kyou
  • WHOAMI
    • Robemar Aviles
  • Tryhackme
    • View
      • Advent of Cyber 2024
        • Day 01
        • Day 02
      • Boiler CTF
      • Anonymous
      • Archangel
      • Lian_Yu
      • Gaming Server
      • Chocolate Factory
      • Easy Peasy
      • Brute It
      • Ignite
      • Brooklyn Nine Nine
      • TryHack3M: Bricks Heist
      • Dreaming
      • Overpass 1
      • SQLMAP
      • Chill Hack
      • Year of the rabbit
      • Become a hacker
      • Golden Eye
      • Mr. Robot
      • Linux File System Analysis
      • Skynet
      • Fowsniff
      • Introduction to OWASP Zap
      • Brute Force Heroes
      • Game Zone
      • Lazy Admin
      • Bounty Hacker
      • OOB XXE
      • HackPark
      • Alfred
      • Windows Local Persistence
      • Hacking with PowerShell
      • Phishing
      • Python for Pentesters
      • Wireshark: The Basics
      • Hydra
      • Governance & Regulation
      • Junior Security Analyst Intro
      • Wonderland
      • Burp Suite: The Basics (Old)
      • Burp Suite: Extensions
      • Burp Suite: Other Modules
      • Burp Suite: Intruder
      • Net Sec Challenge
      • Nmap Post Port Scans
      • Nmap Advanced Port Scans
      • Nmap Basic Port Scans
      • Nmap Live Host Discovery
      • Protocols and Servers 2
      • Protocols and Servers
      • Command Injection
      • Cross-Site Scripting
      • Vulnerability Capstone
      • Exploit Vulnerabilities
      • Intro to SSRF
      • File Inclusion
      • IDOR
      • Authentication Bypass
      • Subdomain Enumeration
      • Windows Privilege Escalation
      • Steel Mountain
      • Upload Vulnerabilities
      • Blue
      • Looking Glass
      • Metasploit: Exploitation
      • Metasploit: Meterpreter
      • What the shell?
      • Common Linux Privesc
      • John The Ripper
      • Hashing - Crypto 101
      • Crack the hash
      • Res
      • Wireshark: The Basics
      • Network Services 2
      • Network Services
      • Break Out The Cage
      • Anthem
      • Ice
      • Startup
      • Kenobi
      • Bolt
      • Basic Pentesting
      • Linux Privilege Escalation
      • Source
      • Agent Sudo
      • Red Team Fundamentals
      • Red Team Engagement
      • Cyborg
      • Pre Security
        • OSI Model
        • Packets & Frames
        • Extending your network
        • Putting it all together
        • How websites work
      • Introduction to Cyber Security
        • Intro to Defensive Security
        • Careers in Cyber
        • Network Security
        • Security Operations
        • Operating System Security
  • Hack the box
    • View
      • Oopsie
      • Windows Fundamentals
      • Archetype
      • Bizness
      • Three
      • Redeemer
      • Dancing
      • Fawn
      • Meow
      • Responder
      • Crocodile
      • Sequel
      • Appointment
  • Academy HTB
    • View
      • Bug Bounty Hunter
        • Before exam
        • Exploits
          • HTML Injection
          • Cross-Site Scripting (XSS)
          • Cross-Site Request Forgery (CSRF)
          • SQL Injection
          • Local File Inclusion (LFI)
          • Remote File Inclusion
          • Command Injection
          • Insecure Direct Object Reference (IDOR)
          • XML External Entity (XXE)
        • Commands
          • curl
          • mysql
        • Web Requests
          • Hypertext Transfer Protocol (HTTP)
          • Hypertext Transfer Protocol Secure (HTTPS)
          • HTTP Requests and Responses
          • HTTP Headers
          • HTTP Methods and Codes
          • GET
          • POST
          • CRUD API
        • Introduction to Web Applications
          • Introduction
          • Web Application Layout
          • Front End vs. Back End
          • HTML
          • CSS
          • JavaScript
          • Sensitive Data Exposure
          • HTML Injection
          • Cross-Site Scripting (XSS)
          • Cross-Site Request Forgery (CSRF)
          • Back End Servers
          • Web Servers
          • Databases
          • Development Framework & APIs
          • Common Web Vulnerabilities
          • Public Vulnerabilities
          • Next Steps
        • Attacking Web Application with Ffuf
          • Introduction
          • Web Fuzzing
          • Directory Fuzzing
          • Page Fuzzing
          • Recursive Fuzzing
          • DNS Records
          • Sub-domain Fuzzing
          • Vhost Fuzzing
          • Filtering Results
          • Parameter Fuzzing - GET
          • Parameter Fuzzing - POST
          • Value Fuzzing
          • Skills Assessment
        • SQL Injection Fundamentals
          • Introduction
          • Intro to Databases
          • Types of Databases
          • Intro to MySQL
          • SQL Statements
          • Query Results
          • SQL Operators
          • Intro to SQL Injections
          • Subverting Query Logic
          • Using Comments
          • Union Clause
          • Union Injection
          • Database Enumeration
          • Reading Files
          • Writing Files
          • Mitigating SQL Injection
          • Skills Assessment - SQL Injection Fundamentals
        • File Inclusion
          • Intro to File Inclusions
          • Local File Inclusion (LFI)
          • Basic Bypasses
          • PHP Filters
          • PHP Wrappers
          • Remote File Inclusion (RFI)
          • LFI and File Uploads
          • Log Poisoning
          • Automated Scanning
          • File Inclusion Prevention
          • Skills Assessment - File Inclusion
        • Web Attacks
          • Introduction to Web Attacks
          • Intro to HTTP Verb Tampering
          • Bypassing Basic Authentication
          • Bypassing Security Filters
          • Verb Tampering Prevention
          • Intro to IDOR
          • Identifying IDORs
          • Mass IDOR Enumeration
          • Bypassing Encoded References
          • IDOR in Insecure APIs
          • Chaining IDOR Vulnerabilities
          • IDOR Prevention
          • Intro to XXE
          • Local File Disclosure
          • Advanced File Disclosure
          • Blind Data Exfiltration
          • XXE Injector
          • XXE Prevention
          • Web Attacks - Skills Assessment
      • Penetration Tester
        • Getting Started
          • Infosec Overview
          • Getting Started with a Pentest Distro
          • Staying Organized
          • Connecting Using VPN
          • Common Terms
          • Basic Tools
          • Service Scanning
          • Web Enumeration
          • Public exploits
          • Types of shells
          • Privilege Escalation
          • Transferring Files
          • Starting Out
          • Navigating HTB
          • Nibbles - Enumeration
          • Nibbles - Web Footprinting
          • Nibbles -Initial Foothold
          • Nibbles - Privilege Escalation
          • Nibbles - Alternate User Method - Metasploit
          • Common Pitfalls
          • Getting Help
          • Next Steps
          • Knowledge Check
        • File Transfer
          • Introduction
          • Windows File Transfer Methods
          • Linux File Transfer Methods
          • Transferring Files with Code
          • Miscellaneous File Transfer Methods
          • Protected File Transfers
          • Living off The Land
          • Detection
          • Evading Detection
        • Using the Metasploit Framework
          • Preface
          • Introduction to Metasploit
          • Introduction to MSFconsole
          • Modules
          • Targets
          • Payload
          • Encoders
          • Databases
          • Plugins
          • Sessions
          • Meterpreter
          • Writing and Importing Modules
          • Introduction to MSFVenom
          • Firewall and IDS/IPS Evasion
          • Metasploit-Framework Updates - August 2020
        • Shells & Payloads
          • Shells Jack Us In, Payloads Deliver Us Shells
          • CAT5 Security's Engagement Preparation
          • Anatomy of a Shell
          • Bind Shells
          • Reverse Shells
          • Introduction to Payloads
          • Automating Payloads & Delivery with Metasploit
          • Crafting Payloads with MSFvenom
          • Infiltrating Windows
          • Infiltrating Unix/Linux
          • Spawning Interactive Shells
          • Introduction to Web Shells
          • Laudanum, One Webshell to Rule Them All
          • Antak Webshell
          • PHP Web Shells
          • The Live Engagement
          • Detection & Prevention
        • Penetration Testing Process
          • Introduction to the Penetration Tester Path
          • Academy Modules Layout
