Tuesday, July 31, 2012

Cisco Security Specialist's Guide to Pix Firewall




Name of the Book: Cisco Security Specialist's Guide to Pix Firewall
Author of Book: Vitaly Osipov, Woody Weaver, Ralph Troupe, Mike Sweeney
Please Click HERE

For Best CISCO/MCITP/LINUX/EXCHANGE SERVR/PC HARDWARE AND  NETWORKING Training visit www.zoomgroup.com
Join us on facebook

CCNA: 640-802

Refer to the exhibit:



A network administrator attempts to ping Host2 from Host1 and receives the result that are shown. What is a possible problem?

A.The link between Host1 and Switch1 is down.
B.TCP/IP is not functioning on Host1.
C.The link between Router1 and Router2 is down.
D.The default gateway on Host1 is incorrect.
E.Interface Fa0/0 on Router1 is shudown.
F.The link between Switch1 and Router1 is down.

Answer: C

For Best CCNA training,visit www.zoomgroup.com
Join us on facebook

CCNA: 640-802

Refer to the exhibit:



The two connected ports on the switch are not turning orange or green. What would be the most effective steps to troubleshoot this physical layer problem? (Choose three.)

A.Ensure that the Ethernet encapsulations match on the interconnected router and switch ports.
B.Ensure that cables A and B are straight-through cables.
C.Ensure cable A is plugged into a trunk port.
D.Ensure the switch has power.
E.Reboot all of the devices.
F.Reseat all cables.
Answer: BDF

For Best CCNA training,visit www.zoomgroup.com
Join us on facebook

CCNA: 640-802

Which of the following statements describe the network shown in the graphic? (Choose two.)




A.There are two broadcast domains in the network.
B.There are four broadcast domains in the network.
C.There are six broadcast domains in the network.
D.There are four collision domains in the network.
E.There are five collision domains in the network.
F.There are seven collision domains in the network

Answer: AF

For Best CCNA training,visit www.zoomgroup.com
Join us on facebook

Monday, July 30, 2012

The Virus

CCNA - 640-802

Which one of the following varieties of NAT utilizes different ports to map multiple IP addresses to a single globally registered IP address?

A.Static NAT
B.Dynamic NAT
C.Overloading
D.Overlapping
E.Port loading
 
Answer: C

For Best CCNA training,visit www.zoomgroup.com
Join us on facebook

CCNA - 640-802

Which address are OSPF hello packets addressed to on point-to-point networks

A.224.0.0.5
B.172.16.0.1
C.192.168.0.5
D.223.0.0.1
E.254.255.255.255
 
Answer: A
For Best CCNA training,visit www.zoomgroup.com
Join us on facebook 

CCNA - 640-802

To what does the 128 refer to in the router output above?

A.OSPF priority
B.OSPF hop count
C.OSPF ID number
D.OSPF cost
E.OSPF administrative distance
 
Answer: D
For Best CCNA training,visit www.zoomgroup.com
Join us on facebook 

CCIE Routing and Switching v4.0 Quick Reference

Name of The Book: CCIE Routing and Switching v4.0 Quick Reference
Author of The Book: Jacob Uecker and Brad Ellis
For more Please click HERE

For Best CCIE training,visit www.zoomgroup.com
Join us on facebook

Thursday, July 26, 2012

NFC flaw allows easy hacking of Android and Nokia phones

All right, we should qualify this right out of the box: this flaw in NFC can allow pretty easy hacking of devices, but of course because of the way NFC works, the hacker needs to be really really really close to you in the first place, which does help to mitigate the security threat a bit. Still, Charlie Miller showed off a pretty easy hack at the Black Hat security conference using Samsung Android handsets and Nokia MeeGo handsets. 

Of course, as we said, the attacking device (either a standalone chip, or other NFC-enabled device) has to be just a few centimeters from the target device in order to use the NFC exploit. The hack works by beaming malicious code wirelessly to the target device, and once deployed the code will exploit a known vulnerability through files or webpages in a document reader or browser, or even in the operating system itself. So, essentially, the NFC exploit is really just an extremely easy delivery system for malicious code rather than a direct exploit of the systems. 

