Thursday, August 30, 2012

Mastering Microsoft Windows Server 2008 R2

Mastering Microsoft Windows Server 2008 R2
By
Mark Minasi,
Darril Gibson,
Aidan Finn,
Wendy Henry,
Byron Hynes

For Best CISCO/MCITP/LINUX/EXCHANGE SERVER/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

Monday, August 27, 2012

CCNP Route - 642-902

Which two statements about 6to4 tunneling are accurate? (choose two)
Select the 2 best responses.
A. Prepending a reserved IPv6 code to the hexadecimal representation of 192.168.0.1 facilitates 6to4 tunneling
B. 2002::/48 is the address range specifically assigned to 6to4
C. Each 6to4 site receives a /48 prefix in a 6to4 tunnel
D. Prepending 0x2002 with the IPv4 address creates an IPv6 address that is used in 6to4 tunning
E. 6to4 is a manual tunnel method
Answer: CD

For Best CISCO/MCITP/LINUX/EXCHANGE SERVER/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

CCNP Route - 642-902

When learning a new route, if a LSA received is not found in the topological database, what will an internal OSPF router do?
Select the best response.
A. The sequence numbers are checked, and if the LSA is valid it is entered into the topology database.
B. The LSA is placed in the topological database and an acknowledgement is sent to the transmitting router.
 C. The LSA is dropped and a message is sent to the transmitting router.
D. The LSA is flooded immediately out of all the OSPF interfaces, except the interface from which the LSA was received.
Answer: D

For Best CISCO/MCITP/LINUX/EXCHANGE SERVER/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

CCNP Route - 642-902

What are two Cisco IOS commands that can be used to view neighbor adjacencies? (Choose two.)
Select 2 response(s).
A. show ip ospf database
B. show ip ospf neighbors
C. show ip ospf protocols
D. show ip ospf interfaces
Answer: BD

For Best CISCO/MCITP/LINUX/EXCHANGE SERVER/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

Watch the difference...!!

Image

Wednesday, August 22, 2012

Airport VPN hacked using Citadel malware

It sounds like an air traveler’s nightmare, Researchers at Trusteer recently uncovered a variant of the Citadel Trojan targeting the virtual private network (VPN) credentials used by employees at a major airport.The firm would not disclose the name of the airport because the situation is being investigated by law enforcement.

Many businesses use VPNs to provide outside workers with access to secure data. Incursions on these networks often involve advanced “Man in the Browser” malware such as the Citadel, Zeus, and SpyEye programs. The man-in-the-browser (MITB) assault first used form-grabbing malware, which steals data entered into web forms before it is passed over the internet, to steal the airport employees' VPN usernames and passwords, Amit Klein, Trusteer's chief technology officer, said in a blog post.

“This was potentially very dangerous, but we don’t know whether the attacker group was targeting the financial system of the airport for economic gain or if the attack was terrorism-related,”


Posted Image

The airport VPN was immediately disconnected after officials there were made aware of the breach and authorities are investigating.

The product that the airport was using to provide strong authentication for employees gave each user two choices: log in with a username and a one-time password that's sent via SMS or a smartphone app; or log in using a CAPTCHA-like image of 10 digits that the user maps to his own static password. The Citadel malware used the screen-capture tactic to defeat this.

"This security measure prevents the form grabber from capturing the actual static password. This is where the screen capturing feature in Citadel kicks in," Klein said.

Trusteer doesn't know who the attackers are and what they are after, but Kedem says they could be trying to gather intelligence on airport security processes, or even the border customs service.He says the attack appears to be very targeted, and the bottom line is that VPN connections are not safe.

In addition to using endpoint cybercrime prevention software, Kedem also advises users to abide by standard practices for preventing infection: avoid opening unknown attachments or clicking links in emails.

Source: NETASQ

Google engineers Warn Of Serious Unpatched Adobe Reader Flaws

Adobe has missed dozens of vulnerabilities in Reader in this week’s Patch Tuesday run according to Google engineers who reported the flaws. Sixteen vulnerabilities still affected the Windows and Mac OS X versions, while 31 critical and “trivially exploitable” bugs were found in the Linux application.

Of particular concern to Google’s Mateusz Jurczyk and Gynvael Coldwind are bugs in Reader for Linux, although other issues affect versions for Windows and OS X. For the Linux version, which went completely unpatched, Adobe and Google have been working together to counter 14 “new unique crashes” and nine “test-cases” that were potentially exploitable for remote code execution.

