GIAC GSNA - GIAC Systems and Network Auditor

Using automated tools, such as NeoTraceroute, for mapping a network is a part of automated network mapping. part of manual network mapping. Network mapping is the process of providing a blueprint of the organization to a security testing team. There are two ways of performing network mapping: Manual Mapping: In manual mapping, a hacker gathers information to create a matrix that contains the domain name information, IP addresses of the network, DNS servers, employee information, company location, phone numbers, yearly earnings, recently acquired organizations, email addresses, publicly available IP address ranges, open ports, wireless access points, modem lines, and banner grabbing details. Automated Mapping: In automated mapping, a hacker uses any automated tool to gather information about the network. There are many tools for this purpose, such as NeoTrace, Visual traceroute, Cheops, Cheops-ng, etc. The only advantage of automated mapping is that it is very fast and hence it may generate erroneous results.

By default, session tracking uses cookies to associate a session identifier with a unique user. URL rewriting is used in cases where cookies are not supported by the browser.

The Routing and Remote Access service can log all the records of authentication and accounting information for connection attempts when Windows authentication or accounting is enabled. This can be done by enabling the log authentication requests in the properties of the Remote Access Logging folder, in the Routing and Remote Access snap-in , where you can configure the type of activity to log, i.e., accounting or authentication activity and log file settings. This information is stored in the form of a log file in '%SystemRoot%System32LogFiles' folder. For each authentication attempt, the name of the remote access policy , that either accepted or rejected the connection attempt, is recorded. The logged information is useful to track remote access usage, and authentication attempts.

According to the question, Windows Defender should scan the laptop for all the known spyware and other potentially unwanted software, including the latest one. Windows Defender uses definitions to scan the system. Definitions are files that include the information of known spyware and potentially unwanted software. To scan a computer for the latest spyware, Windows Defender requires the latest definition files available on the Internet. For this, you have to configure Windows Defender to check for the latest definitions and download them, if available, before scanning the computer. Furthermore, the question also states that the task must be performed automatically. In order to accomplish the task, you will have to select the Check for updated definitions before scanning check box in the Automatic Scanning section.

Perform Quantitative Risk Analysis is the process of numerically analyzing the effect of identified risks on overall project objectives. This process generally follows the Perform Qualitative Risk Analysis process. It is performed on risks that have been prioritized by the Perform Qualitative Risk Analysis process as potentially and substantially impacting the project's competing demands. The Perform Quantitative Risk Analysis should be repeated after Plan Risk Responses, as well as part of Monitor and Control Risks, to determine if the overall project risk has been decreased. Answer: C is incorrect. This is the process of prioritizing risks for further analysis or action by accessing and combining their probability of occurrence and impact. Answer: D is incorrect. This is the process of determiningbb which risks may affect the project and documenting their characteristics. Answer: B is incorrect. This is the process of implementing risk response plans, tracking identified risks, monitoring residual risk, identifying new risks, and evaluating risk process effectiveness through the project.

The head -n 5 /etc/passwd command will show the first 5 lines of the file /etc/passwd.

The following types of software are safety critical software: Software that is used to apply a critical decision-making process Software that is used to manage or monitor safety critical functions Software that intervenes when an unsafe condition is present or is about to happen Software that executes on the same target system as safety critical software Software that impacts the systems on which safety critical software runs Software that manages safety critical data including display of safety critical information Software that is used to validate and verify safety critical software Answer: D is incorrect. Software that is used to manage or monitor safety critical functions is known as safety critical software. Answer: C is incorrect. Software that intervenes when an unsafe condition is present or is about to happen is known as safety critical software.

MS-CHAPv2 provides mutual authentication between peers by piggybacking a peer challenge on the Response packet and an authenticator response on the Success packet. MS-CHAPv2 has various features such as: It is enabled by negotiating CHAP Algorithm 0x80 (0x81 for MS-CHAPv2) in LCP option 3, Authentication Protocol. It provides an authenticator-controlled password change mechanism. It provides an authenticator-controlled authentication retry mechanism. It defines failure codes returned in the Failure packet message field. With weak passwords, MS-CHAPv2 is subject to offline dictionary attacks; hence, it can be replaced with EAP-TLS as the authentication mechanism for PPTP.

