SQL Logical Questions and answers

1) Query to combine two columns but second columns called Name and Price. 

Name max length will be 60. Then after 60 length price column will start. 

SELECT Name
	,Price
	,CONCAT (
		LEFT(CONCAT (
				Name
				,Replicate(' ', 60)
				), 45)
		,Price
		) AS ConcatedString
FROM [portfolio];


Here name coulmn values current lenght is different however when we combine using price it should show padding.
This can be achieved using the LEFT and Replicate function.




2)If there is multiple fields we need to follow the same

DECLARE @Table AS TABLE (Val VARCHAR(4000))

INSERT INTO @Table
SELECT CONCAT (
		'Name'
		,Replicate(' ', 36)
		,'Price'
		,Replicate(' ', 10)
		,'Price Change'
		)

INSERT INTO @Table
SELECT CONCAT (
		LEFT(CONCAT (
				Name
				,Replicate(' ', 60)
				), 40)
		,LEFT(CONCAT (
				Price
				,Replicate(' ', 15)
				), 15)
		,[Price Change]
		)
FROM [portfolio]

SELECT *
FROM @Table


The above query information can be achieved by using LPAD and RPAD functions.
unfortunately SQL server do not have LPAD and RPAD functionality. 
It be achieved by creating function by using LPAD and RPAD functions.

2) RPAD and LPAD Function in SQL Server

SQL Server by default do not have RPAD and LPAD functions.

CREATE FUNCTION dbo.LPAD (
	@Column VARCHAR(100)
	,@PadString VARCHAR(10)
	,@length INT
	)
RETURNS VARCHAR(100)
AS
BEGIN
	DECLARE @Resultvar VARCHAR(100);

	SELECT @Resultvar = LEFT(CONCAT (
				REPLICATE(@PadString, @length - LEN(@Column))
				,@Column
				), @length);

	RETURN @Resultvar
END



CREATE FUNCTION dbo.RPAD (
	@Column VARCHAR(100)
	,@PadString VARCHAR(10)
	,@length INT
	)
RETURNS VARCHAR(100)
AS
BEGIN
	DECLARE @Resultvar VARCHAR(100);

	SELECT @Resultvar = RIGHT(CONCAT (
				@Column
				,REPLICATE(@PadString, @length - LEN(@Column))
				), @length);

	RETURN @Resultvar
END


The query can be re written like the below

SELECT CONCAT (
		dbo.LPAD(Name, ' ', 60)
		,dbo.LPAD(Price, ' ', 60)
		,[Price Change]
		)
FROM [portfolio]

2) Query to Create a table from 1 to 9 contain each number filled with one cell and total sum should be same. 
That means the sum should be equal for each row (horizontally when we sum row) and 
each column (when we sum all column values)
to achieve this we need to create a function that will return a table
for a row that sums to 15 by combining col1 ,col2 and col3 in row1
Then list of the 3*3 table.
-- ================================================
-- Template generated from Template Explorer using:
-- Create Multi-Statement Function (New Menu).SQL
--
-- Use the Specify Values for Template Parameters 
-- command (Ctrl-Shift-M) to fill in the parameter 
-- values below.
--
-- This block of comments will not be included in
-- the definition of the function.
-- ================================================
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
-- =============================================
-- Author:		   M.R M
-- Create date:    22-Dec-2024
-- Description:	  Create a possible matches
-- =============================================
CREATE FUNCTION dbo.SudokuTable (
	-- Add the parameters for the function here
	@minval INT
	,@maxval INT
	)
RETURNS @SudokuTable TABLE (
	-- Add the column definitions for the TABLE variable here
	FirstColumn INT
	,SecondColumn INT
	,ThirdColumn INT
	)
AS
BEGIN
	-- Fill the table variable with the rows for your result set
	DECLARE @rc1 INT
		,@rc2 INT
		,@rc3 INT
		,@row1 INT
		,@inc INT
		,@sumval INT
	
