Open Source Information Gathering using Windows Command Line Utilities

 How to Find the Maximum Frame Size

Packet needs to be fragmented but DF set, means that the frame is too large to be on the network and needs to be fragmented.

How to find the number hops

Here the successful ping to reach the target is 22 hops. The output will be similar to the trace route results.

Ping

Tracert

How to determine the authoritative name server

Introduction to CISSP - The 8 Domains of CISSP

Security is a chain; you are only as strong as the weakest link. CISSP uses the defence-in-depth analogy.

1. Security and Risk Management

The first domain builds upon the concepts of information security and risk management by applying principles of confidentiality, availability, and integrity of security governance and compliance.

Risk management is an integral part of security uses threat modelling against the acquisition and management of hardware, software, and service contracts to perform a risk analysis, countermeasure selection and implementation, risk monitoring, reporting, and risk frameworks.

2. Asset Security

The classification of information and ownership of information, systems, and business processes addresses the collection, handling, and protection of information throughout its lifecycle. This relates to data owners, processors, reminisce, and limitations on collection and storage.

Importantly the collection and storage of information must include data retention. Retention must be considered in light of organizational, legal, and regulatory requirements. Factors used in conjunction with this include baselines, scoping and tailoring, standards selection and cryptography, data handling requirements, data storage, labelling, and destruction.

3. Security Engineering

Security engineering considers the system architecture that delivers functionality yet protects against malicious acts, human error, hardware failure, and natural disasters. It involves the integration of security controls, behaviours, and capabilities into information systems and enterprise architecture.

The ability to implement and manage security engineering processes using secure design principles using security models and designing requirements based on organization requirements, security policies, controls, and countermeasures that satisfy those design requirements.

For example, designs might cover client and server-side vulnerabilities, database security, distributed systems, and cloud security, cryptographic systems and industrial controls, web application vulnerabilities, mobile devices, and embedded systems.

Protecting information through cryptographic concepts and systems, while in motion and at rest, is provided by using public key infrastructure, key management practices, digital signatures, and digital rights management. This ensures data integrity, confidentiality and authenticity against cryptanalytic attack vectors including social engineering, brute force, cypher-text only, known plaintext, frequency analysis, chosen cypher-text, and implementation attacks.

4. Communications and Network Security

A thorough understanding of designing and implementing network topologies, IP addressing, network segmentation, switching and routing, wireless networking, the OSI and TCP models and the TCP/IP protocol suite as the main contents of this domain encompass network architecture, transmission methods, transport protocols, control devices, and security measures used to maintain the confidentiality, integrity, and availability of information transmitted.

Finally, the ability to operate and secure switches, routers, wireless access points using cryptography and various related protocols are fundamental to using applications including data, voice, remote access, multimedia collaboration, and virtualized networks.

5. Identity and Access Management

Third-party cloud services that use identity services and access management will be extensively reviewed via the management and implementation of authorizations mechanisms used in the interaction between humans and information systems, of disparate information systems, and even between individual components of information systems. Compromising an identity or an access control system to gain unauthorized access to systems and information also happens to be the net goal of almost all attacks involving the confidentiality of data so it is an area where information security professionals should invest a considerable amount of time. Key topics will be identity management systems, single and multi-factor authentication, accountability, session management, registration and proofing, federated identity management, and credential management systems.

6. Security Assessment and Testing

The validation of assessment and test strategies are using vulnerability assessments, penetration testing, synthetic transactions, code review and testing, misuse case, and interface testing against policies and procedures that cover information assets and associated infrastructure using various tools and techniques for the purposes of identifying and mitigating risk due to architectural issues, design flaws, configuration errors, hardware and software vulnerabilities, coding errors, and any other weaknesses that may affect an information system’s ability to deliver its intended functionality in a secure manner.

The aim is to ensure that disaster recovery and business continuity plans are maintained, updated, and will function as intended in the event of a disaster. To this end, the security assessment and testing domain include topics in the collection of security process data, account management, management review, key performance and risk indicators, verification of backups, training, and awareness, and disaster recovery and business continuity.

7. Security Operations

This domain will cover various investigative concepts, including evidence collection and handling, documentation and reporting, investigative techniques, and digital forensics. Further, an understanding of investigation requirements from an operational, criminal, civil, and regulatory perspective is necessary.

The logging and monitoring mechanisms to support forensic investigations, logging, and monitoring provide visibility into the day to day operation of the information technology infrastructure will be reviewed especially when considering intrusion detection and prevention, security information and event monitoring systems, and data leakage protection.

