway model), where the end user must make a direct connection to the VPN server.

Where does a VPN server typically send a user’s log-in credentials for validation?

To the internal RADIUS server

Ex -The VPN server sends the user’s log-in credentials to the internal RADIUS server for validation. The RADIUS server may have a database of users and passwords, but it’s more common for it to pass the credentials on to another server (like an LDAP server) for validation.

What is the difference between Bluesnarfing and Bluebugging?

Bluesnarfing refers to unauthorized access to or theft of information from a Bluetooth device, while Bluebugging also involves installing a backdoor in addition to gaining full access to the device.

What is one method of performing a site survey when planning and deploying a wireless network?

Using a Wi-Fi analyzer

Ex - The text states that one method of performing a site survey is with a Wi-Fi analyzer. Wi-Fi analyzers identify activity on channels within the wireless spectrum and analyze activity in the 2.4-Ghz and 5-GHz frequency ranges.

What is the key difference between PEAP and EAP-TLS?

EAP-TLS requires certificates on the 802.1X server and the clients

Ex - EAP-TLS is different from PEAP and EAP-TTLS in the fact that it requires certificates on both the 802.1X server as well as the clients. This provides additional security for the communications.
PreviousChapter 3NextChapter 5

Last updated 11 months ago