When Adobe released a new version of Reader for Windows and Mac OS X earlier this week, it patched 12 vulnerabilities, but another 16 remained unpatched. Jurczyk and Coldwind decided to come forward with information on those flaws in the interest of user safety, as Adobe has no plans to issue additional out of band updates before 27 August.

Posted Image

“Considering that fixing the first twenty four crashes took twelve unique code fixes, it is expected that the remaining crashes might represent around eight more unique problems. Adobe plans to fix these remaining bugs and issue an update for the Linux version of Reader in an upcoming release,” the Google researchers said.

Adobe released new versions of Adobe Acrobat, Reader, Shockwave, and Flash to patch security holes in those products as well.

Check out the details of the Microsoft and Adobe security bulletins to figure out which ones apply to you, and prioritize the patches that are most critical or have the greatest potential to impact your PCs.


Source: NETASQ

CCNA: 640-802

Which command shows your active Telnet connections?
A.show sessions
B.show cdp neighbors
C.show users
D.show queue
Answer: A

For Best CISCO/MCITP/LINUX/EXCHANGE SERVER/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

CCNA - 640-802

Which command can you use to determine the Cisco IOS feature set on a Cisco router?
A.show version
B.dir flash:|include ios
C.show environment
D.show diag
E.show inventory
Answer: A

For Best CISCO/MCITP/LINUX/EXCHANGE SERVER/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

CCNA - 640-802

What functions do routers perform in a network? (Choose two.)
A.packet switching
B.access layer security
C.path selection
D.VLAN membership assignment
E.bridging between LAN segments
F.microsegmentation of broadcast domains
Answer: AC

For Best CISCO/MCITP/LINUX/EXCHANGE SERVER/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

Friday, August 17, 2012

MyAgent Trojan Targets Defense and Aerospace Industries

FireEye Security experts are analyzing a targeted trojan that leverages emailed PDF files to gain access to systems and deliver its payload to specified networks in the aerospace, chemical, defense and tech industries.

"We have seen different versions of this malware arriving as an exe inside a zipped file or as a PDF attachment. In this particular sample, the exe once executed opens up a PDF file called "Health Insurance and Welfare Policy." In addition to opening up a PDF file, the initial exe also drops another executable called ABODE32.exe (notice the typo) in the temp directory."

Resized to 95% (was 1015 x 512) - Click image to enlargePosted Image


The malware also uses JavaScript to assess which version of Adobe Reader is currently running on the host machine,and then executes attacks based on known vulnerabilities in the discovered version. Once the trojan has infected its host machine, it communicates with its command and control server, the user agent string and URI of which are hard-coded into MyAgent’s binary.

FireEye reports that most of the payloads are detected by updated antivirus software, based on research executed by running the binaries through VirusTotal.

Source: Forum - NETASQ India

Your Friend can help Investigators to Access your Facebook Profile

If you’re not already particularly picky about who you friend on Facebook, you might wantto think about rejiggering those privacy settings. It's not the backdoor access that the FBI has been pushing for, but US District Judge William Pauley III has now ruled that it and other law enforcement agencies are entitled to view your Facebook profile if one of your "friends" gives them permission to do so.

As GigaOm reports, a New York City federal judge ruled in a recent racketeering trial that it’s legal for police to view your Facebook profile if one of your friends grants them permission.
Better start sniffing out the rats on your friends list.

Posted Image

That’s because all of that data that you think is personal really isn’t that personal after all, according to the Judge. "Colon’s legitimate expectation of privacy ended when he disseminated posts to his friends because those friends were free to use the information however the wanted including sharing it with the Government."

Both government agencies and private companies alike are mining social media to gain additional knowledge. Whether it’s a criminal investigation like this one or insurance companies reportedly combing through Facebook profiles to determine the party at fault in an auto accident, the freedom and public nature of social media can work both for and against its users.

Ultimately, users have to be aware of the public status of online information as well as the ease with which it can be obtained. Don’t post anything you don’t want to be found or seen.

Source: Forum - NETASQ India

Thursday, August 16, 2012

CCNA 640-802

What is the purpose using the traceroute command?

A.to map all the devices on a network.
B.to display the current TCP/IP configuration values.
C.to see how a device MAC address is mapped to its IP address.
D.to see the path a packet will take when traveling to a specified destination.
E.to display the MTU values for each router in a specified network path from source to a destination.

Answer: D

For Best CISCO/MCITP/LINUX/EXCHANGE SERVER/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

CCNA 640-802

Which protocol should be used to establish a secure terminal connection to a remote network device? Select the best response.