          • Academy Exercises & Questions
          • Penetration Testing Overview
          • Laws and Regulations
          • Penetration Testing Process
          • Pre-Engagement
          • Information Gathering
          • Vulnerability Assessment
          • Exploitation
          • Post-Exploitation
          • Lateral Movement
          • Proof-of-Concept
          • Post-Engagement
          • Practice
        • Network Enumeration with Nmap
          • Enumeration
          • Introduction to Nmap
          • Host Discovery
          • Host and Port Scanning
          • Saving the Results
          • Service Enumeration
          • Nmap Scripting Engine
          • Performance
          • Firewall and IDS/IPS Evasion
          • Firewall and IDS/IPS Evasion - Easy Lab
          • Firewall and IDS/IPS Evasion - Medium Lab
          • Firewall and IDS/IPS Evasion - Hard Lab
        • Footprinting
          • Enumeration Principles
          • Enumeration Methodology
          • Domain Information
          • Cloud Resources
          • Staff
          • FTP
          • SMB
          • NFS
          • DNS
          • SMTP
          • IMAP / POP3
          • SNMP
          • MySQL
          • MSSQL
          • Oracle TNS
          • IPMI
          • Linux Remote Management Protocols
          • Windows Remote Management Protocols
          • Easy Lab
          • Medium Lab
          • Hard Lab
        • Information Gathering - Web Edition
          • Information Gathering
          • Whois
          • DNS
          • Passive Subdomain Enumeration
          • Passive Infrastructure Identification
          • Active Infrastructure Identification
          • Active Subdomain Enumeration
          • Virtual Hosts
          • Crawling
          • Information Gathering - Web - Skills Assessment
        • Attacking Common Services
          • Interacting with Common Services
          • The Concept of Attacks
          • Service Misconfigurations
          • Finding Sensitive Information
          • Attacking FTP
          • Latest FTP Vulnerabilities
          • Attacking SMB
          • Latest SMB Vulnerabilities
          • Attacking SQL Databases
          • Latest SQL Vulnerabilities
          • Attacking RDP
          • Latest RDP Vulnerabilities
          • Attacking DNS
          • Latest DNS Vulnerabilities
          • Attacking Email Services
          • Latest Email Service Vulnerabilities
          • Attacking Common Services - Easy Lab
          • Attacking Common Services - Medium
          • Attacking Common Services - Hard
        • Login Brute Forcing
          • Introduction to Brute Forcing
          • Password Attacks
          • Default Passwords
          • Username Brute Force
          • Hydra Modules
          • Determine Login Parameters
          • Login Form Attacks
          • Personalized Wordlists
          • Service Authentication Brute Forcing
          • Skills Assessment
          • Skills Assessment 2
        • Password Attacks
          • Theory of Protection
          • Credential Storage
          • John The Ripper
          • Network Services
          • Password Mutations
          • Password Reuse / Default Passwords
          • Attacking SAM
          • Attacking LSASS
          • Attacking Active Directory & NTDS.dit
          • Credential Hunting in Windows
          • Credential Hunting in Linux
          • Passwd, Shadow & Opasswd
          • Pass the Hash (PtH)
          • Pass the Ticket (PtT) from Windows
          • Pass the Ticket (PtT) from Linux
          • Protected Files
          • Protected Archives
          • Password Policies
          • Password Managers
          • Password Attacks Lab - Easy
          • Password Attacks Lab - Medium
          • Password Attacks Lab - Hard
        • Pivoting, Tunneling, and Port Forwarding
          • Introduction to Pivoting, Tunneling, and Port Forwarding
          • The Networking Behind Pivoting
          • Dynamic Port Forwarding with SSH and SOCKS Tunneling
          • Remote/Reverse Port Forwarding with SSH
          • Meterpreter Tunneling & Port Forwarding
          • Socat Redirection with a Reverse Shell
          • Socat Redirection with a Bind Shell
          • SSH for Windows: plink.exe
          • SSH Pivoting with Sshuttle
          • Web Server Pivoting with Rpivot
          • Port Forwarding with Windows Netsh
          • DNS Tunneling with Dnscat2
          • SOCKS5 Tunneling with Chisel
          • ICMP Tunneling with SOCKS
          • RDP and SOCKS Tunneling with SocksOverRDP
          • Skills Assessment
        • Active Directory Enumeration & Attacks
          • Introduction to Active Directory Enumeration & Attacks
          • Tools of the Trade
          • Scenario
          • External Recon and Enumeration Principles
          • Initial Enumeration of the Domain
          • LLMNR/NBT-NS Poisoning - from Linux
          • LLMNR/NBT-NS Poisoning - from Windows
          • Password Spraying Overview
          • Enumerating & Retrieving Password Policies
          • Password Spraying - Making a Target User List
          • Internal Password Spraying - from Linux
          • Internal Password Spraying - from Windows
          • Enumerating Security Controls
          • Credentialed Enumeration - from Linux
          • Credentialed Enumeration - from Windows
      • SOC Analyst
        • Incident Handling Process
          • Incident Handling
          • Cyber Kill Chain
          • Incident Handling Process Overview
          • Preparation Stage (Part 1)
          • Preparation Stage (Part 2)
          • Detection & Analysis Stage (Part 1)
          • Detection & Analysis Stage (Part 2)
          • Containment, Eradication, & Recovery Stage
          • Post-Incident Activity Stage
        • Security Monitoring & SIEM Fundamentals
          • SIEM Definition & Fundamentals
          • Introduction To The Elastic Stack
          • SOC Definition & Fundamentals
          • MITRE ATT&CK & Security Operations
          • SIEM Use Case Development
          • SIEM Visualization Example 1: Failed Logon Attempts (All Users)
          • SIEM Visualization Example 2: Failed Logon Attempts (Disabled Users)
          • SIEM Visualization Example 3: Successful RDP Logon Related To Service Accounts
          • SIEM Visualization Example 4: Users Added Or Removed From A Local Group (Within A Specific Timeframe
        • Understanding Log Sources & Investigating with Splunk
          • Introduction To Splunk & SPL
      • Windows Fundamentals
        • Introduction to Windows
        • Operating System Structure
        • File System
        • NTFS vs. Share Permissions
        • Windows Services & Processes
        • Service Permissions
        • Windows Sessions
        • Interacting with the Windows Operating System
        • Windows Management Instrumentation (WMI)
        • Microsoft Management Console (MMC)
        • Windows Subsystem for Linux (WSL)
        • Desktop Experience vs. Server Core
        • Windows Security
        • Skills Assessment - Windows Fundamentals
      • Introduction to Active Directory
        • Why Active Directory?
        • Active Directory Research Over the Years
        • Active Directory Structure
        • Active Directory Terminology
        • Active Directory Objects
        • Active Directory Functionality
        • Kerberos, DNS, LDAP, MSRPC
        • NTLM Authentication
        • User and Machine Accounts
        • Active Directory Groups
        • Active Directory Rights and Privileges
        • Security in Active Directory
        • Examining Group Policy
        • AD Administration: Guided Lab Part I
        • AD Administration: Guided Lab Part II
        • Wrapping It Up
      • Introduction to Networking
        • Networking Overview
        • Network Types
        • Networking Topologies
        • Proxies
        • Networking Models
        • The OSI Model
        • The TCP/IP Model
        • Network Layer
        • IP Addresses
        • Subnetting
  • Over The Wire
    • View
      • Bandit
        • Level 0
        • Level 1
        • Level 2
        • Level 3
        • Level 4
        • Level 5
        • Level 6
        • Level 7
        • Level 8
        • Level 9
        • Level 10
        • Level 11
        • Level 12
  • Under The Wire
    • View
  • PicoCTF
    • View
      • flag_shop
      • plumbing
      • Based
      • useless
      • chrono
      • First Find
      • runme.py
      • Serpentine
      • repetitions
      • Permissions
      • ASCII Numbers
      • Big Zip
      • PW Crack 4
      • PW Crack 3
      • PW Crack 2