The exploit was shown on a Nexus S running Android 2.3 Gingerbread, and a Galaxy Nexus running Android 4.0 Ice Cream Sandwich. It's unclear how the new security features of Jelly Bean factor into this. The exploit was also shown on the Nokia N9. The basic problem is that once NFC interactions are enabled (default on with Android, but default off in MeeGo), all files are automatically accepted without any options by users to refuse files. Since files are automatically accepted, it makes it much easier to load malicious code on a target device, assuming you can get close enough to do so
Source: netasq-India

CCIE (ROUTING AND SWITCHING) -- 350-001

If a port configured with STP loop guard stops receiving BPDUs, the port will be put into which state?

A.learning state
B.listening state
C.forwarding state
D.loop-inconsistent state

Answer: D

For Best CCIE training visit,www.zoomgroup.com
Join us on facebok

CCIE (ROUTING AND SWITCHING) -- 350-001

When STP UplinkFast is enabled on a switch utilizing the default bridge priority, what will the new bridge priority be changed to?

A.8192
B.16384
C.49152
D.65535

Answer: C
For Best CCIE training visit,www.zoomgroup.com
Join us on facebok

CCIE (ROUTING AND SWITCHING)-- 350-001

The classic Spanning Tree Protocol (802.1D 1998) uses which sequence of variables to determine the best received BPDU?

A.1) lowest root bridge id, 2) lowest sender bridge id, 3) lowest port id, 4) lowest root path cost
B.1) lowest root path cost, 2) lowest root bridge id, 3) lowest sender bridge id, 4) lowest sender port id
C.1) lowest root bridge id, 2) lowest sender bridge id, 3) lowest root path cost 4) lowest sender port id
D.1) lowest root bridge id, 2) lowest root path cost, 3) lowest sender bridge id, 4) lowest sender port id

Answer: D
For Best CCIE training visit,www.zoomgroup.com
Join us on facebok

Wednesday, July 25, 2012

CCNP Route (640-902)

which two types of routes will be advertised with the EIGRP configuration as shown? (Choose two.)
   router eigrp 100
        network 10.0.0.0 eigrp stub
Select the 2 best responses.

A. static
B. receive-only
C. summary
D. stub
E. connected
F. dynamic

Answer: CE

For Best CCNP Training,visit www.zoomgroup.com
Join us on facebook

CCNP Route (640-902)

A problem was reported that the 10.10.10.0/24 prefix was not injected into the local BGP table on RouterA. The following information is available from RouterA:

configuration:
router bgp 65001
network 10.0.0.0
neighbor 172.16.1.1 remote-as 65002 no auto-summary

routing table information:
show ip route | include 10
   O 10.10.10.0/24 [110/11] via 192.168.1.1, 2d00h, Ethernet0/0

Select the best response.
Why is this prefix not in the local BGP table?
A. This route is not a BGP learned route.
B. The network command is wrong.
C. The 172.16.1.1 neighbor is down.
D. The prefix 10.10.10.0/24 is not a 'connected' route.
 
Answer: B

For Best CCNP Training,visit www.zoomgroup.com
Join us on facebook

CCNP Route (640-902)

What are two possible causes for EIGRP Stuck-In-Active routers? (Choose Two)
Select the 2 best responses.

A. Some query or reply packets are lost between the routers.
B. The neighboring router starts receiving route updates from this router.
C. A failure causes traffic on a link between two neighboring routers to flow in only one direction (unidirectional link).
D. The neighboring router stops receiving ACK packets from this router.

Answer: AC

For Best CCNP Training,visit www.zoomgroup.com
Join us on facebook

CVE-2012-2808 : Android 4.0.4 DNS poisoning vulnerability Exposed

Android's DNS resolver is vulnerable to DNS poisoning due to weak randomness in its implementation. Researchers Roee Hay & Roi Saltzman from IBM Application Security Research Group demonstrate that how an attacker can successfully guess the nonce of the DNS request with a probability thatis suficient for a feasible attack. Android version 4.0.4 and below are Vulnerable to this bug
 
 6a00d835130c5153ef016768b59c8d970b
 
Weakness in its pseudo-random number generator (PRNG), which makes DNS poisoning attacks feasible. DNS poisoning attacks may endanger the integrity and con dentiality of the attacked system. For example, in Android, the Browser app can be attacked in order to steal the victim's cookies of a domain of the attacker's choice. If the attacker manages to lure the victim to browse to a web page controlled by him/her, the attacker can use JavaScript, to start resolving non-existing sub-domains.
Upon success, a sub-domain points to the attacker's IP, which enables the latter to steal wild card cookies of the attacked domain, and even set cookies. In addition, a malicious app instantiate the Browser app on the attacker's malicious web-page. If the attacker knows the PID (for example, a malicious app can access that information), the attack expected time can be reduced furthermore.