	SET @sumval = 15
	SET @inc = 1
	SET @rc1 = 1
	
	WHILE @rc1 <= @maxval
	BEGIN
		SET @rc2 = @inc
		SET @rc3 = @inc
		
		WHILE (@rc2 <= @maxval)
		BEGIN
			SET @rc3 = @inc
			
			IF @rc1 = @rc2
				SET @rc2 = @rc2 + @inc
			
			IF @rc1 = @rc3
				SET @rc3 = @rc3 + @inc
			
			WHILE (@rc3 <= @maxval)
			BEGIN
				SET @row1 = sum(@rc1 + @rc2 + @rc3)
				
				IF (@row1 = @sumval)
				BEGIN
					INSERT INTO @SudokuTable
					VALUES (
						@rc1
						,@rc2
						,@rc3
						)		
				END
				
				SET @rc3 = @rc3 + @inc
				
				IF (@rc3 = @rc2)
					SET @rc3 = @rc3 + @inc
				
				IF (@rc1 = @rc3)
					SET @rc3 = @rc3 + @inc
			END
			
			SET @rc2 = @rc2 + @inc
			SET @rc3 = @rc1 + @inc
		END
		
		SET @rc1 = @rc1 + @inc
	END
	
	RETURN
END
GO
The above will generates table have all possibilites to create 
15 for each row.
Now we got all list, from that we need to make 3 rows .

SET NOCOUNT ON
DECLARE @SudokuTable AS TABLE (
	ID INT identity
	,FirstColumn INT
	,SecondColumn INT
	,Thirdcolumn INT
	)
CREATE TABLE #temp1 (
	ID INT identity(1, 1)
	,FirstColumn INT
	,SecondColumn INT
	,Thirdcolumn INT
	)
CREATE TABLE #temp2 (
	ID INT identity(1, 1)
	,FirstColumn INT
	,SecondColumn INT
	,Thirdcolumn INT
	)
DECLARE @Finaltable AS TABLE (List VARCHAR(100))
DECLARE @minvalue INT
	,@inc INT = 1
	,@maxvalue INT
	,@r1c1 INT
	,@r1c2 INT
	,@r1c3 INT
	,@r2c1 INT
	,@r2c2 INT
	,@r2c3 INT
	,@r3c1 INT
	,@r3c2 INT
	,@r3c3 INT
DECLARE @secondminval INT
	,@secondmaxval INT
	,@thirdminval INT
	,@thirdmaxval INT
	,@setval INT = 1
INSERT INTO @SudokuTable
SELECT *
FROM [dbo].[SudokuTable](1, 9)
SELECT @maxvalue = max(ID)
	,@minvalue = min(ID)
FROM @SudokuTable
WHILE (@minvalue <= @maxvalue)
BEGIN
	SELECT @r1c1 = FirstColumn
		,@r1c2 = SecondColumn
		,@r1c3 = Thirdcolumn
	FROM @SudokuTable
	WHERE ID = @minvalue
	
	INSERT INTO #temp1
	SELECT FirstColumn
		,SecondColumn
		,Thirdcolumn
	FROM @SudokuTable
	WHERE FirstColumn NOT IN (
			@r1c1
			,@r1c2
			,@r1c3
			)
		AND SecondColumn NOT IN (
			@r1c1
			,@r1c2
			,@r1c3
			)
		AND Thirdcolumn NOT IN (
			@r1c1
			,@r1c2
			,@r1c3
			)
	
	SELECT @secondmaxval = max(ID)
		,@secondminval = min(ID)
	FROM #temp1
	
	WHILE (@secondminval <= @secondmaxval)
	BEGIN
		SELECT @r2c1 = FirstColumn
			,@r2c2 = SecondColumn
			,@r2c3 = Thirdcolumn
		FROM #temp1
		WHERE ID = @secondminval
		
		INSERT INTO #temp2
		SELECT FirstColumn
			,SecondColumn
			,Thirdcolumn
		FROM #temp1
		WHERE FirstColumn NOT IN (
				@r2c1
				,@r2c2
				,@r2c3
				)
			AND SecondColumn NOT IN (
				@r2c1
				,@r2c2
				,@r2c3
				)
			AND Thirdcolumn NOT IN (
				@r2c1
				,@r2c2
				,@r2c3
				)
		