      • PW Crack 1
      • HashingJobApp
      • Glitch Cat
      • fixme2.py
      • fixme1.py
      • convertme.py
      • Codebook
      • First Grep
      • Bases
      • strings it
      • what's a net cat?
      • Magikarp Ground Mission
      • Tab, Tab, Attack
      • Static ain't always noise
      • Transformation
      • Nice netcat...
      • information
      • Wave a flag
      • Python Wrangling
      • Mod 26
      • Obedient Cat
  • Portswigger
    • View
  • Hacker101
    • View
      • Micro-CMS v1
      • Trivial
  • Python
    • View
      • Files
        • Number 1 to 100
      • Hackerrank
        • Power - Mod Power
        • Mod Divmod
        • String Split and Join
        • What's Your Name?
        • Find the Runner-Up Score!
        • Print Function
        • Loops
        • Division
        • Arithmetic
        • Python If-Else
        • Hello World
  • SQL
    • View
      • Hackerrank
        • Higher Than 75 Marks
        • Weather Observation Station 1
        • Weather Observation Station 3
        • Weather Observation Station 4
        • Select By ID
        • Select All
        • Revising the Select Query II
        • Revising the Select Query I
        • Japanese Cities' Attributes
        • Japanese Cities' Name
  • Notes
    • View
      • IMPORTANTTTTT
        • Metasploit
        • Nmap
        • Laudanum
        • Sudo
        • LXD/LXC
      • Windows
        • Windows Management Instrumentation (WMI)
        • Windows Remote Management (WinRM)
        • NTDS.DIT
        • Built-in AD Groups
        • Schema Active Directory
        • Trusts Active Directory
        • Foreign Security Principals (FSPs)
        • Replication
        • SYSVOL
        • Fully Qualified Domain Name (FQDN)
        • Read-Only Domain Controller (RODC)
        • FSMO Roles
        • Global Unique Identifier (GUID)
        • Registry
        • User Account Control (UAC)
        • Access Control Entries (ACE)
        • Copying SAM Registry Hives
        • Security Accounts Manager (SAM)
        • Security Identifier (SID)
        • Execution Policy
        • Windows non-interactive accounts
        • Security Descriptor Definition Language (SDDL)
        • Windows System Structure
        • DACL and SACL
      • Nmap
        • Nmap UDP Scan
        • Nmap TCP Scans
        • Nmap Scripting Engine
      • Endpoint Detection and Response
      • SIEM
      • DMARC
      • Forward Proxy and Reverse Proxy
      • Brute Force/ Dictionary Attack
      • SMTP/IMAP/POP
      • Downloading subfinder
      • DNS
      • MITRE ATT&CK
      • Staged vs. Stageless Payloads
      • Server Log Poisoning
      • PHP Session Poisoning
      • secure_file_priv
      • Metasploit Payload
      • Metasploit Types
      • Types of Box
      • Vulnerable Machine/Applications
      • Cron Jobs
      • Webroot
      • Subdomains and Virtual hosts
      • Fuzzing/Gobuster Extensions
      • URI and URL
      • eXtensible Markup Language (XML)
      • Time to Live (TTL)
      • Stateful and Stateless Firewalls
      • IDS vs IPS vs SIEM
      • Intrusion Detection System (IDS) and Intrusion Prevention System (IPS)
      • Reconnaissance and Enumeration
      • Address Resolution Protocol
      • SSL Certificate
      • Transmission Control Protocol (TCP)
      • Dictionary and Brute Force Attack
      • Encoding, Encryption, Cryptography
  • Commands
    • View
      • Windows
        • Get-ADGroupMember
        • Get-ADGroup
        • Get-ADTrust
        • Get-ADUser
        • Get-ADDomain
        • Discover Modules
        • Get-LAPSComputers
        • Find-AdmPwdExtendedRights
        • Get-AppLockerPolicy
        • DomainPasswordSpray
        • PowerView
        • Inveight
        • Rubeus.exe
        • mimikatz.exe
        • Invoke-TheHash
        • laZagne.exe
        • Copying NTDS.dit via evil-winrm
        • Copying Registry Hives with reg.exe
        • reg add
        • net start
        • tscon
        • query user
        • New-PSDrive
        • findstr
        • dir
        • net use
        • net
        • Get-MpComputerStatus
        • Get-WmiObject
        • Get-ExecutionPolicy
        • get-alias
        • Get-ChildItem
        • Get-ACL
        • services.msc
        • tree
        • wmic
        • sc
        • icacls
        • winPEAS
        • Invoke-WebRequest
        • Certutil
        • Get-Service
      • Linux
        • steganography
          • Binwalk
          • Exiftool
          • steghide
          • stegseek
        • password cracking
          • John
          • Hashcat
        • remote desktop
          • rdesktop
          • xfreerdp
          • Remmina
        • common commands
          • grep
          • sed
          • env
          • watch
          • locate
          • tree
          • who
          • last/lastlog
          • stat
          • $PATH
          • 4 characters rockyou.txt
          • TR / CUT
          • Find
          • hexedit
          • Background Process
          • Sudo
          • netstat
          • xxd
        • web enumeration
          • Gobuster
          • ffuf/wfuzz
          • whatweb
        • linux blue team
          • chkrootkit
          • rkhunter
        • linux priv esc
          • laZagne
          • Getcap
          • Linpeas/LinEnum
          • SUID
          • crontab
        • credential hunting
          • Configuration Files
          • Credentials in Configuration Files
          • Databases
          • Notes
          • Scripts
          • Cronjobs
          • SSH
          • Bash History
          • Logs
          • mimipenguin.py
          • laZagne.py
          • firefox_decrypt.py
        • Zip files
          • gunzip
          • unzip
        • FTP
          • FTP - Connect
        • SSH
          • SSH - Connect
          • scp
        • DNS
          • host
          • subbrute
          • sublist3r
          • dnsdumpster
          • subfinder
          • dnsenum
          • dig
          • nslookup
          • fierce
        • SMTP
          • swaks
          • o365spray
          • smtp-user-enum
          • msfconsole
        • SMB
          • Hydra
          • metasploit
          • Sans SMB Cheatsheet
          • ntlmrelayx
          • Mount
          • SMB - Connect
          • netexec
          • Enum4Linux-ng
          • CrackMapExec
          • smbmap
          • rpcclient
          • impacket
          • Psexec
        • IMAP/POP3
          • telnet
          • Evolution
          • curl
          • openssl
          • IMAP - Commands
          • POP3 - Commands
        • SNMP
          • onesixtyone
          • snmpwalk
          • braa
        • Oracle TNS
          • odat
          • sqlplus
        • IPMI
          • msfconsole
        • Rsync
          • rsync
          • nc
          • nmap
        • R-Services
          • nmap
          • rlogin
          • rwho
          • rusers
        • MSSQL
          • MSSQL Commands
          • mssqlclient.py
          • sqsh
          • xp_cmdshell
        • RDP
          • Hydra
          • Crowbar
        • MySQL
        • NFS
        • WinRM
          • crackmapexec
          • Evil-Winrm
        • LDAP
          • ldapsearch
          • windapsearch
        • impacket
          • impacket-wmiexec
          • impacket-smbserver
          • impacket-samrdump
          • impacket-psexec
          • impacket-secretdumps
        • Port Forward
          • ssh
          • proxychains
          • chisel
          • rpivot
          • Netsh
        • bloodhound-python
        • kerbrute
        • tcpdump
        • Ping sweep
        • static binaries
        • Linikatz
        • Finding keytab
        • PS
        • realm
        • pypykatz
        • creds
        • cewl
        • username-anarchy
        • cupp
        • theHarvester
        • Responder
        • msf-virustotal
        • perl
        • php
        • ruby
        • aquatone
        • wafw00f
        • curl
        • msfconsole/meterpreter
        • sqlmap
        • arp-scan
        • nmap
        • Msfvenom
        • Res/PHP
        • enum4linux
        • md5sum
        • Python
        • Redis
        • Telnet
        • RSA
        • Medusa
        • Hydra
        • curl to python
      • LOLbas/GTFObins
      • SQL Injection
      • LFI
  • Google Chrome Password
    • Decrypt Google Chrome Password
    • LaZagne
  • Comptia Security+ 701
    • Professor Messor
      • Security Control
      • Zero Trust
      • Deception and Disruption
      • Change Management
      • Key exchange
      • Encryption Technologies
      • Obfuscation
      • Hashing and Digital Signatures