Vulnerability dubbed as "CVE-2012-2808" Android 4.1.1 has been released, and patches are available on AOSP. The random sample is now pulled from /dev/urandom, which should have adequate entropy by the time network activity occurs.
 
 Source: netasq-India

8 million passwords dumped from gaming website Gamigo

Four months after the gaming site Gamigo warned users about a hacker intrusion that accessed some portions of its users’ credentials, more than 8 million usernames, emails and and encrypted passwords from the site have been published on the Web, according to the data breach alert service PwnedList.

The list of passwords, which were scrambled using a one-way cryptographic hash algorithm, were published earlier this month to a forum on the password-cracking website Inside Pro. According to forbe,"The list also contained 8.2 million unique e-mail addresses, including 3 million American accounts from the US, 2.4 million accounts from Germany, and 1.3 million accounts from France."

Gamigo warned users in early March that an attack on the Gamigo database had exposed hashed passwords and usernames and possibly other, unspecified additional personal data. The site required users to change their account passwords.
 
 
gamigo-595x341 
 
 
PwnedList founder Steve Thomas said, “It’s the largest leak I’ve ever actually seen. When this breach originally happened, the data wasn’t released, so it wasn’t a big concern. Now eight million email addresses and passwords have been online, live data for any hacker to see.

This breach is bigger than anything we've seen so far this year. In the last few months, there have been a slew of attacks against the following sites: LinkedIn, eHarmony, Last.fm, Yahoo, Android Forums, Formspring, and Nvidia, among others.
Gamigo users can check on PwnedList’s site whether their email address is included in the leak.

On March 1, Gamigo sent out the following e-mail to its users:

Dear Community,

As you have all already noticed, our game servers, websites and forums are partially unreachable at the moment. We would like to explain to you what happened and what has been done on our side.

There was an attack on the gamigo database in which user information, such as alias usernames and encrypted passwords were stolen. An excerpt from these was published in the gamigo forums. We detected the attack and are working to the utmost of our resources to repair the damage and determine how it happened.

Your character data, including items, is safely stored on the backup! We cannot rule out that the intruder(s) is/are still in possession of additional personal data, although to date we have received no report of any fraudulent use.

To prevent any unauthorized access to your account, we have reset all passwords for the gamigo account system and for all gamigo games!
 
Source: netasq-India
 

MCITP - 70-640

A corporate network contains a Windows Server 2008 R2 Active Directory forest.
You need to add a User Principle Name (UPN) suffix to the forest.
What tool should you use?

A.Dsmgmt.
B.Active Directory Domains and Trusts console.
C.Active Directory Users and Computers console.
D.Active Directory Sites and Services console.

Answer: B

For Best MCITP Training,visit www.zoomgroup.com
Join us on facebook

MCITP - 70-640

Your network contains an Active Directory domain. The domain contains 5,000 user accounts.
You need to disable all of the user accounts that have a description of Temp.
You must achieve this goal by using the minimum amount of administrative effort.
Which tools should you use? (Each correct answer presents part of the solution. Choose two.)

A.Find
B.Dsget
C.Dsmod
D.Dsadd
E.Net accounts
F.Dsquery

Answer: CF
For Best MCITP Training,visit www.zoomgroup.com
Join us on facebook



MCITP - 70-640

Your network contains an Active Directory forest named adatum.com. All domain controllers currently run Windows Server 2003 Service Pack 2 (SP2). The functional level of the forest and the domain is Windows Server 2003.
You need to deploy a read-only domain controller (RODC) that runs Windows Server 2008 R2.
What should you do first?

A.Deploy a writable domain controller that runs Windows Server 2008 R2.
B.Raise the functional level of the forest to Windows Server 2008.
C.Run adprep.exe.
D.Raise the functional level of the domain to Windows Server 2003.
 
Answer: C

For Best MCITP Training,visit www.zoomgroup.com
Join us on facebook



Tuesday, July 24, 2012

Russian Hacker Arrested For DDoS Attacks on Amazon

Dmitry Olegovich Zubakha, a Russian man accused of launching distributed-denial-of-service (DDOS) attacks on Amazon.com, has been arrested this week by authorities in Cyprus based on an international warrant, the Department of Justice revealed.