A.ARP
B.SSH
C.Telnet
D.WEP
E.SNMPv1
F.SNMPv2

Answer: B

For Best CISCO/MCITP/LINUX/EXCHANGE SERVER/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com


CCNA 640-802



In the communication between host 1 and host 2 over the point-to-point WAN, which protocol or technology is represented by dashed line A?
A.IP
B.T1
C.PPP
D.IEEE 802.3

Answer: A

For Best CISCO/MCITP/LINUX/EXCHANGE SERVER/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

BackTrack 5 R3 Released - Download Now !




The latest version of Backtrack is out! Check out Backtrack 5 R3!

“The time has come to refresh our security tool arsenal – BackTrack 5 R3 has been released.
R3 focuses on bug-fixes as well as the addition of over 60 new tools – several of which
were released in BlackHat and Defcon 2012. A whole new tool category was populated –
“Physical Exploitation”, which now includes tools such as the Arduino IDE and libraries,
as well as the Kautilya Teensy payload collection.”

Backtrack Team have released a single VMware Image (Gnome, 32 bit),
 for those requiring other VM flavors of BackTrack.

 





MCITP 70 - 642

Your network contains one Active Directory domain. You have a member server that runs Windows Server 2008 R2. You need to immediately disable all incoming connections to the server. What should you do?
A.From the Services snap-in, disable the IP Helper.
B.From the Services snap-in, disable the Netlogon service.
 C.From Windows Firewall, enable the Block all connections option on the Public Profile.
 D.From Windows Firewall, enable the Block all connections option on the Domain Profile.
Answer: D

For Best CISCO/MCITP/LINUX/EXCHANGE SERVER/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

MCITP 70 - 642


Your network contains a DNS server named DNS1 that runs Windows Server 2008 R2. You need to be notified by e-mail if the DNS service logs errors or warnings. The solution must minimize the number of e-mail notifications you receive. What should you do?
A.Create an alert in Performance Monitor.
 B.Run the Configure a DNS Server Wizard.
C.Select the DNS Server log from Event Viewer and attach a task to the log.
D.Create a custom view from Event Viewer and attach a task to the custom view.
Answer: D
For Best CISCO/MCITP/LINUX/EXCHANGE SERVER/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

MCITP 70 - 642

Your network contains a server named Server1 that runs Windows Server 2008 R2. You need to identify which processes perform the most disk writes and disk reads per second. Which tool should you use?
A.Disk Management
B.Reliability Monitor
C.Resource Monitor
D.Storage Explorer
Answer: C

For Best CISCO/MCITP/LINUX/EXCHANGE SERVER/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

Every thing is Possible...!!!


Cables are connected on 25 & 26 PORT and LED is comming on 27 & 28 ?

Any Guesses when this will happen.. ?


Photo: Every thing is Possible ? 

Cables are connected on 25 & 26 PORT and LED is comming on 27 & 28 ?

Any Guesses when this will happen.. ?

NEW Wireless Technology

Photo: NEW Wireless Technology

Wedding Ring for Network Administrators

Photo: Wedding Ring for Network Administrators

Monday, August 13, 2012

CCIE 350-001 (Routing & Switching)

Under which two circumstances would an RSTP bridge flush its CAM table? (Choose two)
A.Upon a port state change
B.Upon receiving a topology change notification
C.When transitioning from discarding to forwarding
D.When transitioning from forwarding to discarding
E.Only when changing from listening to discarding
F.When CAM resources have been completely used up
Answer: BC
For Best CISCO/MCITP/LINUX/EXCHANGE SERVER/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

CCIE 350-001 (Routing & Switching)

Refer to the exhibit:
Image
Which switching feature is being tested?
A.loop guard
B.PortFast
C.root guard
D.BDPU guard

Answer: A
For Best CISCO/MCITP/LINUX/EXCHANGE SERVER/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

CCIE 350-001 (Routing & Switching)

What two features in Cisco switches help prevent Layer 2 loops? (Choose two)
A.UniDirectional Link Detection
B.Hot Standby Router Protocol
C.Virtual Router Redundancy Protocol
D.PortFast
E.Root guard
F.Loop guard
Answer: AF
For Best CISCO/MCITP/LINUX/EXCHANGE SERVER/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

Friday, August 10, 2012

DSD & ASIO Websites Attacked by Anonymous for #OpAustralia


The anonymous Operation Australia hackers have today again been busy with further attacks on the ASIO and DSD website. The attacks have been taking place throughout the day and continuing right now. The website  http://www.dsd.gov.au/ appeared to be down when checked not long ago as well as http://www.asio.gov.au/ which was taken down again a short time ago.