		SELECT @thirdmaxval = max(ID)
			,@thirdminval = min(ID)
		FROM #temp2
		
		WHILE (@thirdminval <= @thirdmaxval)
		BEGIN
			SELECT @r3c1 = FirstColumn
				,@r3c2 = SecondColumn
				,@r3c3 = Thirdcolumn
			FROM #temp2
			WHERE ID = @thirdminval
			
			IF (
					sum(@r1c1 + @r2c1 + @r3c1) = sum(@r1c2 + @r2c2 + @r3c2)
					AND sum(@r1c1 + @r2c1 + @r3c1) = sum(@r1c3 + @r2c3 + @r3c3)
					AND sum(@r1c1 + @r2c1 + @r3c1) = sum(@r1c1 + @r2c2 + @r3c3)
					AND sum(@r1c1 + @r2c1 + @r3c1) = sum(@r1c3 + @r2c2 + @r3c1)
					)
			BEGIN
				INSERT INTO @Finaltable
				VALUES (
					CONCAT (
						'##Set '
						,@setval
						,'  for Sudoko##'
						)
					)
				
				INSERT INTO @Finaltable
				VALUES (
					CONCAT (
						@r1c1
						,'  '
						,@r1c2
						,'  '
						,@r1c3
						)
					)
					,(
					CONCAT (
						@r2c1
						,'  '
						,@r2c2
						,'  '
						,@r2c3
						)
					)
					,(
					CONCAT (
						@r3c1
						,'  '
						,@r3c2
						,'  '
						,@r3c3
						)
					)
				
				SET @setval = @setval + @inc
			END
			
			SET @thirdminval = @thirdminval + @inc
		END
		
		TRUNCATE TABLE #temp2
		
		SET @secondminval = @secondminval + @inc
	END
	
	TRUNCATE TABLE #temp1
	
	SET @minvalue = @minvalue + @inc
END
SELECT *
FROM @Finaltable

Import CSV Files into SQL Server using SSMS (SQL Server Management Studio)

 SSMS tool is used for writing queries. Apart from this, it is very helpful tool to import the CSV data into SQL Server.

Suppose we have a CSV file like this which is having double quotes and comma separated and it has headers also.

To Load this file into SQL Server, We can import using the below.

Database --> Tasks --> Import Data

It opensup the wizard.

Click next. Select Flat File as Data Source and select the file path,

Format :  Delimited. In the above CSV the delimiter is comma. 

Header Row Delimeter :  It is comma

Header rows to skip :  We have headers in the csv file so it should be zero

Select check box column names in the first row data

Click on columns to preview

If you want to change anything, use the advanced tab 

To preview rows clik on preview. 

Click next and select SQL native client and SQL server instance name. We windows or SQL based on the usage. Select database. 

Click next and sleect target name. We can rename the table also if it new table. Since this table not exist in db ,SQL will create automatically.

If we want to change anything in destination mapping we can use edit mapping. If we are sure it is not exist we can use create destination table or use other options based on usage.

Run immediately to run the package.

Click Finish to start the package.

The package run completed successfully.

We can see verify the table data by running the select in the target database.

Java Program to connect SQL server and fetch results from database using stored procedure

1. Program to fecth the Output from SQL server using the stored procedure without parameter

2. Program to fecth the Output from SQL server using the stored procedure with parameter

package SqlOutput;

import java.sql.CallableStatement;

import java.sql.Connection;

import java.sql.DriverManager;

import java.sql.ResultSet;

import java.sql.SQLException;

import java.util.Scanner;

public class SQLServerConnection {

public static void main(String[] args) {

// Connection URL

String connectionUrl = "jdbc:sqlserver://myserver;"

+ "trustServerCertificate=true;"

+ "IntegratedSecurity=true;"

+ "Database=Stocks;"

+ "loginTimeout=30;";

Scanner scanner = new Scanner(System.in);

// Prompt the user for input

System.out.print("Enter Stock Name: ");

String name = scanner.nextLine();

System.out.println("Stock Name you entered is : " + name +" ");

//System.out.print("Enter your age: ");

//int age = scanner.nextInt();

// Display the input back to the user

// System.out.println("Hello, " + name + "! You are " + age + " years old.");

// Establish the connection

try (Connection connection = DriverManager.getConnection(connectionUrl))