Zubakha, a native of Moscow, was indicted for two denial of service attacks in 2008 on the Amazon.com website. The indictment, unsealed Thursday, also details denial of service attacks on Priceline.com and eBay.
                                             
"Orders from Amazon.com customers dropped significantly, as legitimate customers were unable to access the website and complete their e-commerce transactions during the pendency of the attack," read an indictment unsealed in district court in western Washington on Thursday. The botnet involved requested "large and resource-intensive web pages" on a magnitude of between 600 and 1,000 percent of normal traffic levels, according to the indictment.

The hacker is charged with conspiracy to intentionally cause damage to a protected computer, possession of more than 15 unauthorized access devices, aggravated identity theft, and intentionally causing damage to a computer resulting in a loss of over $5,000 (4,000 EUR).

Zubakha and his friend claimed credit for the attacks on online hacker forums, and law enforcement traced 28,000 stolen credit card numbers to the pair in 2009. For that reason, Zubakha and his partner are also charged with aggravated identity theft for illegally using the credit card of at least one person.

The charges faced by Zubakha carry potential penalties of up to 10 years in prison and a $250,000 (£160,000) fine.
 
Source:netasq-India

MCITP - 70-640

An Active Directory database is installed on the C volume of a domain controller. You need to move the Active Directory database to a new volume. What should you do?

A.Copy the ntds.dit file to the new volume by using the ROBOCOPY command.
B.Move the ntds.dit file to the new volume by using Windows Explorer.
C.Move the ntds.dit file to the new volume by running the Move-item command in Microsoft Windows PowerShell.
D.Move the ntds.dit file to the new volume by using the Files option in the Ntdsutil utility.
 
Answer: D
For Best MCITP Training  visit www.zoomgroup.com
Join us on facebook

MCITP - 70-640

Your network contains an Active Directory domain named contoso.com.
You have an organizational unit (OU) named Sales and an OU named Engineering. Each OU contains over 200 user accounts.
The Sales OU and the Engineering OU contain several user accounts that are members of a universal group named Group1.
You have a Group Policy object (GPO) linked to the domain.
You need to prevent the GPO from being applied to the members of Group1 only.
What should you do?
A.Modify the Group Policy permissions.
B.Configure Restricted Groups.
C.Configure WMI filtering.
D.Configure the link order.
E.Enable loopback processing in merge mode.
F.Link the GPO to the Sales OU.
G.Configure Group Policy Preferences.
H.Link the GPO to the Engineering OU.
I.Enable block inheritance.
J.Enable loopback processing in replace mode.

Answer: A
For Best MCITP Training  visit www.zoomgroup.com
Join us on facebook

MCITP - 70-640

Your network contains an Active Directory forest named contoso.com.
You need to provide a user named User1 with the ability to create and manage subnet objects. The solution must minimize the number of permissions assigned to User1.
What should you do?

A.From Active Directory Users and Computers, run the Delegation of Control wizard.
B.From Active Directory Administrative Centre, add User1 to the Schema Admins group.
C.From Active Directory Sites and Services, run the Delegation of Control wizard.
D.From Active Directory Administrative Centre, add User1 to the Network Configuration Operators group.

Answer: C
For Best MCITP Training  visit www.zoomgroup.com
Join us on facebook

Monday, July 23, 2012

Reliance Communications Server Compromised with Information disclosure Vulnerability

Hacker with nickname "mr.hack3r420" has successfully compromise the web server of Reliance Communications (rcom.co.in) as shown in image (screenshot taken by THN team and we make link hidden to save site from further misuse of damage).

Reliance+Communications+Server+Compromised+with+Information+disclosure+Vulnerability 
Hacker most probably get this access because of Information disclosure Vulnerability in Reliance website.Most of the Folders on website are visible to everyone publicly and there is a interesting file called "Upload_AppId_VId.php" available , using which hacker may be able to upload his own php shell on the server to get access to FTP and Linux User account

This is not the first time Reliance become the victim, a few months back, hacker named "nomcat" was able to access Reliance Communications ISP server, and he release the list of all blocked sites by Reliance to Protest against Internet Censorship.

Source : netasq India

CCNA

What is the first 24 bits in a MAC address called?

A.NIC
B.BIA
C.OUI
D.VAI
 
Answer: C

For Best CCNA Training  visit,www.zoomgroup.com
Join us on facebook

CCNA

For which type of connection should a straight-through cable be used?