      • Blockchain Technology
      • Certificates
      • Threat Actors
      • Common Threat Vectors
      • Race Conditions
      • Hardware Vulnerabilities
      • Virtualization Vulnerabilities
      • Mobile Device Vulnerabilities
      • Spyware and Bloatware
      • Other Malware Types
      • Wireless Attacks
      • On-path Attacks
      • Replay Attacks
      • Cryptographic Attacks
      • Indicators of Compromise
      • Segmentation and Access Control
      • Mitigation Techniques
      • Hardening Techniques
      • Cloud Infrastructures
      • Network Infrastructure Concepts
      • Other Infrastructure Concepts
      • Infrastructure Considerations
      • Secure Infrastructures
      • Intrusion Prevention
      • Network Appliances
      • Port Security
      • Firewall Types
      • Secure Communication
      • Data Types and Classifications
      • States of Data
      • Protecting Data
      • Resiliency
      • Recovery Testing
      • Backups
      • Power Resiliency
      • Secure Baselines
      • Hardening Targets
      • Securing Wireless and Mobile
      • Wireless Security Settings
      • Application Security
      • Asset Management
      • Vulnerability Scanning
      • Threat Intelligence
      • Analyzing Vulnerabilities
      • Security Tools
      • Firewalls
      • Operating System Security
      • Email Security
      • Monitoring Data
      • Endpoint Security
      • Identity and Access Management
      • Access Controls
      • Multifactor Authentication
      • Password Security
      • Scripting and Automation
      • Incident Planning
      • Digital Forensics
      • Log Data
      • Security Policies
      • Security Procedures
      • Security Considerations
      • Data Roles and Responsibilities
      • Risk Management
      • Risk Analysis
      • Risk Management Strategies
      • Third-party Risk Assessment
      • Agreement Types
      • Compliance
      • Privacy
      • Audits and Assessments
      • Security Awareness
      • User Training
    • Incident Response Plan, Cyber kill chain
    • SD-WAN
    • MTTR, MTBF, RTO, RPO
    • NetFlow Logs
    • MTBF, MTTR, RPO, RTO
    • Data in-use, at-rest, in-transit
    • Disassociate vs Deauthentication
    • Data Custodians, Data Stewards, Data states, Data subject
    • Data Owners, Data Controllers, Data Processors
    • Public, Sensitive, Confidential, Restricted, Private, Critical
    • Bluejacking, Bluesnarfing, Bluebugging, Blueborne, Bluesmack
    • Private,Secret,Legal,Confidential
    • CTO,DPO,CIO,CSO
    • Amplified, Volumetric, Reflected, Application
    • Resource reuse, Resource exhaustion, Concurrent session usage
    • Rootkit, Backdoor
    • WPS,WAP,WPA,WAF,WPA2,WEP
    • MD5, SHA-3, RIPEMD-160,HMAC
    • CBC, GCM, ECB, CFB
    • ECDHE, ECDSA
    • PFS, PFX, ECB
    • Symmetric, Asymmetric
    • KEK
    • ECC, RC4, MD5, SHA-1, IDEA, DHE,DES,AES
    • TKIP, CCMP
    • AH, ESP, IKE
    • SMTPS,SRTP,SHTTP,S/MIME
    • GPG, PGP
    • FDE, EFS, SED
    • PKCS, PKI
    • BPA, BIA, SLE, and BCP
    • DLP, Radius, IPsec
    • keylogger
    • Compliance reporting, chain of custody, password vaults
    • SLE, ARO,ALE,RTO
    • Data owner, processor, subject, custodian
    • SCAP
    • SASE, RTOS, CRL
    • Playbook, Responsibility matrix, audit committee, right-to-audit
    • Blockchain, Secure enclave, Hashing
    • COPE, CYOD, SSO, BYOD
    • 802.1X, WPA3, PSK, MFA
    • Journaling
    • Record & Full-disk encryption
    • DMARC, SPF ,NAC, DKIM
    • RAS server
    • Vendors, Supplier, Distributors and MSP
    • Gap Analysis
    • Deception and disruption technology
    • Honeypot, token, file and net
    • Non-Repudiation
    • Data masking / Tokenization
    • open public ledger vs block chain
    • cryptographic key management (HSM, TPM, Secure Enclave, KMS)
    • Authentication methods
    • Wi-Fi Evolution | 802.11 Standards Explained
    • AAA and RADIUS vs TACACS+
    • asdasd
    • Phishing tactics
    • IDS/IPS - True/False Positive/Negative
    • Login Pacific
      • Chapter 1
      • Chapter 2
      • Chapter 3
      • Chapter 4
      • Chapter 5
      • Chapter 6
      • Chapter 7
    • Exam Compass
      • 601 - Test 1
      • Data Protection Concepts Quiz
      • Indicators of Malicious Activity Quiz
      • Application Attacks Quiz
      • Network Attacks Quiz
      • Malware Attacks Quiz
      • Security Vulnerabilities Quiz
      • Social Engineering Quiz
      • Threat Vectors & Attack Surfaces Quiz
      • Threat Actor Types Quiz
      • Digital Signatures Quiz
      • Hashing Quiz
      • Encryption Quiz
      • Security Controls Quiz
      • 701 - Test 1
      • 701 - Test 2
      • 701 - Test3
    • Udemy
      • CompTIA Security+ SY0-701: The Ultimate Practice Exam 2024
    • Crucial exam
      • Just 20 free qusetions
  • CCNA
    • Cisco Router, Firewall, Switch
    • UTP Cables / IEEE Ethernet Standard
    • OSI Model & TCP/IP Suite
    • Intro to the CLI
    • Ethernet LAN Switching
    • Ethernet LAN Switching (Part 2)
    • IPv4 Addressing (Part 1)
    • IPv4 Addressing (Part 2)
    • Switch Interfaces
    • IPv4 Header
    • Routing Fundamentals (Part 1)
    • Static Routing (Part 2)
    • The Life of a Packet
    • TRUE FORM OF SUBNET
    • Subnetting (Part 1)
    • Subnetting (Part 2)
    • Subnetting (Part 3 - VLSM)
    • VLANs (Part 1)
    • VLANs (Part 2)
    • VLANs (Part 3)
    • DTP/VTP
  • Malware Analysis Lab
  • TCM
    • Linux 100: Fundamentals
      • IP Sweep
    • Programming 100: Fundamentals
      • Functions
      • Basic Calculator
      • Lists
      • Tuples
      • Dictionaries
      • Importing
      • Sockets
      • Strings Revisite
      • Scanner
      • Writing Reusable and Testable Code
    • Practical Bug Bounty
      • LABS
        • Authentication 0x01
        • Authentication 0x02
        • Authentication 0x03 [Challenge]
        • Auth 0x04 IDOR 0x01
        • Auth 0x05 APIs 0x01
        • Auth 0x06
        • File Inclusion 0x01
        • File Inclusion 0x02
        • File Inclusion 0x03 [Challenge]
        • Injection 0x01
        • Injection 0x02
        • Injection 0x03 [Challenge]
        • Injection 0x04
        • XSS 0x01
        • XSS 0x02
        • XSS 0x03
        • Command Injection 0x01
        • Command Injection 0x02
        • Command injection 0x03 [Challenge]
        • SSTI 0x01
        • SSTI 0x02
        • XXE 0x01
        • Insecure file upload 0x01
        • Insecure file upload 0x02
        • Insecure file upload 0x03
        • CSRF 0x01
        • CSRF 0x02
        • SSRF 0x01
        • Open Redirect 0x01
      • Importantttttttt
      • Automated Scanner
      • XXE
      • SSTI
      • Command Injection
      • LFI/RFI
      • XSS
      • SQLi
      • Sites
      • sqlmap
      • curl
      • nmap
      • ffuf
      • dirb
      • dirbuster
      • subfinder
      • assetfinder
      • amass
      • Combining all result
      • httprobe
      • gowitness
      • burpsuite
      • hydra
      • JWT
      • authorize - burpsuite
    • Practical Web Hacking
      • Authentication
        • Lab: Password reset broken logic
        • Lab: Username enumeration via different responses
        • Lab: Username enumeration via subtly different responses
        • Lab: Username enumeration via response timing
        • Lab: Brute-forcing a stay-logged-in cookie
        • Lab: 2FA simple bypass
      • Access Control
        • Lab: User ID controlled by request parameter
        • Lab: Unprotected admin functionality
        • Lab: Insecure direct object references
        • Lab: Multi-step process with no access control on one step
        • Lab: Referer-based access control
      • SSRF
        • Lab: Basic SSRF against the local server
        • Lab: Basic SSRF against another back-end system
        • Lab: Blind SSRF with out-of-band detection
        • Lab: Blind SSRF with Shellshock exploitation
      • LFI/RFI
        • lab 1
        • lab 2
        • Lab: File path traversal, simple case
        • Lab: File path traversal, traversal sequences blocked with absolute path bypass
        • Lab: File path traversal, validation of start of path
      • XXE
        • Lab: Exploiting XXE using external entities to retrieve files
        • Exploiting XXE via image file upload
        • Lab: Exploiting XInclude to retrieve files
      • JWTs
        • jwt.io
        • Lab: JWT authentication bypass via unverified signature
        • Lab: JWT authentication bypass via flawed signature verification
      • find
      • ffuf
    • Web pen
Powered by GitBook
On this page
  1. Comptia Security+ 701
  2. Login Pacific