The Control Objectives for Information and related Technology (COBIT) is a set of best practices (framework) for information technology (IT) management, which provides managers, auditors, and IT users with a set of generally accepted measures, indicators, processes and best practices to assist them in maximizing the benefits derived through the use of information technology and developing appropriate IT governance and control in a company. It has the following 11 processes: Developing a strategic plan. Articulating the information architecture. Finding an optimal stage between the IT and the organization's strategy. Designing the IT function to match the organization's needs. Maximizing the return of the IT investment. Communicating IT policies to the user's community. Managing the IT workforce. Obeying external regulations, laws, and contracts. Conducting IT risk assessments. Maintaining a high-quality systems-development process. Incorporating sound project-management techniques. Answer: B is incorrect. Correcting all risk issues does not come under auditing processes.

In the given scenario, you will add constraints to the EmpID and DeptNo columns of the EmployeeData table, as you want EmpID to be unique, and the number entered in the DeptNo column to be valid. A constraint enforces the integrity of a database. It defines rules regarding the values allowed in the columns of a table. A constraint is the standard mechanism for enforcing integrity. Using constraints is preferred to using triggers, rules, and defaults. Most of the RDBMS databases support the following five types of constraints: NOT NULL constraint: It specifies that the column does not accept NULL values. CHECK constraint: It enforces domain integrity by limiting the values that can be placed in a column. UNIQUE constraint: It enforces the uniqueness of values in a set of columns. PRIMARY KEY constraint: It identifies the column or set of columns whose values uniquely identify a row in a table. FOREIGN KEY constraint: It establishes a foreign key relationship between the columns of the same table or different tables. Following are the functions of constraints: Constraints enforce rules on data in a table whenever a row is inserted, updated, or deleted from the table. Constraints prevent the deletion of a table if there are dependencies from other tables. Constraints enforce rules at the column level as well as at the table level. Defining indexes in the EmployeeData table will help you find employee information based on EmpID, very fast. An index is a pointer to a table. It speeds up the process of data retrieval from a table. It is stored separately from a table for which it was created. Indexes can be created or dropped without affecting the data in a table. The syntax for creating an index is as follows: CREATE INDEX Indexes can also be used for implementing data integrity in a table. A unique index does not allow duplicate values to enter in a row if a particular column is indexed as a unique index. The syntax for creating a unique index is as follows: CREATE UNIQUE INDEX You will also add a stored procedure named AddEmp by using Transact-SQL queries. AddEmp will accept data values for new employees and will subsequently add a row in the EmployeeData table. Stored procedures are precompiled SQL routines that are stored on a database server. They are a combination of multiple SQL statements that form a logical unit and perform a particular task. Stored procedures provide the capability of combining multiple SQL statements and improve speed due to precompiled routines. Most of the DBMS provide support for stored procedures. They usually differ in their syntax and capabilities from one DBMS to another. A stored procedure can take three parameters: IN, OUT, and INOUT. Note: Stored procedures are very similar to functions and procedures of common programming languages. You will also define a view named DeptEmpView that will combine data from the Department and EmployeeData tables and thus produce the required result. A view can be thought of as a virtual table. The data accessible through a view is not stored in the database as a distinct object. Views are created by defining a SELECT statement. The result set of the SELECT statement forms the virtual table. A user can use this virtual table by referencing the view name in SQL statements in the same way a table is referenced. Answer: A is incorrect. You do not need to define any triggers in the EmployeeData table, as they are not required while making the EmpID unique, or while entering valid data values in DeptNo. A trigger is a special kind of stored procedure that automatically runs when data in a specified table is updated, inserted, or deleted. Triggers can query other tables and can include complex SQL statements.