A.switch to switch
 B.switch to hub
C.switch to router
D.hub to hub
E.router to PC
Answer: C

For Best CCNA Training  visit,www.zoomgroup.com
Join us on facebook

CCNA

Which type of cable is used to connect the COM port of a host to the COM port of a router or switch?

A.crossover
B.straight-through
C.rolled
D.shielded twisted-pair
 
Answer: C

For Best CCNA Training  visit,www.zoomgroup.com
Join us on facebook

CCIE (Routing & Switching) - 350-001

Which two of these are used in the selection of a root bridge in a network utilizing Spanning Tree Protocol IEEE 802.1D? (Choose two)

A.Designated Root Cost
B.bridge ID priority
C.max age
D.bridge ID MAC address
E.Designated Root Priority
F.forward delay

Answer: BD
For Best CCIE training visit,www.zoomgroup.com
Join us on facebook

CCIE (Routing & Switching) - 350-001

Spanning Tree Protocol IEEE 802.1s defines the ability to deploy which of these?

A.one global STP instance for all VLANs
B.one STP instance for each VLAN
C.one STP instance per set of VLANs
D.one STP instance per set of bridges

Answer: C

For Best CCIE training visit,www.zoomgroup.com
Join us on facebook

CCIE (Routing & Switching) - 350-001

What is the purpose of the STP PortFast BPDU guard feature?

A.enforce the placement of the root bridge in the network
B.ensure that a port is transitioned to a forwarding state quickly if a BPDU is received
C.enforce the borders of an STP domain
 D.ensure that any BPDUs received are forwarded into the STP domain
 
Answer: C

For Best CCIE training visit,www.zoomgroup.com
Join us on facebook

Friday, July 20, 2012

CCNP Switch 642-813 Official Certification Guide


Title of The Book:CCNP SWITCH 642-813 Official Certification Guide
Author of the Book: David Hucaby


For Best Training On CCNP,kindly visit www.zoomgroup.com
For more,please click HERE
Join us on facebook

CCNP(Switch) :642-813

Which two statements are true about recommended practices that are to be used in a local VLAN solution design where layer 2 traffic is to be kept to a minimum? (Choose two.)

A.Routing should occur at the access layer if voice VLANs are utilized. Otherwise, routing should occur at the distribution layer.
B.Routing may be performed at all layers but is most commonly done at the core and distribution layers.
C.Routing should not be performed between VLANs located on separate switches.
D.VLANs should be local to a switch.
E.VLANs should be localized to a single switch unless voice VLANs are being utilized.

Answer: BD

For Best Training on CCNP, kindly visit www.zoomgroup.com
Join us on Facebook

CCNP(Switch) :642-813

When configuring private VLANs, which configuration task must you do first?
A.Configure the private VLAN port parameters.
 B.Configure and map the secondary VLAN to the primary VLAN.
C.Disable IGMP snooping.
D.Set the VTP mode to transparent.

Answer: D

For Best Training on CCNP, kindly visit www.zoomgroup.com
Join us on Facebook

Thursday, July 19, 2012

FACT : One in five MICROSOFT Logins Controlled by Hackers

About 20 percent of Microsoft Account logins are found on lists of compromised credentials in the wake of hack attacks on other service providers, Eric Doerr, Group Program Manager for Microsoft's Account system said.

A significant proportion of compromised credentials Microsoft sees from other services have the same username and password on the Microsoft account system (formerly Windows Live ID) logins, which cover services such as Hotmail, Messenger and SkyDrive. These logins have not been compromised from the Microsoft server, but are instead based on login information leaked from other sites.
                                            
 These attacks shine a spotlight on the core issue people reuse passwords between different websites," he said. Microsoft regularly gets lists of compromised third-party login details from ISPs, law enforcement and vendors, as well as from lists published on the internet by hackers, according to Doerr. This information is checked against Microsoft login details using an automated process to check for any overlap. While 20 percent is the average, in one recent breach it was only 4.5 percent, said Doerr.
 
Like Just last week, both Yahoo! Voices and the Android forums at website Phandroid were hacked, resulting in the leakage of almost 1.5 million usernames and passwords. When a list of usernames and passwords are leaked, it seems that Microsoft have been running these against its database looking for matches. The results are quite shocking.

Company also revealed that it is working to tighten its security and one of such measures is going to be increase in the character limit in passwords to make Brute Force attack more difficult.

We Request to Readers, DON’T REUSE YOUR PASSWORDS!
 
 Source:THN