When conducting a penetration test, a pivot is used to describe a scenario in which

• A.the vulnerability scanner reveals a flaw in SMB signing, which can be used to send a netcat recon tool to one of the servers on the network.
• B.a penetration tester is able to download the Active Directory database after exploiting an unpatched vulnerability on the domain controller
• C.the penetration tester uses pass-the-hash to gam access to a server via SMB, and then uses this server to SSH to another server
• D.the penetration tester is able to access the datacenter or network closet by using a lockpick

Comment: *

Name: *

Email: *

Verification: *

Which of the following identity access methods creates a cookie on the first logic to a central authority to allow logins to subsequent applications without referring credentials?

• A.Federated access
• B.Single sign-on
• C.Transitive trust
• D.Multifactor authentication

Comment: *

Name: *

Email: *

Verification: *

For each of the given items, select the appropriate authentication category from the drop down choices.
Select the appropriate authentication type for the following items:

Correct Answer:

Comment: *

Name: *

Email: *

Verification: *

A security administrator is given the security and availability profiles for servers that are being deployed.
Match each RAID type with the correct configuration and MINIMUM number of drives.
Review the server profiles and match them with the appropriate RAID type based on integrity, availability, I/O, storage requirements. Instructions:
All drive definitions can be dragged as many times as necessary
Not all placeholders may be filled in the RAID configuration boxes
If parity is required, please select the appropriate number of parity checkboxes Server profiles may be dragged only once If at any time you would like to bring back the initial state of the simulation, please select the Reset button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.

Correct Answer:

Explanation:
RAID-0 is known as striping. It is not a fault tolerant solution but does improve disk performance for read/write operations. Striping requires a minimum of two disks and does not use parity.
RAID-0 can be used where performance is required over fault tolerance, such as a media streaming server.
RAID-1 is known as mirroring because the same data is written to two disks so that the two disks have identical data. This is a fault tolerant solution that halves the storage space. A minimum of two disks are used in mirroring and does not use parity. RAID-1 can be used where fault tolerance is required over performance, such as on an authentication server. RAID-5 is a fault tolerant solution that uses parity and striping. A minimum of three disks are required for RAID-5 with one disk's worth of space being used for parity information. However, the parity information is distributed across all the disks. RAID-5 can recover from a sing disk failure.
RAID-6 is a fault tolerant solution that uses dual parity and striping. A minimum of four disks are required for RAID-6. Dual parity allows RAID-6 to recover from the simultaneous failure of up to two disks. Critical data should be stored on a RAID-6 system.
http://www.adaptec.com/en-us/solutions/raid_levels.html

Comment: *

Name: *

Email: *

Verification: *

In terms of encrypting data, which of the following is BEST described as a way to safeguard password data by adding random data to it in storage?

• A.Using salt
• B.Using hash algorithms
• C.Implementing elliptical curve
• D.Implementing PKI

Comment: *

Name: *

Email: *

Verification: *