Chapter 5

What does the term ’Rights Management’ primarily refer to?

The use of technologies to provide copyright protection for copyrighted works

What is the difference between public and private subnets in a cloud-based network?

Public subnets have public IP addresses and are accessible via the internet, whereas private subnets have private IP addresses and aren’t directly accessible via the internet.

What can a cloud-based DLP policy be configured to do after detecting sensitive information?

Send an alert to a security administrator, block attempts to save the data, and quarantine the data

What actions does a data loss prevention (DLP) system perform in an organization?

All of the above

Searching for specific words or phrases in data traffic and taking action when it detects them

Examining outgoing data and detecting all types of unauthorized data transfers

Blocking the use of USB flash drives and controlling the use of removable media

What kind of memory does the Arduino microcontroller board contain?

Random-access memory (RAM) and read-only memory (ROM)

The Arduino microcontroller board, as described in the passage, contains the CPU, random access memory (RAM), and read-only memory (ROM).

Why is encrypting data considered a primary way to prevent the loss of confidentiality?

Because encrypted data is more difficult for an attacker to view than unencrypted data

What is a Trusted Platform Module (TPM)?

A hardware chip on the computer’s motherboard that stores cryptographic keys used for encryption

Which of the following explains a key security challenge specific to embedded systems?

The maintenance of embedded systems in terms of security fixes is often overlooked

What is the main difference between COPE (corporate-owned, personally enabled) and CYOD (choose your own device) deployment models?

In COPE model, the organization provides the device while in CYOD, employees select the device from an approved list.

What is likely to happen if the cost of an embedded system device is minimized by the manufacturer?

The device may sacrifice security features.

What is a potential benefit of hardening a system?

It can help make an operating system or application more secure from its default installation.

What is the difference between the function of FPGA and Arduino in terms of configurability?

FPGA can change its function with the memory chip while Arduino requires a new firmware upgrade

What are the consequences of implied trust in embedded systems?

Many devices have vulnerabilities that are not known or widely reported

What is a hybrid cloud in the context of cloud deployment models?

A combination of two or more clouds (public, private, community, or a combination) that retain their separate identities, but are bridged together.

What is the function of RFID systems in mobile devices?

They transmit data over the air using RF signals

RFID (Radio Frequency Identification) systems transmit data over the air using radio frequency signals. Some NFC (Near Field Communication) systems use RFID technologies.

What is the function of the Permissive mode in the Security-Enhanced Linux (SELinux) policy?

It logs all activity that the policy would block without enforcing the policy

Permissive mode in SELinux is used for testing policies. It does not enforce the policy but logs all the activities that would have been blocked if it was in the Enforcing mode. The main purpose is to verify that the policy works as intended before changing it to Enforcing mode.

What are the three steps in the use of secure baselines in organizations?

Initial baseline configuration, Regular monitoring for changes, Follow-up action for detected changes

The three steps in the use of baselines as discussed are: 1. Initial baseline configuration where administrators set up systems in a secure state, 2. Integrity measurements for baseline deviation where tools are employed to monitor for and report changes, 3. Remediation where network access control methods are used to detect changes and isolate or quarantine systems for manual correction by administrators.

Which of the following is a key function of a next-generation Secure Web Gateway (SWG)?

Filters URLs and scans for malware

What differentiates an application approved list from an application block list?

An application approved list lists authorised software and prevents users from installing or running software that isn’t on the list, while an application block list lists unauthorised software, and prevents users from installing or running software on the list.

Which of the following limitations of embedded systems could potentially lead to security vulnerabilities?

All of the above

All the listed factors are potential security risks. Limited computational power might limit the use of cryptographic protocols, thereby possibly creating vulnerabilities. Dependence on the parent device for power may reduce the device’s range, thereby creating opportunities for attacks. The inability to patch devices makes them susceptible to attacks as revealed vulnerabilities cannot be fixed.

What are the limitations of mobile devices when it comes to the use of passwords or personal identification numbers (PINs) in the context of Mobile Device Management (MDM) systems?

Some mobile devices only support PINs, while others support either passwords or PINs.

What does the ’remote wipe’ feature in Mobile Device Management (MDM) do?

It sends a remote signal to delete all data on a lost or stolen mobile device

What is the risk associated with the use of third-party app stores?

Apps from third-party app stores do not undergo the same level of scrutiny and thus represent a higher risk

What is the main difference between Corporate-owned, personally enabled (COPE) model and the traditional corporate-owned model?

The organization purchases devices in both models, but in the COPE model, employees are free to use the device for their personal activities.

Which of the following features of Mobile Device Management (MDM) can be useful if a mobile phone is lost or stolen?

Remote wipe

Which of the following methods is commonly used as a payment gateway allowing you to make payments simply by waving your phone in front of a reader at a retailer?

NFC (near field communication)

What is the main benefit of using cloud computing for heavily utilized systems and networks?

It can handle increased loads

Which of the following is NOT true about Software as a Service (SaaS)?

Web-based email is not an example of SaaS.

What is the term for the process of modifying an Android device to give full administrative access to a user?

Rooting

What does ’Range’ constraint in embedded systems refer to?

The maximum distance the system can wirelessly connect to other devices

What is the primary difference between edge computing and fog computing based on the given text?

Fog computing uses a network close to the device and may have multiple nodes processing data, whereas edge computing stores and processes data on single nodes or appliances.

What type of wireless protocol do most mobile devices use to support the use of a Bluetooth headset for hands-free use?

Bluetooth

What is meant by ’hardware root of trust’ in the context of TPM?

It refers to the private key burned into the TPM for asymmetric encryption.

The hardware root of trust is the known secure starting point provided by the unique RSA private key that is burned into the chip. This key matches a public one and used for asymmetric encryption and authentification.

What is a characteristic of a non-persistent virtual desktop?

Allows changes to be made that revert back to the original snapshot when user log off

What is one of the primary risks associated with Multimedia Messaging Service (MMS) as stated in the text?

It can be used to gain remote code execution privileges on a user’s phone

Attackers have found a way to send an MMS message to a phone number which can allow them to gain remote code execution privileges on the user’s phone. This means they could potentially control the device remotely.

Which of the following statements best describes Rich Communication Services (RCS)?

RCS is a newer communication protocol designed to replace SMS, which can also transmit multimedia and default to MMS or SMS when the network doesn’t support RCS.