{

// System.out.println("Connected to the SQL Server database successfully.");

CallableStatement stmt = connection.prepareCall("{call sp_StockInfo(?)}");

stmt.setString(1, name);

// Execute the stored procedure

ResultSet rs = stmt.executeQuery();

// Process the result set

while (rs.next()) {

System.out.println("Name: " + rs.getString("Name")+ " Quantity: " + rs.getString("Quantity"));

}

}

catch (SQLException e)

{

e.printStackTrace();

}

}

}

3. Program to fecth the multi results Output from SQL server using the stored procedure with parameters

import java.sql.CallableStatement;

import java.sql.Connection;

import java.sql.DriverManager;

import java.sql.ResultSet;

import java.sql.ResultSetMetaData;

import java.sql.SQLException;

import java.util.Scanner;

public class SQLServerConnection {

public static void main(String[] args) {

// Connection URL

String connectionUrl = "jdbc:sqlserver://DESKTOP-H8VE8AJ;"

+ "trustServerCertificate=true;"

+ "IntegratedSecurity=true;"

+ "Database=Stocks;"

+ "loginTimeout=30;";

try

(

Scanner scanner = new Scanner(System.in)

)

{

// Prompt the user for input

System.out.print("Enter Stock Name: ");

String name = scanner.nextLine();

System.out.println("Stock Name you entered is : " + name +" ");

// Establish the connection

try (Connection connection = DriverManager.getConnection(connectionUrl))

{

//System.out.println("Connected to the SQL Server database successfully.");

CallableStatement stmt = connection.prepareCall("{call sp_Stock_Details(?)}");

stmt.setString(1, name);

// Execute the stored procedure

Boolean results = stmt.execute();

while (results) {

ResultSet rs = stmt.getResultSet();

ResultSetMetaData rsmd = rs.getMetaData();

int columnCount = rsmd.getColumnCount();

while (rs.next()) {

for (int i = 1; i <= columnCount; i++) {

String columnName = rsmd.getColumnName(i);

Object columnValue = rs.getObject(i);

System.out.println(columnName + ": " + columnValue);

}

}

results = stmt.getMoreResults();

}

}

catch (SQLException e)

{

e.printStackTrace();

}

}

}

}

Java Program to Connect SQL Server

 First time I tried to connect SQL Server using Java

'

Faced below issue while trying to connect

This driver is not configured for integrated authentication. We need to download the jdbc libraries and place in this path.

Dowloaded file

Place file in jre path

"connection refused: getsockopt. verify the connection properties. make sure that an instance of sql server is running on the host and accepting tcp/ip connections at the port. make sure that tcp connections to the port are not blocked by a firewall.".

This is due to TCP/IP Disabled. Enabled TCP/IP and restarted services.

Add jdbc drivers to connect SQL server. Download latest libraries from SQL server

PowerShell SQLInvoke-Sqlcmd Scripts

1) PowerShell Command to display date by Connecting SQL Server 

Invoke-Sqlcmd -Query "SELECT GETDATE() AS TimeOfQuery" -ServerInstance "DESKTOP-H8VE8AJ"

2) PowerShell Command to execute SQL Satement and save output to a file

Invoke-Sqlcmd -InputFile "C:\Users\OneDrive\Resumes\SQL Server Management Studio\Profit.sql" | Out-File -FilePath "C:\Users\OneDrive\Resumes\SQL Server Management Studio\Profit.rpt"

3) PowerShell command to pass the vairables

$StringArray = "MYVAR1='Machinename'", "MYVAR2='InstanceName'","MYVAR3='ServerName'

Invoke-Sqlcmd -Query "SELECT SERVERPROPERTY(`$(MYVAR1)) AS ComputerName,

SERVERPROPERTY(`$(MYVAR2)) AS InstanceName,

SERVERPROPERTY(`$(MYVAR3)) AS ServerName;" -Variable $StringArray -ServerInstance "DESKTOP-H8VE8AJ"

4) 

Openssl command for certficates and key generation

 1) To connect secure port using SSL we can use the below command

openssl s_client -connect hostname/localhostip:portnumber

ex :  openssl s_client -connect 127.0.0.1:443

2) To show the certificate from website we can use the below command

openssl s_client -showcerts -connect 127.0.0.1:443

3) To Print Certificate we can use OpenSSL

echo | openssl s_client www.google.con -connectwww.google.con:443 2>dev/null | openssl x509 text

