Blog

What is the best mitigation approach against session fixation attacks? Ensure that the session ID uses at least 64 bits of characters.  Ensure that the session ID is used after…

A user is using an online shopping website to order laptop computers. Which mechanism is used by the shopping site to securely maintain user authentication during shopping? IP address  session…

Why should application developers change the session ID names used by common web application development frameworks? These session ID names are not published in public documents.  These session ID names…

Which function is provided by HTTP 2.0 to improve performance over HTTP 1.1? HTTP 2.0 compresses HTTP messages.  HTTP 2.0 provides HTTP message multiplexing and requires fewer messages to download…

Match the elements in the URL ftp://xyz-company.com:2457/support/file;id=65?name=intro&r=true to the description. xyz-company.com ==> host 2457 ==> port support/file ==> path ftp ==> scheme name=intro&r=true ==> query-string id=65 ==> path-segment-params Explanation & Hint: Place the options in the…

Match the HTTP status code contained in a web server response to the description. codes in the 200 range ==> related to successful transactions codes in the 300 range ==> related to…

Which two functions are provided by a web proxy device? (Choose two.) caching of HTTP messages  scanning a web server for related contents  translating HTTP messages to FTP and SMTP…

An attacker is launching a reflected DDoS attack in which the response traffic is made up of packets that are much larger than those that the attacker initially sent. Which…

What is a common mitigation practice for ARP cache poisoning attacks on switches to prevent spoofing of Layer 2 addresses? DHCP snooping DNSSEC DAI BIND 9.5 Explanation & Hint: A…

Which kind of attack is an IP spoofing attack? On-path DDoS Pass-the-Hash Evil-Twin Explanation & Hint: The On-path attack intercepts communications between two systems. The attacker splits the original TCP…

Which four items are needed by an attacker to create a silver ticket for a Kerberos silver ticket attack? (Choose four.) hash value system account SID FQDN target service DNS…

Which attack is a post-exploitation activity that an attacker uses to extract service account credential hashes from Active Directory for offline cracking? MITM On-Path attack MAC spoofing Kerberoasting Explanation &…

What is a characteristic of a Kerberos silver ticket attack? It uses forged service tickets for a given service on a particular server. It mimics the authentication hash on a…

Which is the default TCP port used in SMTP for non-encrypted communications? 25 110 143 993 Explanation & Hint: The following TCP ports are used in most common email protocols:…

Match the TCP port number with the respective email protocol that uses it. 465 ==> The port registered by the Internet Assigned Numbers Authority (IANA) for SMTP over SSL (SMTPS). 587…

What is a DNS resolver cache on a Windows system? It is a database of all WINS records. It is a static database entry of all forward and reverse lookup…

What does the MFP feature in the 802.11w standard do to protect against wireless attacks? It uses a PNL to maintain a list of trusted or preferred wireless networks. It…

Which Wi-Fi protocol is most vulnerable to a brute-force attack during a Wi-Fi network deployment? WPA2-EAP WPS WPA3 WPA2-TKIP Explanation & Hint: Wi-Fi Protected Setup (WPS) is a protocol that…

Which is a characteristic of a Bluesnarfing attack? An attack that is launched using common social engineering attacks, such as phishing attacks, can be performed by impersonating a wireless AP…

Which tool can be used to perform a Disassociation attack? Airmon-ng nmap POODLE EMPIRE Explanation & Hint: Airmon-ng (part of the Aircrack-ng suite) can perform wireless reconnaissance and disassociation attacks.…