The attacks have been part of the on going operation that is fighting out against the purposed security laws that the Australian government is attempting to bring into place in the near future.

Earlier today a member from #nulcrew released data from an Australian server in the name of the operation and over the past weeks we have seen many attacks across many different websites.

Source :CWN

Wednesday, August 8, 2012

10 most common passwords for password cracking


Administering Windows Server 2008 Server Core

Image click here

Administering Windows Server 2008 Server Core

By John Paul Mueller
For Best CISCO/MCITP/LINUX/EXCHANGE SERVER/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

Malicious Olympic 2012 Android Apps & Domains

Image
Whenever an important event takes place, new opportunities for cyber criminals, especially for those who develop attacks based on social engineering, arise. Currently, the whole world has its eyes glued to TV screens watching the London 2012 Olympic Games.
Anti-malware and anti-virus solutions provider Webroot has issued a warning that an app app called “London Olympics Widget,” which is described as an app that displays aggregated Olympic news coverage. In fact, it’s really just harvesting the user’s contact list and device ID while reading up on SMS messages too.
The package name is ‘com.games.London.Olympics.widget’. This app has a digital certificate claiming it was developed in New Delhi, India.
For this scam, cybercriminals create websites that are very appealing; some even look very professional that they make it seem that you are close to having access to live programming. Researchers explain that the crooks rely on black hat SEO techniques to make sure that their malicious websites show up among the first in search engine results.
The security firm has determined that close to 10,000 clicks have already been redirected to the fraudulent Olympics website.Overall, a number of 38,000 clicks have been redirected to such sites, the victims being spread out across 100 countries.
Webroot advises that consumers should take a close look at the author of the app and then search the name to see if it is in fact a reputable company and/or developer, as seen in the photo above. A way that consumers can protect themselves from becoming a victim of these types of online scams is by learning about social engineering so they can recognize it and avoid falling into these traps.

CCNA: 640-802

Acknowldgement, Sequencing, and Flow control are characteristics of which OSI layer?
A.Layer 2
B.Layer 3
C.Layer 4
D.Layer 5
E.Layer 6
F.Layer 7
Answer: C
For Best CISCO/MCITP/LINUX/EXCHANGE SERVER/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

CCNA: 640-802

Refer Exhibit
Image
Host A pings Host B. What source MAC address and source IP address are contained in the frame as the frame leaves R2 destined for host B?
A.abcd.abcd.a001
B.abcd.abcd.b002
C.abcd.abcd.c003
D.10.2.0.15
E.10.0.64.1
F.10.0.128.15
Answer: BD

CCNA: 640-802

Image
Which destination addresses will be used by Host A to send data to Host C? (Choose two.)
A.the IP address of Switch 1
B.the MAC address of Switch 1
C.the IP address of Host C
D.the MAC address of Host C
E.the IP address of the router’s E0 interface
F.the MAC address of the router’s E0 interface
Answer: CF
For Best CISCO/MCITP/LINUX/EXCHANGE SERVR/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

Tuesday, August 7, 2012

CCNP 642-902

You are developing a verification plan for an upcoming OSPF implementation. Part of this plan is to verify the status of type 3 LSAs within the network. Which routers should you verify first to ensure that the configurations are correct for generating type 3 LSAs?
Select the best response.
A. Internal routers within the backbone area (area 0)
B. Internal routers within the NSSAs
C. Internal routers within the stubby areas
D. ASBRs
E. ABRs
F. DRs and BDRs
Answer: E
For Best CISCO/MCITP/LINUX/EXCHANGE SERVR/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

CCNP 642-902

The administrator wants to verify the current state of the OSPF database loading process. Which show command should the administrator use?
Select the best response.
A. show ip ospf [process-id] interface
B. show ip ospf neighbor
C. show ip ospf [process-id]
D. show ip ospf [process-id area-id] database
Answer: B
For Best CISCO/MCITP/LINUX/EXCHANGE SERVR/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

CCNP 642-902

What is the purpose of configuring the router as a PPPoE client?
Select the best response.
A. to provide VPN access over L2TP
B. to enable PPP session from the router to the termination device at the headend for metro Ethernet connectivity
C. for DSL connectivity and removing the need for the end-user PC to run the PPPoE client software
D. for connecting the router to a cable modem, which bridges the Ethernet frames from the router to the cable modem termination system

Answer: C
For Best CISCO/MCITP/LINUX/EXCHANGE SERVR/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

Monday, August 6, 2012

LinkedIn Data Breach Costs $1 Million

Posted Image


Business networking site LinkedIn has announced it took a hit of up to $1 million due to one of the year's largest reported data breaches. LinkedIn spent between $500,000 and $1 million on forensic work after a large number of passwords were breached, LinkedIn CFO Steve Sordello said on the company's earnings call today.