4) To covert pkcs12 to pem format we can use OpenSSL

openssl pkcs12 -in "certificate in pkcs12 format" -nodes -out "new_cert.pem"

5) to convert the certificate from crt to pem format

openssl x509 -in "cert.crt" -out "cert.pem"

6) to convert the certificate from cer to pem format

openssl x509 -in "cert.cer" -out "cert.pem"

7) to convert the certificate from pem to der format

openssl x509 -outform der -in "cert.pem" -out "cert.der"

8)  Openssl can used to generate public private key pair. Below uses pkcs8 format

openssl genrsa 4096 | openssl pkcs8 -topk8 -inform PEM -out rsa_key_4096.p8 -nocrypt

openssl rsa -in rsa_key_4096.p8 -pubout rsa_key_4096.pub

9)  Openssl can used to generate public private key pair. Below uses pkcs8 format

DB2 Commands

 1) db2level

This will show the DB2 product version.

2) db2 list node directory

This will show nodeDirectory list that contains hostname, service name, protocol, node name

3) db2 list database directory

This will show database name , database version, authetication type etc details

4)  db2 connect to "databasename" user "üsername" using "Password"

This will connect to database

Incident Repsonse Planning

 1. Network segregation and isolation procedures should be part of the CSIRT expertiences to:? Pick two reasons

a. Whether to reset password or rapidly recreate account

b. Procedures and criteria for when to clean vs. rebuild

c. Host OS (and Application) rebuild procedures

d. Isolate HVAs from other end points in the production environment (such as compromised workstations and servers), if feasible

e.Block attacker C2 channels at internet egress points

2. Of of five core functions defined in NIST CSF, where would security monitoring fall?

a.Detect

b.Identify

c.Protect

d.Respond

3. To successfully respond to incidents, you must: (Choose two)

a.Minimize risks

b.Notify your legal department

c.Fire the CISO

d.Minimize the number and severity of security incidents

4. When documenting a security incident it is recommended to: (Choose two)

a.Wait till the incident is being reviewed to document it

b.Write up the report by hand in a note book

c.move fast to stop the intruder

d.Make sure to include dates and times

5. If you do not have a robust incident response plan, you should what?

a.Set firm plans to update your incident response plan

b.Treat each event as an incident

c.Search the Internet for a plan you can use

d.Panic

6. An what is a system occurrence that could happen regularly or due to hardware or software malfunction, not necessarily caused by a security compromise

a.Bug

b.Event

c.Activity

d.Incident

7. Performing password resets and C2 channel blocking alone is ineffective without also detecting and removing attacker malware from hosts True or Flase?

a.True

b.False

8. It is possible to stop a hacker attack by removing your systems from the network. You have stopped the attack, but you have essentially done a denial of service attack on yourself. In this case you have taken the wrong steps. what prinicple have you violated?

a.Be Accurate

b.Do no harm

c.Keep calm

d.Implement the response plan

9. A successful CSIRT team consists of several key members Pick three

a.Incident Lead

b.Lead from Legal

c.Sales team

d.External partners

e.Departmental managers

10. In NIST SP 800-61 it recommends four caegories of Incident Serverity(Choose two)

a.Very Low

b.Low

c.Very High

d.None

11. Your companies security incident has been mitigated, to prevent it from happening again, you need to understand what actually happened.

a.The best process to investigate the how, what, when, and why of th eincident is what?

b.Implement Azrue Security Center

c.Post-incident review

d.Review the Pre-incident system status

e.Wait for the security consultants to share their report

12. It is NOT recommendedto try to determine who attacked. NIST in their Computer Security Incident Handling Guide states “Identifying and attacking host can be a time-consuming and futile process that can prevent a team from achieving its primary goal". What should be your primary goal?

a.Notify the government

b.Minimizing the business impact

c.Restoring from backups

d.Enabling two factor authentication

13. Two-thirds of survey respondents ranked cybersecurity as a top five risk management priority, but only x% expressed high confidence in their organization’s ability to manage and respond to a cyber event.What percentage of the surveyed companies had high confidence in their ability to response to a cyber event?

