ECCouncil Updated ICS-SCADA Exam Questions and Answers by boden

The WannaCry ransomware primarily exploited vulnerabilities in the SMB (Server Message Block) version 1 protocol to propagate across network systems. Microsoft had identified vulnerabilities in SMBv1, which were exploited by the EternalBlue exploit to spread the ransomware. This led to widespread infections, particularly in systems that had not applied the security updates released to patch the vulnerability.References:

Microsoft Security Bulletin MS17-010, "Security Update for Microsoft Windows SMB Server".

A Virtual Private Network (VPN) typically requires two Security Associations (SAs) for a secure communication session. One SA is used for inbound traffic, and the other for outbound traffic.

In the context of IPsec, which is often used to secure VPN connections, these two SAs facilitate the bidirectional secure exchange of packets in a VPN tunnel.

Each SA uniquely defines how traffic should be securely processed, including the encryption and authentication mechanisms. This ensures that data sent in one directionis handled independently from data sent in the opposite direction, maintaining the integrity and confidentiality of both communication streams.

References

"Understanding IPSec VPNs," by Cisco Systems.

"IPsec Security Associations," RFC 4301, Security Architecture for the Internet Protocol.

The Authentication Header (AH) in the context of IPsec has a fixed header portion of 24 bits and a mutable part that can vary, but when considering the fixed structure of the AH itself, the width is typically considered to be 32 bits at its core structure for basic operations in providing integrity and authentication, without confidentiality.References:

RFC 4302, "IP Authentication Header".