Which of the following describes the limitations of 5G communication method for embedded systems and IoT devices?

It has a limited range and can be blocked by physical barriers

What is the role of integrity measurements in baseline deviations?

They use automated tools to monitor the systems for any baseline changes.

Integrity measurements for baseline deviation involve the use of automated tools that monitor the systems for any baseline changes. Any detected changes can either be reported or the systems can be reconfigured to the baseline settings.

What is the function of security groups within cloud-based resources according to CompTIA?

They assign permissions to a group and add users to the account

What is meant by ’High availability and high availability across zones’ in terms of cloud security controls?

It refers to a system or service that remains operational with negligible downtime

What does ’Host elasticity’ in terms of virtual machines (VM) mean?

It refers to the ability to dynamically change resources assigned to the VM based on the load without requiring a reboot

Host elasticity in terms of virtual machines refers to the technology’s capability to automatically adapt and reassign resources to a VM when the system detects an increase in load. This automatic process does not require a reboot of the system.

What is one key difference between a Managed Security Service Provider (MSSP) and a Managed Service Provider (MSP)?

An MSSP is a third-party vendor that provides security services, whereas an MSP provides a wider range of IT services.

In the context of mobile device management, what does ’context-aware authentication’ entail?

It uses geolocation, time of day, type of device and verifies that the device is within a geofence to authenticate a user and a mobile device.

What is an example of the harm that can be caused by faults in the Industrial Control Systems (ICS)?

Overpressurization in gas mains leading to explosions and fires.

What is a primary benefit of utilizing an off-premises cloud service provider (CSP) solution?

CSP performs the maintenance and ensures the hardware is operational

The text mentions that a primary benefit of an off-premises solution is that the CSP performs the maintenance and ensures the hardware is operational.

What does the term ’Narrow-band’ generally refer to in the context of communication methods for embedded systems and IoT devices?

A signal with a very narrow frequency range

What does MDM tools do when the organization owns the device?

MDM tools download and install all required applications

What does the term ’Guest’ refer to in the context of VMs and virtualization?

It refers to the operating systems running on the host system

In the context of virtual machines and virtualization, a ’Guest’ refers to operating systems that are running on the host system or host machine.

What is the purpose of a Virtual Private Cloud (VPC) endpoint within a virtual network?

To allow users or services to connect and access other resources via the virtual network, reducing bandwidth needed to access resources directly

What is a common use of an Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA) in the manufacturing and industrial sector?

Monitoring every processing stage and reporting anomalies in real time

What is the potential security threat associated with GPS tagging?

The geographical information added to files, like pictures, can be exploited.

GPS tagging or geotagging adds geographical information, like latitude and longitude coordinates, to files, such as pictures, when they’re posted on social media websites. If a perpetrator gains access to these tagged pictures, they can acquire valuable information, like the person’s home or any location they frequent. For instance, if pictures tagged at home are regularly uploaded, and then suddenly pictures appear from a vacation spot, thieves could deduce that the person’s home is unattended and burgle it.

What does strong authentication methods in APIs prevent?

 Unauthorized entities from using the API

What is the process of copying an application package in the Application Packet Kit (APK) format to the device and then activating it?

Sideloading

Sideloading is the process of copying an application package in the Application Packet Kit (APK) format to the device and then activating it. The device must be set to allow apps from unknown sources, leading to potential security risks.

Which of the following deployment models for mobile devices allows employees to use their corporate-owned devices for personal activities?

COPE (corporate-owned, personally enabled)

What is the main challenge that organizations face when implementing a BYOD (bring your own device) policy?

Monitoring and managing a variety of devices

What is the purpose of Endpoint Detection and Response (EDR) tools in Endpoint Security?

They perform a deep investigation of all activity on endpoints.

What is the main difference between Wi-Fi Direct and a wireless ad hoc network?

Wi-Fi Direct uses single radio hop communication and cannot share an Internet connection

Wi-Fi Direct is a method that lets devices connect over a wireless connection without requiring a Wireless Access Point or Wireless Router. This is similar to an ad hoc network, but the key difference is that in Wi-Fi Direct, devices use single radio hop communication and as a result, they can’t share an internet connection.

What is the primary reason for an organization to potentially block the ability to switch carriers on a COPE device?

To reduce the risk of the device connecting to a untrusted network

What is a key difference in traffic routing between a software-defined network (SDN) and traditional hardware routers?

SDN uses virtualization technologies and software for routing, while hardware routers use rules within an ACL

What does dynamic resource allocation in cloud-based resources mean?

It refers to the CSP’s ability to dynamically allocate additional resources, such as more processors, more memory, or more disk space to a cloud-based resource when it’s needed and remove them when they are no longer required.

What does the term ’jailbreaking’ refer to?

Removing all software restrictions from an Apple device

What is a characteristic of Container Virtualization?

Services or applications run within isolated containers or application cells

What is the main concept of Platform as a Service (PaaS)?

Customers are offered a fully managed platform including hardware, operating systems, and limited applications

What are the primary issues associated with VM sprawl?

Unauthorized VMs consuming system resources and leaving VMs unpatched

What is the function of a real-time operating system (RTOS) in the context of embedded systems?

It reacts to input within a specific time

A RTOS is an operating system that handles and responds to input within a strict time constraint. If it cannot process the given data within that specified time, it will report an error.

What can MDM tools do to control applications on mobile devices?

They can create a list of allowed applications

MDM tools can restrict what applications can run on mobile devices. They often use application allow lists to control the applications and prevent unapproved applications from being installed.

What is the purpose of using secure baselines as a part of an organization’s security strategy?

All of the above

Using secure baselines helps to automate the detection and correction of security issues, improve the overall security posture of systems, and provide a way to monitor for any baseline changes. Any detected changes can then be handled either automatically or manually, with automated tools often reconfiguring systems back to their baseline settings when changes are detected.

Which cloud deployment model is only available for one specific organization?

Private Cloud

What method of authentication discussed in chapter 2 does mobile device management (MDM) support?

Biometric authentication

The section says that many mobile devices now support biometrics for authentication and you can teach the device your fingerprint and then use your fingerprint to authenticate instead of entering a password or PIN.

Which type of cloud deployment model is provided by third-party companies and is available to anyone willing to pay for the services?

Public cloud

Public cloud services are provided by third-party companies like Google, Amazon, Microsoft, and Apple. These services are open for anyone willing to pay for them.

What does high availability across zones indicate in the context of cloud security controls?

The nodes are located in different cloud locations

What is the characteristic of Zigbee as a communication protocol?

Zigbee is used for smaller networks and supports strong security, including data encryption.

What is a point-to-point connection in mobile devices?

Connection between two smartphones using wireless technology.

A point-to-point connection refers to the connectivity between two devices, and in the context of mobile devices, it refers to the wireless connection between two smartphones. This can use technologies like Bluetooth, NFC, and RFID.

What is the purpose of the screen-locking feature supported by most mobile devices?

It prevents easy access to the device and its data by locking the device after a specified number of minutes of inactivity.

What is the primary use of NFC (near field communication) in mobile devices?

Act as a payment gateway at retail portals

What does ’Instance awareness’ refer to in the context of cloud-based resources?

The ability of the CSP to know and report how many instances of cloud-based resources an organization is renting.

What are two important benefits of using master images for baseline configurations?

Reduced costs and secure starting point

Using master images for baseline configurations provide two important benefits; they offer a secure starting point as the image includes mandated security configurations for the system and they reduce costs by decreasing overall maintenance and improving reliability.

What is the main purpose of a hypervisor in a virtualized system?

It is the software that creates, runs, and manages the VMs

The hypervisor in a virtualized system is indeed the software that creates, runs, and manages the VMs. It is responsible for distributing the physical resources of the host machine among the multiple guest machines.

Which of the following are NOT common considerations developers should address to ensure APIs aren’t vulnerable to common exploits?

External Advertising

What does resource policies control in a cloud-based system?

They ensure customers don’t create more resources than their plan allows

What are the functions of a network-based Data Loss Prevention (DLP) system in preventing data exfiltration?