a.35

b.19

c.10

d.3

14. Of of five core functions defined in NIST CSF, where would managment of GDPR fall?

a.Respond

b.Protect

c.Detect

d.Identify

Curl Commands

 Linux Commands

----------------------

1) Curl Command to download the data from a internet site.

curl  -O https://testserver.com.au/file.zip 

sometimes if secure option is enabled it will not allow to download the file. We may get error

curl failed the legitimacy of the server and therefore could not establish a secure connection to it.  so to fix this we use -k option.

curl  -k -O https://testserver.com.au/file.zip 

 2) to check curl version, below command will be used

curl --version

3) To download the files from Mainframe we can use curl command. 

First we need to configure netrc file which contains user name and password to connect mainframe file.

curl -netrc --ftp-ssl --use-ascii ftp://mainframeserver.com/"'AB.G.C'" -o /var/opt/sw/Files/output.dat

4) To upload the files to Mainframe we can use curl command.

 First we need to configure netrc file which contains user name and password to connect mainframe file.

curl -netrc --ftp-ssl --use-ascii -quote "site RDW LRECL=200 RECFM=FB CYLINDERS PRIMARY=4000 SECONDARY=400" --upload-file /var/opt/sw/Files/output.dat ftp://mainframeserver.com/"'AB.G.C'" 

 

5)  Curl Command to use verbose mode a internet site.

curl  -verbose -O https://testserver.com.au/file.zip

 

6)Curl Command to use ntlm for download file and place in specific directory

curl -k -ntlm -netrc  https://testserver.com.au/file.zip -o /var/opt/sw/Files/output.dat

7)  Curl Command to verfify firewall connection

curl -v http://ipaddress:portnumber

curl -v ftps://ipaddress:port

8)  Curl Command to download from insecure sites

curl -v -i -k -O -insecure https://testserver.com.au/file.zip -o file.zip

 Windows Commands

---------------------------

1) Curl Command to download the data from a internet site.

curl  -Uri "https://testserver.com.au/file.zip"  -OutFile file.zip

orapki utility commands

 1) Create a wallet using below command

orapki wallet create -wallet client_wallet -auto_login -pwd "wallet password"

2) change permission for wallet

   chmod 664 ewallet.p12
   chmod 664 cwallet.sso

 
3) Convert jks file into wallet

orapki wallet jks_to_pcks12 -wallet client_wallet -pwd "wallet password" -keystore key.jks -jkspwd "wallet password"

3) Add Trust certificate into exisitng wallet

orapki wallet add -wallet "walletlocation"  -pwd "wallet password" -trusted_cert -cert "certificatename.crt"

4) To display the certificates in wallet. Summary option means it will display onlycertificate details.

orapki wallet display -wallet "walletlocation"  -pwd "wallet password"  -summary

5) To display the certificates in wallet. Complete option means it will display complete certificate details. 

orapki wallet display -wallet "walletlocation"  -pwd "wallet password"  -complete

6) To Remove certificate from exisitng wallet

orapki wallet remove  -wallet "walletlocation"  -pwd "wallet password" -trusted_cert -cert "certificatename.crt"

ikeycmd commands for kdb database files

 1) Below command will display certificate details like expiry date in the kdb file keystore.kdb

ikeycmd -cert -details -label "Certificate name in KDB" -db keystore.kdb -pw "password of kdb file"

2) Below command will display list of certificates in kdb file

ikeycmd -cert  -list  -db keystore.kdb -pw "password of kdb file"

3) Below command will display ca certificates in kdb file

ikeycmd -cert  -list ca -db keystore.kdb -pw "password of kdb file"

4) Below command will display personal certificates in kdb file

ikeycmd -cert  -list personal -db keystore.kdb -pw "password of kdb file"

5) Below command will validate given certificate in kdb file

ikeycmd -cert  -validate -label  "Certificate name we need  to validate in KDB file" -db keystore.kdb -pw "password of kdb file"

6) Below command will display the default certificate in kdb file

ikeycmd -cert  -getdefault  -db keystore.kdb -pw "password of kdb file"

