Download CREST CPSA EXAM 2025-2026 /ACTUAL 350Qs&As|ALREADY GRADED A+ and more Exams Operating Systems in PDF only on Docsity!
CREST CPSA EXAM 2025 - 2026 /ACTUAL
350Qs&As|ALREADY GRADED A+
LDAP Injection - ANS:->>>> >An attack that allows for the construction of LDAP statements based on user input statements, which can then be used to access the LDAP database or modify the database's information Base64 Encoding - ANS:->>>> >An encoding scheme which represents any binary data using only printable ASCII characters. Usually used for encoding email attachments over SMTP OSSTMM - ANS:->>>>>Open Source Security Testing Methodology Manual ISECOM - ANS:->>>>>Institute for Security and Open Methodologies OWASP - ANS:->>>>>Open Web Application Security Project PTES - ANS:->>>>>Pen Testing Execution Standard CPNI - ANS:->>>>>Centre for the Protection of National Infrastructure (UK best practices) Police and Justice Act 2006 - ANS:->>> >>Defines police limitations of searching tech Computer Fraud and Abuse Act of 1986 - ANS:->>>>> This act defines cybercrime as any illegal act for which knowledge of computer technology is essential for its perpetration, investigation, or prosecution; currently being evaluated for revision because much of its language was developed before the Internet boom
HIPAA - ANS:->>>> >Health Insurance Portability and Accountability Act FISMA - ANS:->>> >>Federal Information Security Management Act GLBA - ANS:->>> >>Gramm-Leach-Bliley Act Gramm-Leach-Bliley Act of 1999 - ANS:->>>>> requires financial institutions to ensure the security and confidentiality of customer data GDPR - ANS:->>> >>General Data Protection Regulation FERPA - ANS:->>>>> Family Educational Rights and Privacy Act PCI DSS - ANS:->>>>> Payment Card Industry Data Security Standard Basel Accord - ANS:->>>> >an agreement that required that banks hold as capital at least 8% of their risk-weighted assets TCP - ANS:->>>> >Transmission Control Protocol UDP - ANS:->>>>> User Datagram Protocol Port 21 - ANS:->>>>> FTP FTP - ANS:->>>>> File Transfer Protocol Port 22 - ANS:->>>>>SSH SSH - ANS:->>>>>Secure Shell
Port 88 - ANS:->>>>>Kerberos Kerberos - ANS:->>>>>A computer network authentication protocol that works on the basis of tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner Port 110 - ANS:->>>>>POP POP3 - ANS:->>>>>Post Office Protocol version 3 Port 111 - ANS:->>>>>RPC RPC - ANS:->>>>>Remote Procedure Call Port 123 - ANS:->>>>>NTP NTP - ANS:->>>>>Network Time Protocol Port 135 - ANS:->>>>>Windows RPC (EPM) Port 593 - ANS:->>>>>RPC over HTTPS Port 445 - ANS:->>>>>SMB SMB - ANS:->>>>>Server Message Block Port 137 (UDP) - ANS:->>>>>NetBIOS (name services) Port 138 (UDP) - ANS:->>>>>NetBIOS (datagram services)
Port 139 - ANS:->>>>>NetBIOS (session services) NetBIOS - ANS:->>>>>Network Basic Input/Output System Port 143 - ANS:->>>>>IMAP IMAP - ANS:->>>>>Internet Message Access Protocol Port 161 (UDP) - ANS:->>>>>SNMP SNMP - ANS:->>>>>Simple Network Management Protocol Port 179 - ANS:->>>>>BGP
Port 587 - ANS:->>>>>SMTP Port 902 - ANS:->>>>>VMWare Port 1080 - ANS:->>>>>Socks Proxy Port 636 - ANS:->>>>>LDAPS Port 1194 - ANS:->>>>>VPN Port 1433 - ANS:->>>>>MS-SQL Port 1434 - ANS:->>>>>MS-SQL (monitoring) Port 1521 - ANS:->>>>>Oracle Port 1629 - ANS:->>>>>DameWare Port 2049 - ANS:->>>>>NFS NFS - ANS:->>>>>Network File System Port 3128 - ANS:->>>>>Squid Proxy Port 3306 - ANS:->>>>>MySQL Port 3389 - ANS:->>>>>RDP (Remote Desktop Protocol)
Port 5060 - ANS:->>>>>SIP SIP - ANS:->>>>>Session Initiation Protocol Port 5222 - ANS:->>>>>Jabber Port 5432 - ANS:->>>>>Postgres Port 5666 - ANS:->>>>>Nagios Postgres - ANS:->>>>>An object-relational database management system with an emphasis on extensibility and standards compliance Nagios - ANS:->>>>>Open source system monitoring service Port 5900 - ANS:->>>>>VNC VNC - ANS:->>>>>Virtual Network Computing Port 6000 - ANS:->>>>>X X11 - ANS:->>>>>A windowing system for bitmap displays, common on Unix-like operating systems. Provides the basic framework for a GUI environment: drawing and moving windows on the display device and interacting with a mouse and keyboard. Port 6129 - ANS:->>>>>DameWare
127.0.0.0/8 (127.0.0.0-127.255.255.255) : Local Host Loopback 172.16.0.0/12 (172.16.0.0-172.31.255.255) : Private 192.168.0.0/16 (192.168.0.0-192.168.255.255) : Private Symmetric Encryption - ANS:->>>>>DES/3DES AES Twofish Blowfish Serpent IDEA RC4, RC5, RC CAST Asymmetric Encryption - ANS:->>>>>RSA El Gamal ECC Eliptic Curve Diffie-Helman (Key Exchange) Paillier Merkle-Helman Cramer-Shoup Hashes - ANS:->>>>>MD SHA MySQL < 4. MySQL MD5 (WP)