Key technologies include firewalls, intrusion prevention systems, application whitelisting, anti-malware, honeypots, and sandboxing to assist with managing third party security contracts and services, patch, vulnerability, and change management processes.

An important aim of this domain is to plan for incident response and recovery, disaster recovery, and business continuity.

8. Software Development Security

Software development security involves the application of security concepts and best practices to production and development software environments.

A good understanding and capability of how to apply security to software development tools, source code weaknesses and vulnerabilities, configuration management as it relates to source code development, the security of code repositories, and the security of application programming interfaces which should be integrated into the software development lifecycle considering development methodologies, maturity models, operations and maintenance and change management as well as understanding the need for an integrated product development team.

References: CISSP CBK Reference

Retrieving Azure Storage resources and metadata by using the Azure Storage SDK for .NET Student lab answer key

 

Access containers by using the .NET SDK

1. Connect to the Azure Storage blob service endpoint
2. Enumerate the existing containers

Retrieve blob Uniform Resource Identifiers (URIs) by using the .NET SDK

1. Create a new container by using the SDK
2. Upload a new blob by using the portal
3. Access blob URI by using the SDK

Source: https://github.com/MicrosoftLearning/AZ-204-DevelopingSolutionsforMicrosoftAzure/

Building a web application on Azure platform as a service offerings

Deploy an ASP.NET web application to Web Apps (API)

1.         In the editor, in the ImagesController class on line 26, observe the GetCloudBlobContainer method and the code used to retrieve a container.

2.         In the ImagesController class on line 36, observe the Get method and the code used to retrieve all blobs asynchronously from the images container.

3.         In the ImagesController class on line 55, observe the Post method and the code used to persist an uploaded image to Storage.

Deploy an ASP.NET web application to Web Apps (WEB)

1.         In the editor, in the IndexModel class on line 30, observe the OnGetAsync method and the code used to retrieve the list of images from the API.

2.         In the IndexModel class on line 41, observe the OnPostAsync method and the code used to stream an uploaded image to the back-end API.

Source: https://github.com/MicrosoftLearning/AZ-204-DevelopingSolutionsforMicrosoftAzure/

ACCA PM Chapter 14 - MORE VARIANCE ANALYSIS

Planning and Operational variances

Mix and Yield variances

Advanced Idle Time variances

Activity-Based Costing Variances

Source: https://opentuition.com/acca/pm/acca-performance-management-pm-lectures/

ACCA PM Chapter 13 - STANDARD COSTING AND BASIC VARIANCE ANALYSIS

Total Variances

Possible reasons for Adverse Materials

Expenditure Variance:

• Price Increase
• "Bad Buying"
• Mistake in Budgeting
• Deliberately decided to buy better material which costs more
• To reduce waste -> favorable usage variance
• To produce faster -> favorable efficiency variance
• Make better products
• Sell More -> favorable sales volume
• Increase Selling Price -> favorable price variance.

The idea of variances affecting one another is called the Interrelationship of Variances.

Source: https://opentuition.com/acca/pm/acca-performance-management-pm-lectures/

ACCA PM Chapter 12 - QUANTITATIVE ANALYSIS IN BUDGETING

High Low Method

Learning Curve

Formula

Workings (a):

Workings (b):

Workings (c):

Source: https://opentuition.com/acca/pm/acca-performance-management-pm-lectures/

ACCA PM Chapter 11 - BUDGETING

Benefits of budgeting

• Planning
• Co-ordination
• Control
• Authorizing and delegating
• Evaluation of performance
• Communicating and motivating

Principal budget factor
The principal budget factor is the factor that limits the activity for the budget period. Usually, the limit is on the sales level. Sometimes, it could be a limit on the availability of raw materials that limit the activity.

A series of budgets is called a functional budget.


Types of budget:

• Fixed Budget

• Original Budget prepared (Usually for the next year)
• Rapidly goes out-of-date
• May update periodically.
• Remains Overall Target.

• Flexed Budget

• Rewrite the budget for the actual level of activity.
• Use it for Control purposes (Compare Actual with Flexed)

• Rolling Budget

• Dec07: Jan08-Dec08
• Jan08: Feb08-Jan09
• Feb08: Mar08-Feb09
• Each Month: Update the existing 11 months and add an extra month.
• Benefits:
• Always more up-to-date
• Becomes part of normal work
• Better budgets

Methods of Budgeting

• Incremental budgeting
• Take last year's figures and adjust, for inflation, for changes in the level of activity.
• Zero-based budgeting
• List alternatives available
• List out and choose best
• Then prepare budgets.
• Problem:
• Time-consuming/Expensive
• Need expertise/Training/Involvement
• Solution:
• Identify the most important area each year, use zero-based.
• use incremental on the rest.

