------------ is summary data collected from packet headers and network devices that illustrates connection, traffic, protocol and other patterns.
A is a formal description of message formats and the rules for exchanging those messages
Results from a port scan would likely benefit an attacker (select all that apply)
|during the Attack & Exploitation phase|
during the Device Discovery & Service Enumeration phase
|exfiltrate data from the target environment|
|when attempting to identify a specific device type (database, web server, etc.)|
Why should a defender monitor for the release of new metasploit modules, new attacker tools, techniques, etc? How can a defender make this information "actionable" in a manner that will reduce overall risk of compromise?
What are four qualities of an Information Security Monitoring program.
Hint, "contributes to a growing knowledge base" is one...
Describe the concepts of Defense in Depth and Detection in Depth. Compare and contrast. What's different? What's similar?
Make sure you describe both concepts in full sentences and discuss the differences and similarities thoroughly.)
What is multi-factor authentication? Identify each component and provide an example.
Successfully defending or attacking a target network, application, or device can often require a good deal of technical skill and experience. Why and how does malware and tools such as Metasploit upset this balance? Consider both please.
Define and describe each phase in the defender's methodology, provide examples.
How would the "principle of least privilege" apply when setting up a user account for a new employee?
<img src="http://url.to.file.which/not.exist" onerror=alert(document.cookie);>
|" ]||is likely a cross reference reflection attack|
|" ]||is likely a cross site scripting attack|
|" ]||is likely a cross request forgery attack|
|" ]||is likely a cross buffer overflow attack|
www.exploit-db.com is "the ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike."
What category of security relevant data would you categorize this resource as and why? What value does it provide to a network defender?