MD5 (phpBB3) LM / NTLM Oracle Default Credentials - ANS:->>>>>--Username | Password-- SYSTEM | MANAGER ANONYMOUS | ANONYMOUS SCOTT | TIGER OLAPSYS | MANAGER SYS | CHANGE_ON_INSTALL Port 512 - ANS:->>>>>rexec (username / password) Port 513 - ANS:->>>>>rlogin (telnet) Port 514 - ANS:->>>>>rsh Port 514 - ANS:->>>>>rcp LM Hash - ANS:->>>>>Primary Windows LAN hash before Windows NT. 14 character limit. DES - ANS:->>>>>56 bit key encryption (16 cycles of 48 bit subkeys) 3DES - ANS:->>>>>168 bit key encryption (48 cycles) TTL for Windows - ANS:->>>>> TTL for Linux - ANS:->>>>>
SNMP Requests - ANS:->>>>>Get GetNext Set GetBulk Response Trap Inform HTTP Status Codes - ANS:->>>>>1xx - Info 2xx - Success 3xx - Redirection 4xx - Error 5xx - Server Error HTTP Status Code 404 - ANS:->>>>>NOT FOUND the method is not available HTTP Status Code 301 - ANS:->>>>>Moved Permanently HTTP Status Code 302 - ANS:->>>>>Temporarily Moved HTTP Status Code 410 - ANS:->>>>>Gone SQL Injections (Escape Characters) - ANS:->>>>>' OR '1' = '1' -- ' OR '1' = '1' { ' OR '1' = '1' /* SQL Injections (Type Handling) - ANS:->>>>>1;DROPTABLE users
Linux File Permissions - ANS:->>>>>drwxrwxrwx 2 user(owner) group size date filename d | rwx | rwx | rwx Filetype | User | Group | Everyone Linux Command : Change Password - ANS:->>>>>passwd Linux Command : Find Files of Type - ANS:->>>>>find. - type f - iname '.pdf' locate '.pdf' Linux File System Structure - ANS:->>>>>/bin - User Binaries /boot - Bootup related files /dev - Interface for system devices /etc - System Config Files /home - Base directory for user files /lib - Critical software libraries /opt - Third party software /proc - System and running processes /root - Home for root /sbin - Sys Admin binaries /tmp - Temporary Files /usr - Less critical files /var - Variable system files IPTables - ANS:->>>>>A user-space utility program that allows a system administrator to configure the tables provided by the Linux kernel firewall and the chains and rules it stores
Windows Server 2003 and R Windows Home Server NT 6.0 Versions - ANS:->>>>>Windows Vista (All) Windows Server 2008 (Foundation, Standard, Enterprise) NT 6.1 Versions - ANS:->>>>>Windows 7 (All) Windows Server 2008 R2 (All) NT 6.2 Versions - ANS:->>>>>Windows 8 Windows Phone 8 Windows Server 2012 %SYSTEMDRIVE%\boot.ini - ANS:->>>>>Contains the boot options for computers with BIOS firmware running NT-based operating system prior to Windows Vista %SYSTEMROOT%\repair\SAM %SYSTEMROOT%\System32\config\RegBack\SAM - ANS:->>>>>Stores Windows users' passwords in a hashed format (in LM hash and NTLM hash). These are backups of C:\windows\system32\config\SAM Windows Commands : System Info - ANS:->>>>>ver : OS Version sc query state=all : Services tasklist /svc : Processes and Services echo %USERNAME% : Current user Windows Command : Find Files of Type - ANS:->>>>>dir /a /s /n c:*.pdf*
Windows Commands : Add User, Make Admin - ANS:->>>>>net user /add net localgroup "Administrators" /add Linux Command : Add User, Make Sudoer - ANS:->>>>>useradd (adduser ) passwd sudo useradd sudo (sudo adduser sudo) Command : View Network Info - ANS:->>>>>Linux: ifconfig Windows: ipconfig /all
IIS 10 v 1607 Defaults - ANS:->>>>>Windows Server 2016, Windows 10 Anniversary Update IIS 10 v 1709 Defaults - ANS:->>>>>Windows 10 Fall Creators, v IIS 10 v 1809 Defaults - ANS:->>>>>Windows Server 2019, Windows 10 October Update Windows Command : Disable Firewall - ANS:->>>>>netsh advfirewall set currentprofile state off netsh advfirewall set allprofiles state off Sysinternals Suite - ANS:->>>>>A set of powerful Windows administration applications used to view, troubleshoot, and modify Windows functions WMCI - ANS:->>>>>Windows Management Instrumentation Command-Line
WMCI Command : Execute Process - ANS:->>>>>wmci process call create "process_name" WMCI Command : Uninstall Software - ANS:->>>>>wmci product get name /value wmci product where name="XX" call uninstall /nointeractive PCI Card Info Storage Common-Use - ANS:->>>>>- Store card details (i.e CC number, expiry) in encrypted form
- Store cardholder details (name, address, contact details...ie PII) in a SEPARATE encrypted database with a unique reference identifier linking the two
- DO NOT STORE sensitive data (ie CVV2, CVV or CID values) Windows : Active Directory Default Location - ANS:->>>>>C:\Windows\NTDS Ntds.dit is the physical storage file Windows : Domain Common Folders - ANS:->>>>>C:\Windows\SYSVOL Contains Group Policies, Login Scripts, Staging Folders, etc. dsquery - ANS:->>>>>Remote Server Administration Tools (RSAT) feature pack tool used to enumerate Windows Domain Classful IP Range : Class A - ANS:->>>>>128 Networks (2^7), 16,777,216 Addresses per network (2^24) Range : 0.0.0.0-127.0.0. Default Subnet Mask : 255.0.0.0 CIDR Notation : /