Behavioral Aspects:

• Top-Down
• Prepared by top management
• Bottom-Up
• Managers prepare budgets
• Managers more motivated
• Dangers: Managers budget more than needed - budget padding.

"Beyond Budgeting"

Comparing to last year's figures and budgets is meaningless. Consider not doing budgets at all but finding other ways to compare departments, perhaps even comparing with another company.

Source: https://opentuition.com/acca/pm/acca-performance-management-pm-lectures/

ACCA PM Chapter 10 - RISK AND UNCERTAINTY

First, construct a matrix/table.

Maximin - Risk Avoider

Maximax - Risk Seeker

Minimax Regret - Risk Avoider

Expected values - Risk Neutral

Limitation:

• Accuracy of probabilities.
• Only valid for repeated occurrences.

Perfect Knowledge

Decision Trees

Source: https://opentuition.com/acca/pm/acca-performance-management-pm-lectures/

ACCA PM Chapter 9 - SHORT-TERM DECISION MAKING - Relevant Costing | Make or Buy decisions

Relevant Costing

Incremental Costs mean extra, or additional costs - Relevant Costs.

Opportunity Costs -The value of a benefit sacrificed / Lose Contribution / Losing Income - Relevant Costs.

Sunk Costs - Already spent money - Not Relevant Costs.

Committed Cost - Not yet pay but will have to pay whether we do the contract - Not Relevant Costs



Make or Buy decisions

Where resources are limited, the firm should concentrate on making those products that give the greatest saving (over buying in) per unit of the scarce resource.

1. Calculate Savings per unit if we make ourselves.
2. Define the measurement (kg) of material
3. Calculate Savings per material (kg). To determine which saves more by order.
4. Finally, Calculate,
• which and how many products should the company make?
• which and how many should it buy?

Source: https://opentuition.com/acca/pm/acca-performance-management-pm-lectures/ 

ACCA PM Chapter 9 - SHORT-TERM DECISION MAKING - Shutdown Problems

Shutdown Problems


Calculate the effect on current profit to decide whether or not to close part of the business:

Stop Product A:

• Lose Contribution: (15000)
• Save Fixed Costs:  5000

Do Product B:

• Extra Contribution: 20000
• Extra Fixed Costs: (6000)

Effect on Current Profit: +4000

In conclusion, we should stop Product A and do Product B.

Source: https://opentuition.com/acca/pm/short-term-decision-making-shutdown-problems-acca-performance-management-pm/

ACCA PM Chapter 8 - COST VOLUME PROFIT ANALYSIS

Breakeven

Breakeven volume = Fixed costs / Contribution per unit.

Margin of Safety

Margin of Safety = (Budgeted sales - breakeven) / Budgeted sales x 100%

Contribution to Sales ratio

C/S ration = Contribution in $ / Sales in $

Breakeven Chart

Profit-Volume chart

Multi-Product CVP analysis
A company may produce several products, each with different CS ratios. The company could reach the breakeven position sooner if it were to sell the product with the highest CS ratio first.

Limitations of CVP analysis

• The selling price per unit is assumed to remain constant at all levels of activity
• The variable cost per unit is assumed to remain constant at all levels of activity
• It is assumed that the total fixed costs remain constant
• It is assumed that the level of production is equal to the level of sales (o.e. that there are no changes in the levels of inventory)

Source: https://opentuition.com/acca/pm/acca-performance-management-pm-lectures/

ACCA PM Chapter 7 - PRICING - Pricing strategies

Pricing strategies

Penetration Pricing
Charge low prices to gain market share with the intention of increasing later. (Example: Chocolate)

Price Skimming
Charge high price at first, reduce over time. (High-Tech).

Product-Line Pricing
Different versions of the same product at different prices. (Example: Cars)

Complementary Products
Example: Razor; holder (Free) and blades (Expensive).

Price Discrimination
Sell the same product to different markets at different prices.
Examples:
Coffee: Europe $10; Africa $6
Bus Ticket: Adults $5; Children $2

Volume Discounting
Give discount for large quantities.

