Top 100 Essential Cybersecurity and Ethical Hacking Interview Questions with Detailed Answers

Prepare for your cybersecurity and ethical hacking interviews with confidence using our collection of 100 essential interview questions and comprehensive answers. Gain insights into critical concepts and strategies.

Top 100 Essential Cybersecurity and Ethical Hacking Interview Questions with Detailed Answers

1. What is hacking?

Hacking refers to unauthorized intrusion in a system or a network. The person involved in this process is called a hacker. They use the computer to commit non-malicious activities such as privacy invasion, stealing personal/corporate data, and more.

2. What is ethical hacking?

Ethical hacking is also known as penetration testing or intrusion testing where the person systematically attempts to penetrate/intrude into a computer system, application, network, or some other computing resources on behalf of its owner and finds out threats and vulnerabilities that a malicious hacker could potentially exploit.

3. What are the types of hackers?

  • Black Hat: These hackers are responsible to create malware; they gain unauthorized access to a system or network and harm its operations and steal sensitive information. 
  • White Hat: These hackers are also known as ethical hackers; they’re often employed by companies or government agencies to find out the vulnerabilities. They never intend to harm the system instead find out the weaknesses in the network/system as part of penetration testing and vulnerability assessments.
  • Grey Hat: These hackers are a blend of both white hat and black hat hackers; they find out the vulnerabilities in a system without the owner’s permission or knowledge. Their intention is to bring the weaknesses in the system to the owner's attention and demand some compensation or incentive from the owner.
  • Hacktivist: The person who utilizes technology for announcing social, religious, or political messages. Mostly hacktivism includes website defacement or denial-of-service attacks.  
  • Script Kiddie: The one who enters into the computer system using the automation tools written by others and has less knowledge of the underlying concept, hence the term kiddie. 
  • Elite Hackers: This is a social message among hackers that describes the most skilled ones. Recently identified exploits will circulate among these hackers.
  • Neophyte: They are also known as green hat hacker or newbie who has no knowledge about the workings of technology and hacking.
  • Blue Hat: The one who is outside of computer security consulting firms try to attempt a bug test to a system before its launch to find out the weaknesses and close the gaps. 
  • Red hat: They are a blend of both black hat and white hat hackers, usually employed by top security agencies, government agencies, etc., that fall under the category of sensitive information.

4. What are the different types of hacking?

  1. Website hacking: It refers to unauthorized access over a web server and its associated software such as databases and interfaces, and making changes to the information.
  2. Network hacking: It refers to collecting data about a network using tools like Telnet, ping, etc., with the intent to harm the network and hamper its operations.
  3. Email hacking: It refers to unauthorized access to the email account and utilizing it without the owner’s permission.
  4. Password hacking: It refers to the process of recovering secret passwords from data that has been stored in the computer system.
  5. Computer hacking: It refers to unauthorized access to the computer and stealing the data such as computer passwords and ID by employing hacking techniques.

5. What are the advantages and disadvantages of ethical hacking?

Advantages:

  • It helps to fight against cyber terrorism and national security breaches.
  • It helps to take preventive actions against hackers.
  • Detects the weaknesses and closes the gaps in a system or a network.
  • Prevents gaining access from malicious hackers.
  • Provides security to banking and financial settlements.

Disadvantages:

  • Might use the data against malicious hacking activities.
  • May corrupt the files of an organization.
  • Possibility to steal sensitive information on the computer system.

6. What are the tools used for ethical hacking?

  • John the Ripper
  • Metasploit
  • Nmap
  • Acunetix
  • Wireshark
  • SQLMap
  • OpenVAS
  • IronWASP
  • Nikto
  • Netsparker

7. What are the various stages of hacking?

  1. Reconnaissance: This is the primary phase of hacking, also known as the footprinting or information gathering phase, where the hacker collects as much information as possible about the target. It involves host, network, DNS records, and more.
  2. Scanning: It takes the data discovered during reconnaissance and uses it to examine the network. 
  3. Gaining access: The phase where attackers enter into a system/network using various tools and techniques.
  4. Maintaining access: Once hackers gain access, they want to maintain access for future exploitation and attacks. This can be done using trojans, rootkits, and other malicious files.
  5. Covering tracks: Once the hackers are able to gain and maintain access, they cover tracks to avoid detection. It involves modifying/deleting/corrupting the value of logs, removing all traces of work, uninstalling applications, deleting folders, and more. 

