•
1. What are privileged accounts? ANS: A privileged account is a user account that has more privileges than ordinary users. There are many kinds of privileged accounts like Root and administrator accounts are typically used for installing and removing software and changing configuration. They are super user accounts. Examples: Root […]
•
SOC Interview Search heads: Search heads act as the user interface and allow users to createdashboards, alerts and reports related to analyzed logs and data. Forwarder: Forwards raw data to other parts of the deployment (indexer, search head& indexer) universal forwarder requires very little configuration and heavy forwarderwhich you […]
•
XXE attack questions and answers Certainly, here are answers to the questions about XML External Entity (XXE) attacks: 1. **What is an XML External Entity (XXE) attack?** — An XML External Entity (XXE) attack is a type of security vulnerability that occurs when an attacker is able to inject malicious XML entities into […]
•
What is Splunk? Splunk is basically a software platform that provides users with the ability to access, analyze, and visualize machine-generated data from multiple sources, including hardware devices, networks, servers, IoT devices, and other sources. The machine data is analyzed and processed, and subsequently transformed into powerful operational intelligence that […]
•
Privilege escalation refers to the act of gaining higher-level permissions or privileges than what an individual or program initially had. This typically occurs in the context of computer systems, networks, or software applications. Privilege escalation can be either intentional or unintentional, and it can have significant security implications. There are […]
•
DREAD is a risk assessment model used in the field of cybersecurity to evaluate and prioritize potential security threats or vulnerabilities. It helps organizations quantify the level of risk associated with a specific vulnerability or threat by assigning scores to different aspects of the threat. DREAD stands for: 1. Damage: […]
•
Vertical Privilege Escalation – In it a simple user escalates his privilege to get the admin access of the account. Horizontal Privilege Escalation – In it attacker escalating his privilege to modify or do the changes of a same level user.