Scan outgoing data for sensitive information specified by an administrator

A network-based DLP monitors outgoing data looking for sensitive data, specified by an administrator. This includes scanning the text of all emails and the content of any attached files for sensitive information.

What is the purpose of data replication in cloud data security as mentioned in the CompTIA Security+ SY0-701 syllabus?

To create a copy of data and store it in a different location

Why might an organization want to limit a mobile device’s ability to tether or use Wi-Fi Direct?

To prevent bypassing of network controls and potential security risks

In the context of cloud security controls, what does segmentation refer to?

The method by which cloud-based networks can segment computers or networks the same way local networks do with VLANs and subnets

What is a private cloud?

A cloud set up for specific organizations

What is the purpose of storage segmentation in mobile device management?

To ensure that all content retrieved from an organization source is stored in an encrypted segment.

What is a VM escape attack?

An attack that allows an attacker to access the host system from within the virtual system.

What are some methods to protect the confidentiality of data within a database?

Strong access controls and database column encryption

Why is using a master image beneficial for system deployments?

It allows for a secure starting point and reduced costs

Using a master image allows for a secure starting point because the image includes mandated security configurations for the system and individuals deploying the system do not need to remember or follow extensive checklists to ensure that new systems are set up with all the detailed configuration and security settings. It also helps in reducing costs, as support personnel only need to learn one system environment, reducing overall maintenance costs and improving reliability.

Which of the following practices increases the security risk to a mobile device?

Installing apps from third-party app stores

What is a community cloud in terms of cloud deployment models?

A cloud shared by communities with common concerns such as shared goals, security requirements, or compliance considerations

What is a point-to-multipoint connection?

A connection creating an ad hoc network

A point-to-multipoint connection creates an ad hoc network. Ad hoc mode lets wireless devices connect to each other without an AP. This is a method of network connection designed to be formed as needed.

What network security mechanism is typically used to block unwanted traffic from reaching a SCADA system or an ICS, that is connected to the corporate network?

Network intrusion prevention system (NIPS)

A Network Intrusion Prevention System (NIPS) is typically used to block unwanted traffic from reaching an Industrial Control Systems (ICS) or Supervisory Control and Data Acquisition (SCADA) systems. These systems are usually connected to the corporate network, but they are placed within an isolated VLAN. NIPS helps to protect the network by identifying and preventing potential intrusions.

Which of the following correctly describes a USB (Universal Serial Bus) in the context of mobile devices?

It is a cable-based connection method that allows mobile devices to connect to a desktop or laptop.

Which of the following is a method to distribute updated version of firmware on Android devices?

Over-the-air (OTA) updates

What is the role of a hypervisor in a virtualization setup?

It is the software that creates, runs, and manages the virtual machines.

How does an organization typically protect the confidentiality of its data?

Through encryption and strong access controls

What is the benefit of adding Software-defined visibility (SDV) to an organization’s network?

It ensures all network traffic is viewable and can be analyzed.

Which of the following represents a potential risk associated with hardware features on mobile devices, and how MDM tools can be tailored to mitigate such risks?

Certain apps may contain malicious codes allowing attackers to remotely access the device’s hardware features, like camera and microphone, which can be controlled by disabling these features using MDM tools.

Why is it often not possible to patch embedded systems?

Vendors don’t always include methods to patch devices, and even if they do, they don’t always write and release patches in a timely manner

Which communication method is typically used when transferring data over a cable rather than over the air?

Baseband radio

Baseband radio signals include frequencies that are very near zero. They are typically used when transferring data over a cable rather than over the air. Whereas, 5G, Narrowband, and Zigbee are primarily used for wireless communications.

How is replication beneficial for a virtual machine?

It enables easy restoration of a failed virtual server.

What does the use of a USB data blocker in the context of a security policy generally serve to prevent?

Delivery of malware via removable media

A USB data blocker prevents systems from writing data to, or reading data from, a USB or other removable device. This is primarily used to prevent malware from being delivered via removable media, as stated in the given text.

What is the role of a transit gateway in a cloud-based network?

It connects VPCs to an on-premises network

A transit gateway in a cloud-based network serves as a connection hub between VPCs (Virtual Private Clouds) and on-premises networks. This enables the exchange of data between the networks securely.

What is an embedded system as defined by the CompTIA Security+ objectives?

Any device that has a dedicated function and uses a computer system to perform that function

What is monitored by SCADA systems in water treatment facilities?

The temperature and humidity

What is the primary difference between the traditional Corporate-owned model and the Corporate-owned, personally enabled (COPE) model?

In COPE, employees can use organization-owned devices for personal activities

What are the primary goals of configuration management practices in an organization?

All of the above

Configuration management practices aim to support the deployment of systems with secure configurations, to identify configurations with standard naming conventions, and to change configurations using decision-making methods. The process is beneficial in maintaining system security, and the method an organization chooses to achieve this is less important than the consistent use of a method.

What is the purpose of using push notifications in Mobile Device Management (MDM)?

To send messages to mobile devices from apps regarding security settings or compliance with security policies

What is the primary purpose of taking a snapshot of a virtual machine?

To revert the VM to a known good state in case of problem

What is the role of a Cloud Access Security Broker (CASB)?

It monitors traffic and enforces security policies between an organization’s network and the cloud provider.

What distinguishes Raspberry Pi from Arduino in terms of its functionality?

Raspberry Pi is a microprocessor-based mini-computer that uses Raspberry Pi OS to run and can also control systems such as HVAC systems.

Which communication method has a significantly lower range compared to 4G and can be blocked by physical barriers such as trees, walls, and glass?

5G

5G, though it can reach peak speeds significantly higher than 4G and transfer data quicker, has a limited range compared to 4G and can be blocked by physical barriers like trees, walls, and glass.

What are the shared responsibilities between a cloud service provider and a customer in IaaS, PaaS, SaaS models?

Both security and maintenance responsibilities

Which connection method is typically used by smartphones and tablets to connect to a high-speed digital transfer service that is provided by a cellular network?

Cellular

Which of the following is not considered a constraint of embedded systems based on the provided text?

Ability to provide own power supply

What does the term ’Anything as a Service’ (XaaS) refer to?

It refers to all cloud-based services other than SaaS, PaaS, and IaaS including communications, databases, desktops, storage, security, etc.

What is the process of ’Remediation’ in the context of secure baselines?

Correcting detected baseline deviation manually by administrators.

In the context of secure baselines, ’Remediation’ usually involves the systems being isolated or quarantined in a remediation network after a deviation from the baseline is detected by NAC methods. After this, administrators manually correct the problem in these systems to align them back to the baseline.

What does the term ’On-premises’ refer to in relation to organization’s resources?

Resources that are owned, operated, and maintained within the organization’s properties

Which of the following does not accurately describe a constraint faced by embedded systems?

All embedded systems have their own power supply

What does encryption aid in when referring to Cloud Service Providers (CSPs)?

It protects the confidentiality of data.

What is the role of authorization in the context of APIs?

It is used to secure access to the API.

In the context of APIs, authorization methods are used to secure access. Different users or roles may have different levels of access. This can help protect the API from unauthorized usage and potential attacks.

Why might designers skip authentication when designing embedded systems?

Due to the extra requirements

In embedded systems, designers often forego, or skip, authentication due to its extra requirements. Embedded systems are often constrained by resources, and implementing authentication can be a drain on these resources.

What distinguishes a microservices API from a web services-based API in terms of its business tie-in?

A microservices API isn’t tied to any specific business

According to the text, a microservices module isn’t tied to any specific business. This means that developers can use it in different applications without modifying it.

Why do embedded systems often have weak defaults?

Security is often an afterthought in the design process.

When designing embedded systems, security is often not prioritized and weak defaults are used for things like authentication or encryption when sending traffic. This is less about the ability of the embedded system to handle strong defaults and more about where security is placed in the priorities of the design process.

According to NIST SP 800-124, which of the following characteristics are NOT found in mobile devices?

Lower functioning operating system

According to NIST SP 800-124, mobile devices should have an operating system, and basic cell phones, digital cameras, and IoT devices are excluded from this category because they have a limited functioning operating system or do not have an operating system.