Source: https://opentuition.com/acca/pm/acca-performance-management-pm-lectures/

ACCA PM Chapter 7 - PRICING - Optimal pricing – equations

Price\Demad Equation

P = a - bQ
where,
P = Selling Price
Q= Quantity Demanded at that Price
a= Theoretical Maximum Price. (The demand will be zero)
b= the change in price required to change demand by 1 unit (Gradient)

Optimum Selling Price

Steps:

1. Establish the demand function; (find a and b); b = change in price/change in quantity
2. Establish the marginal cost; Fixed overheads are ignored as they are not part of the marginal cost.
3. Establish the marginal revenue function: MR = a - 2bQ; using MC = MR.
4. Solve the MR function the determine the optimum quantity, Q.
5. Insert the value of Q from Step 4 into the demand function determined in step 1 and calculate the optimum price.
6. Calculate profit; (Revenue - Variable costs - Fixed costs = Profit).

Source: https://opentuition.com/acca/pm/acca-performance-management-pm-lectures/

ACCA PM Chapter 7 - PRICING - Optimal pricing – tabular approach

Optimal pricing – tabular approach

- Sometimes it is worthwhile to reduce the selling price and sell more if this resulted in a higher total profit.

Price elasticity of demand (PED) =

 % change in demand
---------------------------
   % change in price

Source: https://opentuition.com/acca/pm/acca-performance-management-pm-lectures/

NoSQL Network Recon - Exercise No. 1

In Redis Server, the command to retrieve key-value differs by data type.


Here are the commands to retrieve the key value:

if the value is of type string,
GET <key>

if the value is of type hash,
HGETALL <key>

if  the value is of type lists,
lrange <key> <start> <end>

if the value is of type sets,
smembers <key>

if the value is of type sorted sets,
ZRANGEBYSCORE <key> <min> <max>


The command to check the type of value a key mapping to:
type <key>

Source:
https://www.attackdefense.com/
https://stackoverflow.com/questions/37953019/wrongtype-operation-against-a-key-holding-the-wrong-kind-of-value-php

MySQL Network Recon - Exercise No. 2

The command used to connect to a remote MySQL database.

MySQL [(none)]> show databases;

MySQL [data]> show tables;

root@% = allows connection from user 'root' from any host, local or TCP (internet).
root@localhost = only allows connection from 'root' on the machine running the MySQL server.

MySQL [information_schema]> select * from user_privileges where GRANTEE like '%\%%' ;

Sources : https://www.attackdefense.com/

ACCA PM Chapter 7 - PRICING - Introduction, Cost plus pricing

Factors influencing selling price:

• costs
• competitors
• customers

Cost-plus pricing

1. Full cost plus - Full cost includes a shared overhead and also often includes non-production costs.

Advantages:

• Easy
• Standard Policy
• "Guaranties" Profit

Disadvantages:

• Ignores Competition
• Ignores Effect of Price on Demand
• Absorption of Fixed Overheads

2. Marginal cost plus - the marginal (or incremental) cost of producing a unit and adding a mark-up.

Advantages:

• Easy
• Standard Policy
• No need to absorb Fixed Overheads

Disadvantages:

• Ignores Competition
• Ignores Effect of Price on Demand
• What % to add to make sure Fixed Overheads covered?

3. Opportunity cost plus - a marginal cost approach but also includes within the cost any opportunities foregone. It is a relevant costing approach.



Source: https://opentuition.com/acca/pm/acca-performance-management-pm-lectures/

LAN Technologies - MAC Address Table and Gratuitous ARP

Classification of MAC Address Entries

• Dynamic MAC address entries
• Static MAC address entries
• Blackhole MAC address entries

Classification of secure MAC address

• Secure dynamic MAC address
• Secure static MAC address
• Sticky MAC address

Configuring MAC Address Anti-flapping

• Increases the MAC address learning priority of an interface.
• Prohibits MAC address entry overriding between interfaces with the same priority.

Gratuitous ARP functions:

• Checks for IP address conflicts
• Advertises a new MAC address
• Notifies other devices of master/backup switchover in a Virtual Router Redundancy Protocol (VRRP) group

Source: https://ilearningx.huawei.com/

MEMCACHED Network Recon - Exercise No. 1

The number of key-value pairs stored on the Memcached server.

• memcstat --servers=<ip address> | grep curr_items

The value stored in the key “password” on the Memcached server.

• memccat --servers=<ip address> password

Using memcached-tool,

• /usr/share/memcached/scripts/memcached-tool <ip address:port number> dump

Using msfconsole - memcached_extractor,

Segmented LRU,

Using Least Recently Used (LRU) crawler to output every valid item,

• lru_crawler metadump all

Sources :

https://www.attackdefense.com/

https://github.com/memcached/memcached/blob/master/doc/protocol.txt

https://memcached.org/blog/modern-lru/