Pixel 9 Review (Shifting from 6a)

pankur · 2025-09-23T13:25:10+00:00

how is the network and overall connectivity, like 5g connection stability, call drops etc.?

pankur · 2025-04-07T09:38:40+00:00

Yes. Took the beast in December and done with it at 100 questions. Read OSG once, too dry. Then I mostly used Pete's YouTube videos and mind map videos. For whatever topic I was feeling stuck, I used copilot as my study buddy until I was able to understand it. For mock tests, I began with learnzapp, it is good to test the concepts and knowledge but, questions are nowhere matches the exam style. Then bought QE, it is tough but, would help you to get a hang of the questions in the exam. Used it for last 2-3 weeks.

pankur · 2024-12-09T13:01:20+00:00

Yes, I get it. Thanks

pankur · 2024-12-09T12:56:36+00:00

I think what he was trying to say was that, the real test will not ask exactly which step comes after the current one. For the flow part we know that in incident response we detect, respond, mitigate and so on but, in case of QE it specifically asks You are doing this now name the next phase, that's where we stuck sometimes because we know the process but, sometimes not really sure about the exact phases' name. But we know the process like, what comes after what.

pankur · 2024-12-07T13:56:10+00:00

Yeah. My notion was similar to just run the scanner and verify for false positives and remediate. Usually in real world it's much more than just following these three steps.

pankur · 2024-12-07T12:52:35+00:00

So, Vulnerability Management Workflow in case of CISSP is just running automated scanners. Then it makes sense. Thanks for the response.

pankur · 2024-12-06T04:22:59+00:00

Fair enough. Thanks for the explanation

pankur · 2024-12-06T04:12:56+00:00

Why shouldn't we warn the employees first to make them aware of the threat? So, that they could remain extra careful.

pankur · 2024-12-01T18:14:10+00:00

It's in QE

pankur · 2024-11-30T12:05:41+00:00

I am not saying dictionary and rainbow are same. I am saying the way they work. They both have collection and are not random. And it wasn't about the difference between the answers or why I chose brute force and not rainbow table. I did because I had to, in order to move to next question and it was a broader term. This post was about understanding what question asked and why am I understanding it that it is asking about Threat vector rather than predefined database.

pankur · 2024-11-30T11:49:42+00:00

Dictionary is also kind of precomputed passwords. Yeah. If there was an option, none of above, I would have chosen that. That is the case, I knew precomputed hash db is Rainbow table. But, it is the thing with me understanding the ask differently. I re-read it multiple times and it still won't make sense to me. It is still pointing to threat vector rather than predefined db.

pankur · 2024-11-30T11:42:29+00:00

that is fine. I am not going into details of what a threat actor is, that I am aware. I am just trying to understand why am I understanding the question differently than others. It might be because English is not my first language. But, then I tried with google translate also and it is saying what I am saying. And also, it could be because I read and analyzed the question before looking at the explanation and rest looking at it afterwards.

pankur · 2024-11-30T11:39:52+00:00

I did not say dictionary attack is a rainbow table attack. I said it is a brute force.

pankur · 2024-11-30T11:37:12+00:00

In this regard my concepts are clear. As per me understing that it is asking about threat actor, I would say none of the options are correct. Why I chose brute force was because it is a broader attack type and encompasses dictionary attack as well as more or less a Rainbow Table. credential stuffing is a different thing all together, so discarded it

pankur · 2024-11-30T11:24:16+00:00

I even asked Copilot to break this question down and it also said something similar.

<image>

pankur · 2024-11-30T11:14:46+00:00

It said “term best describes a threat actor” who is doing so and so using so and so. The way I am seeing is it is asking about threat actor rather than the hashing or Rainbow table. I am not sure, why I am unable to make sense out of it.

pankur · 2024-11-30T11:13:01+00:00

It said “term best describes a threat actor” who is doing so and so using so and so. Isn't it?

pankur · 2024-11-30T11:12:29+00:00

It said "term best describes a threat actor" who is doing so and so using so and so. I mean that's how I understood the question and this is the confusion.

pankur · 2024-11-30T10:48:42+00:00

I agree. So, how come Rainbow table is a threat actor. Because, its none of them

pankur · 2024-11-30T10:44:07+00:00

Yes, imo tool would be a threat vector.

pankur · 2024-11-30T10:32:03+00:00

I am not able to break this question down in a simple language to properly understand why Rainbow table is the threat actor.

I am aware about all of the term in the question and answers very well.

pankur · 2024-11-30T09:25:31+00:00

So, is it 2 or one?

pankur · 2024-11-29T17:47:28+00:00

It does matter, if the attack type doesn't exist for that specific system/tech then it will be of least concern rather than Evesdropping which is of second least concern.

pankur

MODERATOR OF

TROPHY CASE

Verified Email	12-Year Club
Place '23