What potential risk does Universal Serial Bus On-The-Go (USB OTG) cables pose to an organization’s information security?

They allow to connect any device to a mobile device, including potential malware-contaminated external media

Which of the following describes a technique used by organizations to create a virtual geographic boundary using mobile device’s GPS capabilities?

Geofencing

Geofencing is a feature in a software program that uses the global positioning system (GPS) or radio frequency identification (RFID) to define geographical boundaries. Organizations can configure mobile apps to operate only within this virtual fence.

What does ’Host Scalability’ refer to in the context of virtual machines?

The ability to resize the computing capacity of the VM by assigning it more memory, processors, disk space, or network bandwidth.

What are some common uses of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems in the context of Energy?

Power generation and oil and gas processing

What is the primary difference between a non-Opal-compliant SED and an Opal-compliant SED?

An Opal-compliant SED requires user authentication to unlock the drive

An Opal-compliant SED requires users to enter credentials to unlock the drive upon bootup. Non-Opal-compliant drives do not have this restriction, allowing an attacker to potentially access data if the drive is installed in another system.

What is Bluetooth commonly used with in the context of mobile devices?

Personal Area Networks

Bluetooth is most commonly used with personal area networks, like connecting to a wireless headset or other personal devices.

Which of the following is a common use of the supervisory control and data acquisition (SCADA) systems and ICS?

For monitoring processes within shipping facilities

What function does geofencing perform in the context of mobile device security?

It creates a virtual fence or geographical boundary, which can restrict the usage of certain mobile apps or wireless networks to within the defined boundary.

Geofencing uses GPS technology to create a virtual geographical boundary, enabling software to trigger a response when mobile devices enter or leave a specific area. In terms of mobile device security, an organization can use geofencing to restrict the usage of certain apps or wireless networks to within the boundary, thus establishing an added layer of security control.

Which of the following best describes the main point regarding ’Implementing Secure Systems?’

Systems need to be secured before deployment and kept secure after.

What are Subscriber identity module (SIM) cards typically used for in the context of embedded systems and IoT devices?

They are used to connect with a cellular provider via a unique serial number

Management within an organization might want to limit a mobile device’s connections to prevent certain security threats. What could be a potential threat if employees use tethering within the organization?

Employees could bypass company firewalls and other security measures

What does full device encryption provide in terms of mobile device security?

It provides application security, data security, and device security

What is the role of a host in the context of virtualization?

It is the physical system that hosts the VMs.

The host in the context of virtualization refers to the physical system that houses the virtual machines or VMs. It usually requires more resources than a typical system, such as multiple processors, massive amounts of RAM, abundant hard drive space, and fast network cards.

What is the primary function of permissions in a cloud service provider’s system?

Permissions are used to identify who can access data in the system.

Which of the following best describes the risks associated with using Short Message Service (SMS) and Multimedia Messag Service (MMS)?

Both services send text in plaintext, potentially exposing the information to interception

What does a customer have to do with a server provided via Infrastructure as a Service (IaaS)?

Configure the operating system based on their needs

What is a field programmable gate array (FPGA) in the context of an embedded system?

A programmable integrated circuit installed on a circuit board

A field programmable gate array is a programmable integrated circuit initialized without any configuration. When the device is turned on, it takes a configuration program from a configuration memory chip or an external processor. The memory chip is non-volatile, thus can retain the configuration even without power.

What is a constraint of power in embedded systems?

They do not have their own power supplies and instead use power from the parent device

Which among the following embedded systems does not use an operating system, but uses firmware for functionality?

Arduino

Arduino is a microcontroller board that does not need an operating system to run, but it uses firmware. It performs simple repetitive tasks, whilst the other choices like FPGA, MFP, and Raspberry Pi use operating systems to function.

What is the purpose of content management in mobile device management (MDM)?

To ensure that all content from an organization source is stored in an encrypted segment.

What does it mean when a system or service is said to have high availability?

It refers to a system or service that remains operational with almost zero downtime.

What does patch management mainly include?

Identifying, downloading, testing, deploying, and verifying patches.

Which of the following is not a common constraint of an embedded system?

Use of all cryptographic protocols

What is the purpose of a CSP integrating auditing methods into the cloud-based resources?

To help customers identify the effectiveness of security controls at protecting the confidentiality, integrity, and availability of cloud-based resources.

What types of resources can access virtual desktop infrastructures (VDIs)?

 Both traditional computers and mobile devices
 
 While traditional computers typically access virtual desktop infrastructures (VDIs) within a network, it’s also possible to deploy a VDI that users can access with their mobile device. This allows users to access any applications installed on their desktop.

What are the primary risks associated with text messaging services such as Short Message Service (SMS) and Multimedia Messaging Service (MMS)?

Unencrypted plaintext and potential for remote code execution attacks

Which of the following defines the ’Enforcing mode’ in the context of Security-Enhanced Linux (SELinux) used by the security-enhanced Android (SEAndroid) security model?

It is a mode where the SELinux policy is enforced and all activities denied by policy are blocked and logged.

Which type of network depends on the cellular provider and the device in use?

Cellular

What is the role of transport level security in an API?

It encrypts traffic transferred over the Internet

Transport level security in an API is used to encrypt any traffic that is transferred over the Internet, ensuring that unauthorized entities are unable to see the traffic.

Which of the following statements regarding SEAndroid security model is NOT correct?

When enabled, SELinux operates using a default allowance principle.

What is the major advantage of UEFI over BIOS?

UEFI can boot from larger disks and it is CPU-independent

UEFI can boot from a larger amount of disk space than BIOS, and because it’s CPU-independent, it doesn’t rely on a central processing unit. This gives it the ability to operate on a wider range of systems.

What are the main characteristics of an on-premises cloud solution according to the text?

The organization retains full control over cloud resources, implements security measures, and takes responsibility for maintenance

What does Infrastructure as code refer to?

Managing and provisioning data centers with code to define VMs and virtual networks.

What distinguishes the Cloud Security Alliance’s (CSA) Cloud Controls Matrix (CCM) from SP-800-53 Revision 5?

The CCM focuses on security controls related to cloud-based resources while SP-800-53 is for all computing systems.

The main difference between the CSA’s CCM and SP-800-53 Revision 5 is their focus. While both provide security controls, the CCM specifically targets cloud-based resources whereas SP-800-53 covers all computing systems.

What does ’instance awareness’ in cloud security controls refer to?

The ability of the CSP to know and report the number of instances of the cloud-based resources an organization is renting

What are two benefits of deploying systems using a master image?

Reduces overall deployment costs and increases reliability

By having a single, mastered system environment that is deployed across the network, the total cost of ownership (TCO) for systems is reduced. It provides a secure starting point, eliminates the need for extensive security and configuration checklists, and simplifies the troubleshooting process for support personnel.

What is the function of containerization in mobile device management?

It runs an organization’s application in a container to isolate and protect the application and its data

What type of wireless technology is Infrared and how is it used?

It is a line-of-sight wireless technology used by mobile devices primarily for audovisual remote controls and file transfer.

Which of the following is NOT a way in which IoT (Internet of Things) technology is commonly used?

Tracking international postal packages

Which of the following is NOT true about Change Management Policy in IT?

A attribute of change management is that administrators can make configuration changes immediately before submitting for review and approval

What is the primary purpose of boot integrity processes implemented by many organizations?

To verify the integrity of the operating system and boot loading systems.

According to the section ’Firewall Considerations’, which one is NOT a characteristic of cloud-based firewalls?

They are always free of charge

What does ’secrets management’ refers to in the context of cloud security controls?

Process of managing and distributing encryption keys and passwords

What is a key difference between a hardware security module (HSM) and a TPM?

An HSM is a removable, external device while a TPM is embedded into the motherboard.

An HSM is a removable or external device that can generate, store, and manage RSA keys used in asymmetric encryption. In comparison, a TPM is a chip embedded into the motherboard.

What is a System on a Chip (SoC) in the context of CompTIA Security+?

An integrated circuit that includes all the functionality of a computing system within the hardware
PreviousChapter 4NextChapter 6

Last updated 11 months ago