7) Below command will set the default certificate in kdb file. This will help to set default personal certificate if there are multiple certificates

ikeycmd -cert  -setdefault  -db keystore.kdb  -label "personal certificate name in KDB file"  -pw "password of kdb file"

8) Below command will import certificate into kdb file. 

ikeycmd -cert  -import -file  "Certificate file"   -pw "password of  the certificate file"   -type pkcs12 -label "personal certificate name to be in KDB file"  

-target_pw   "password of kdb file" -target_type CMS

9) Below command will help to delete certificate from kdb file. 

ikeycmd -cert  -delete -label  "Certificate name we need  to delete from KDB file" -db keystore.kdb -pw "password of kdb file" 

10) Below command will display expiry of ca certificate from kdb file

ikeycmd -cert  -list ca -db keystore.kdb -pw "password of kdb file" -expiry

11) Below command will add the certificate to the exisitng kdb file

ikeycmd -cert -add -file "Filename.crt" -db keystore.kdb -pw "password of kdb file" 

Incident Planning Response

 1. Which law or regulation requires government agencies and other organizations that operate systems on behalf of government agencies to create an incident response plan?

Ans :  FISMA (Federal Information Security Management Act of 2002)

2. You are working as a cybersecurity analyst in a Security Operations Center. You received an alert from your SIEM that a workstation might be infected with a piece of malware. Which phase of the incident response lifecycle would you be in when this occurs?

Ans : Detection and Analysis

3. Which of the following NIST Special Publications is titled as the Computer Security Incident Handling Guide?

Ans :  SP 800-61

4. Which of these is included in a policy?

Ans : objectives

5. Which of these is included in a plan?

Ans : measurements and metrics

6. Which of these is included in a procedure?

Ans : forms

7. Which structure would allow an organization to hire a managed security service provider (MSSP) to conduct their 24/7 monitoring but would still rely on the organization’s own employees to conduct an incident response if a serious breach was detected?

Ans :  a partially outsourced model

8. Which role is responsible for the overall success or failure of the technical portions of an incident response?

Ans : team leader

9. Which incident response team member is primarily focused on the creation of an event timeline to show what occurred leading up to the incident?

Ans: forensic analyst

10. Which organization type require an incident responder to send an information request through their manager prior to sending it to an analyst in the human resources department?

Ans :  a vertical organization

11. One of your incident response team members is planning to attend the BlackHat information security conference next month and wants to exchange some of the lessons learned from your organization’s latest incident response efforts with a forensic analyst they know at another company. Which type of coordinating relationship best describes this information exchange?

Ans : team to team

12. Which of these is not considered an indicator that could be used during your technical analysis?

Ans : news articles about an incident

13. Which of these is a consideration when asking contract personnel to come in after working hours for an incident, but is not a major consideration when dealing with your own organizational employees?

Ans : incurring additional labor coverages and costs

14. Which type of technical resource could be used to identify if a Windows system file has been modified?

Ans : cryptographic hash

15. Which of these is not considered a method of preventing future incidents?

Ans : Remove a Remote Access Trojan from the organization’s server.

16. Which attack vector would be used to properly categorize a password spraying attack?

Ans :  attrition-based

17. Which type of indicator of compromise would best represent the vulnerability and exploit data contained within the Common Vulnerabilities and Exposures database?

Ans : public information

18. Which of these is a prioritization category that is used to measure the effect on the confidentiality, integrity, or availability of an organization’s network or servers?

Ans : information impact

19. Which containment strategy involves disconnecting an infected host from the network to prevent the spread of malware?

Ans : isolation

20. Based on the order of volatility, which type of evidence should be collected first?

Ans : swap files

21. Which of these is not considered a recovery action during an incident response?

Ans : Collect evidence from the affected system.

22. When creating your evidence retention policy, which factor would prevent you from retaining data and evidence for an indefinite amount of time?

Ans :  the size of the organization’s budget for data retention

23. What is the most important thing to do during a "Lessons Learned" workshop to get valuable feedback from everyone?

Ans : Avoid assigning blame to anyone.

24. Which of these is not a typical measure or metric collected by the incident handling and incident response team?

Ans : average salary of your incident responders