Monday, 20 January 2014

Cisco fixes remote access vulnerabilities in Cisco Secure Access Control System

Flaws in the network access control product can give attackers access to administrative functions, Cisco said

Cisco Systems has released software updates for its Cisco Secure Access Control System (ACS) in order to patch three vulnerabilities that could give remote attackers administrative access to the platform and allow them to execute OS-level commands without authorization.

Cisco ACS is a server appliance that enforces access control policies for both wireless and wired network clients. It's managed through a Web-based user interface and supports the RADIUS (Remote Access Dial In User Service) and TACACS+ (Terminal Access Controller Access-Control System Plus) protocols.

+ Also on NetworkWorld: Best of CES 2014 -- in Pictures +

Versions of the Cisco Secure ACS software older than 5.5 contain two vulnerabilities in the RMI (Remote Method Invocation) interface that's used for communication between different ACS deployments and listens on TCP ports 2020 and 2030.

One of the vulnerabilities, identified as CVE-2014-0648, stems from insufficient authentication and authorization enforcement and allows remote unauthenticated attackers to perform administrative actions on the system through the RMI interface.

The other vulnerability, identified as CVE-2014-0649, allows remote attackers with access to restricted user accounts to escalate their privileges and perform superadmin functions via the RMI interface.

A third vulnerability, tracked as CVE-2014-0650, was discovered in the system's Web-based interface and is the result of insufficient input validation. An unauthenticated remote attacker can exploit this vulnerability to inject and execute OS-level commands without shell access, Cisco said in a security advisory. This vulnerability affects Cisco Secure ACS software older than 5.4 patch 3.

There are no configuration workarounds available to mitigate these vulnerabilities, so updating the software to the new versions released by Cisco is recommended.

"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory," the company said.

Best CCNA Training and CCNA Certification and more Cisco exams log in to Certkingdom.com


Monday, 13 January 2014

70-337 Enterprise Voice & Online Services with Microsoft Lync Server 2013



QUESTION 1
Subsequent to configuring synchronization for Active Directory and Microsoft Office 365, you want
to make sure that the phone numbers of the preliminary Exchange Online users are suitably supervised.
Which of the following actions should you take?

A. You should consider making use of the MOSDAL Support Toolkit.
B. You should consider making use of the Office 365 Lync Online TRIPP tool.
C. You should consider making use of Active Directory Users and Computers.
D. You should consider making use of the Microsoft Online Services Directory Synchronization tool.

Answer: C

Explanation:


QUESTION 2
You are preparing to install and configure two Mediation Servers is the Dallas office to satisfy the
Enterprise Voice prerequisites.
You are preparing to configure the necessary ports.
Which of the following is TRUE with regards to the port configuration?

A. At least one port must be configured for each Mediation Server to meet the Enterprise Voice prerequisites.
B. Only one port must be configured for each Mediation Server to meet the Enterprise Voice prerequisites.
C. At least three ports must be configured for each Mediation Server to meet the Enterprise Voice prerequisites.
D. Only one Mediation Server must be configured with three ports to meet the Enterprise Voice prerequisites.

Answer: C

Explanation:


QUESTION 3
You have been instructed to execute the cmdlet that satisfies the corporate prerequisites.
Which of the following actions should you take?

A. You should consider executing the Enable-CsUser cmdlet.
B. You should consider executing the Set-CsUser cmdlet.
C. You should consider executing the Convert-CsUserData cmdlet.
D. You should consider executing the Export-CsUserData cmdlet.

Answer: B

Explanation:


QUESTION 4
You have been tasked with satisfying the UM prerequisite with regards to extensions.
Which of the following actions should you take?

A. You should consider configuring a UM auto attendant.
B. You should consider configuring a UM mailbox policy.
C. You should consider configuring a hunt group.
D. You should consider configuring a UM Dial plan.

Answer: D

Explanation:


QUESTION 5
You want to satisfy the Lync Server prerequisites with regards to PSTN routing.
Which of the following actions should you take?

A. You should consider configuring a Director Server.
B. You should consider configuring two Lync Server 2013 trunks.
C. You should consider configuring a stand-alone Mediation Server pool.
D. You should consider configuring an Edge pool.

Answer: B

Explanation:


Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com