He said the 175-million-member company continued to strengthen its website's security and is expected to add $2 million to $3 million in costs in the current quarter toward those efforts.

“Part of adding value to our members every day means ensuring that their experience on LinkedIn is safe and secure,” he said.

“Since the breach, we have redoubled our efforts to ensure the safety of member account on LinkedIn by further improving password strengthening measures and enhancing the security of our infrastructure and data. The health of our network as measured by number of growth and engagement remains as strong as it was prior to the incident.”

After the leak was discovered, LinkedIn reset the passwords of accounts that they believed were frozen.The stolen passwords were camouflaged using an outdated cryptographic hash function, SHA-1, created by the National Security Agency. In addition to this weakness, LinkedIn failed to add additional security layers, such as salting the passwords, a technique which randomly appends a string of characters.

Following the attack, LinkedIn confirmed in a blog post the addition of new security layers, including the salting of passwords.

Source : forum.netasqindia.com

Friday, August 3, 2012

The Basics of Hacking and Penetration Testing


Ethical Hacking and Penetration Testing Made Easy
Author: Patrick Engebretson
Click Here

Exam Question : MCITP : 70-640

Your company has an Active Directory domain. A user attempts to log on to the domain from a client computer and receives the following message: “This user account has expired. Ask your administrator to reactivate the account.” You need to ensure that the user is able to log on to the domain. What should you do?

A.Modify the properties of the user account to set the account to never expire.
B.Modify the properties of the user account to extend the Logon Hours setting.
C.Modify the default domain policy to decrease the account lockout duration.
D.Modify the properties of the user account to set the password to never expire.

Answer: A
For Best  MCITP  Training,visit www.zoomgroup.com
Join us on facebook

Exam Question : MCITP : 70-640

You need to remove the Active Directory Domain Services role from a domain controller named DC1. What should you do?
A.Run the netdom remove DC1 command.
B.Run the Dcpromo utility. Remove the Active Directory Domain Services role.
C.Run the nltest /remove_server: DC1 command.
D.Reset the Domain Controller computer account by using the Active Directory Users and Computers utility.
Answer: B

For Best  MCITP Training,visit www.zoomgroup.com

Join us on facebook

Exam Question : MCITP : 70-640

You have an existing Active Directory site named Site1. You create a new Active Directory site and name it Site2.
You need to configure Active Directory replication between Site1 and Site2. You install a new domain controller.
You create the site link between Site1 and Site2.
What should you do next?
A.Use the Active Directory Sites and Services console to assign a new IP subnet to Site2. Move the new domain controller object to Site2.
B.Use the Active Directory Sites and Services console to configure a new site link bridge object.
C.Use the Active Directory Sites and Services console to decrease the site link cost between Site1 and Site2.
D.Use the Active Directory Sites and Services console to configure the new domain controller as a preferred bridgehead server for Site1.
Answer: A
For Best MCITP  Training,visit www.zoomgroup.com
Join us on facebook

Wednesday, August 1, 2012

CCNA:640-802

What are two characteristics of Telnet? (Choose two.)

A.It sends data in clear text format.
B.It is no longer supported on Cisco network devices.
C.It is more secure than SSH.
D.It requires an enterprise license in order to be implemented.
E.It requires that the destination device be configured to support Telnet connections.
 
Answer: AE

CCNA:640-802



Drag & Drop
                                       
 
 
 
 
Answer:



For Best CCNA Training,visit www.zoomgroup.com
Join us on facebook

CCNA - 640-802

 Refer to the exhbit:

What kind of cable should be used to make each connection that s identified by the numbers shown?
A.1 - Ethernet straight-through cable
   2 - Ethernet crossover cable
   3 - Serial cable
   4 - Ethernet straight-through cable
B. 1 - Ethernet rollover cable
    2 - Ethernet crossover cable
    3 - Serial cable
    4 - Null modem cable
C.1 - Ethernet straight-through cable
    2 - Ethernet crossover cable
    3 - Serial cable
   4 - Rollover cable
D.1 - Ethernet crossover cable
    2 - Ethernet straight-through cable
   3 - Fiber Optic cable
   4 - Rollover cable
   E.1 - Ethernet straight-through cable
       2 - Ethernet straight-through cable
      3 - Serial cable
      4 - Rollover cable

Answer: E

For Best CCNA Training,visit www.zoomgroup.com
Join us on facebook