To invisibly maintain access to a machine, an attacker utilizes a toolkit that sits undetected In the core components of the operating system. What is this type of rootkit an example of?
Correct Answer: B
Explanation Kernel-mode rootkits run with the best operating system privileges (Ring 0) by adding code or replacement parts of the core operating system, as well as each the kernel and associated device drivers. Most operative systems support kernel-mode device drivers, that execute with a similar privileges because the software itself. As such, several kernel-mode rootkits square measure developed as device drivers or loadable modules, like loadable kernel modules in Linux or device drivers in Microsoft Windows. This category of rootkit has unrestricted security access, however is tougher to jot down. The quality makes bugs common, and any bugs in code operative at the kernel level could seriously impact system stability, resulting in discovery of the rootkit. one amongst the primary wide familiar kernel rootkits was developed for Windows NT four.0 and discharged in Phrack magazine in 1999 by Greg Hoglund. Kernel rootkits is particularly tough to observe and take away as a result of they operate at a similar security level because the software itself, and square measure therefore able to intercept or subvert the foremost sure software operations. Any package, like antivirus package, running on the compromised system is equally vulnerable. during this scenario, no a part of the system is sure.
Question 247
Bob, an attacker, has managed to access a target loT device. He employed an online tool to gather information related to the model of the loT device and the certifications granted to it. Which of the following tools did Bob employ to gather the above Information?
Correct Answer: B
Question 248
What tool can crack Windows SMB passwords simply by listening to network traffic?
Correct Answer: B
Question 249
Let's imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e-mails from company B. How do you prevent DNS spoofing?
Correct Answer: D
Question 250
which of the following protocols can be used to secure an LDAP service against anonymous queries?
Correct Answer: A
Explanation Single sign-on (SSO) may be a session and user authentication service that allows a user to use one set of login credentials as an example, a reputation and arcanum to access multiple applications. SSO will be employed by enterprises, smaller organizations and people to ease the management of varied usernames and passwords. In a basic net SSO service, an agent module on the appliance server retrieves the precise authentication credentials for a personal user from a frenzied SSO policy server, whereas authenticating the user against a user repository, like a light-weight Directory Access Protocol (LDAP) directory. The service authenticates the top user for all the applications the user has been given rights to and eliminates future arcanum prompts for individual applications throughout constant session. How single sign-on worksSingle sign-on may be a united identity management (FIM) arrangement, and also the use of such a system is typically referred to as identity federation. OAuth, that stands for Open Authorization and is pronounced "oh-auth," is that the framework that permits AN finish user's account data to be employed by third-party services, like Facebook, while not exposing the user's arcanum. This graphic provides a mental image of however single sign-on worksOAuth acts as AN mediator on behalf of the top user by providing the service with AN access token that authorizes specific account data to be shared. once a user {attempts|makes AN attempt|tries} to access an application from the service supplier, the service supplier can send letter of invitation to the identity supplier for authentication. The service supplier can then verify the authentication and log the user in. Types of SSO configurationsSome SSO services use protocols, like Kerberos, and Security Assertion terminology (SAML). * SAML is AN protrusible terminology (XML) customary that facilitates the exchange of user authentication and authorization knowledge across secure domains. SAML-based SSO services involve communications among the user, AN identity supplier that maintains a user directory and a service supplier. * In a Kerberos-based setup, once the user credentials are provided, a price tag-granting ticket (TGT) is issued. The TGT fetches service tickets for different applications the user needs to access, while not asking the user to reenter credentials. * Smart card-based SSO can raise an user to use a card holding the sign-in credentials for the primary log in. Once the cardboard is employed, the user won't got to reenter usernames or passwords. SSO good * cards can store either certificates or passwords. Security risks and SSOAlthough single sign-on may be a convenience to users, it presents risks to enterprise security. AN aggressor World Health Organization gains management over a user's SSO credentials are granted access to each application the user has rights to, increasing the number of potential harm. so as to avoid malicious access, it's essential that each facet of SSO implementation be as well as identity governance. Organizations may use two-factor authentication (2FA) or multifactor authentication (MFA) with SSO to enhance security. Advantages and downsides of SSOAdvantages of SSO embody the following: * It allows users to recollect and manage fewer passwords and usernames for every application. * It streamlines the method of linguistic communication on and exploitation applications - no ought to reenter passwords. * It lessens the prospect of phishing. * It ends up in fewer complaints or hassle concerning passwords for IT facilitate desks. Disadvantages of SSO embody the following: * It doesn't address sure levels of security every application sign-on might have. * If availableness is lost, then users are fast out of the multiple systems connected to the SSO. * If unauthorized users gain access, then they might gain access to over one application. SSO vendorsThere are multiple SSO vendors that are accepted. Some offer different services, and SSO is a further feature. SSO vendors embody the following: * Rippling allows users to sign on to cloud applications from multiple devices. * Avatier Identity anyplace is an SSO for manual laborer container-based platforms. * OneLogin may be a cloud-based identity and access management (IAM) platform that supports SSO. * Okta may be a tool with AN SSO practicality. Okta additionally supports 2FA and is primarily used by enterprise users.