8. What is a firewall?

A firewall is a network security system that allows or blocks network traffic as per predetermined security rules. These are placed on the boundary of trusted and untrusted networks.

9. What is the difference between encryption and hashing?

Hashing is used to validate the integrity of the content, while encryption ensures data confidentiality and security. Encryption is a two-way function that includes encryption and decryption, while hashing is a one-way function that changes a plain text to a unique digest that is irreversible.

10. What is the difference between IP address and Mac address?

IP address: For every device, an IP address is assigned. The IP address is a number allocated to a connection of a network.

MAC address: A MAC address is a unique serial number assigned to every network interface on every device.  

The major difference is MAC address uniquely identifies a device that wants to take part in a network while the IP address uniquely defines a connection of a network with an interface of a device.

11. What is the difference between virus and worm?

Virus: It is a type of malware that spreads by embedding a copy of itself and becomes a part of other programs. Viruses spread from one computer to another while sharing the software or document they are attached to using a network, file sharing, disk, or infected email attachments. 

Worm: These are similar to viruses and cause the same type of damage. They replicate functional copies of themselves and do not require a host program or human help to propagate. Advanced worms leverage encryption, ransomware, and wipers to harm their targets.

12. What do you mean by keystroke logging?

Keystroke logging is also known as keylogging or keyboard capturing. It is a type of surveillance software that records every keystroke made on the keyboard. Every action made on the keyboard is monitored, and data is retrieved by operating through the logging program. 

13. What do you mean by Trojan and explain its types?

A Trojan is a type of malware that is often developed by hackers or attackers to gain access to target systems. Users are manipulated by some attractive social media ads and then directed towards malicious sites into loading and performing Trojans on their systems.

Types of Trojans:

  1. Trojan-Downloader: It is a type of virus that downloads and installs other malware.
  2. Ransomware: It is a type of Trojan that can encrypt the data on your computer/device. 
  3. Trojan-Droppers: These are complex programs used by cybercriminals to install malware. Most antivirus programs do not identify droppers as malicious, and hence it is used to install viruses.
  4. Trojan-Rootkits: It prevents the detection of malware and malicious activities on the computer. 
  5. Trojan-Banker: These steal user account-related information such as card payments and online banking.
  6. Trojan-Backdoor: It is the most popular type of Trojan, that creates a backdoor for attackers to access the computer later on from remote using a remote access tool (RAT). This Trojan provides complete control over the computer.

14. What is Cowpatty?

Cowpatty is the implementation of the offline dictionary attack against WPA/WPA2 networks using PSK-based authentication.

E.g. WPA-Personal

Most of the enterprises employ PSK-based authentication for WPA/WPA2 networks.

15. What do you mean by exploitation?

Exploitation is a part of programmed software or script that allows hackers to gain control over the targeted system/network and exploit its vulnerabilities. Most hackers use scanners like OpenVAS, Nessus, etc., to find these vulnerabilities.

16. What is enumeration in ethical hacking?

Enumeration is the primary phase of ethical hacking that is information gathering. In this phase, the attacker builds an active connection with the victim and tries to gain as much information as possible to find out the weaknesses or vulnerabilities in the system, and tries to exploit the system further.

Enumeration collects information about:

  • Network shares
  • Passwords policies lists
  • IP tables
  • SNMP data, if they are not secured properly
  • Usernames of different systems

17. What are the different enumerations available in ethical hacking?

 The different enumerations available in ethical hacking are listed below:

  • DNS enumeration
  • NTP enumeration
  • SNMP enumeration
  • Linux/Windows enumeration
  • SMB enumeration

18. What is defacement?

 Defacement is an attack in which the hacker changes the visual appearance of a web page or website. The attacker replaces the firm’s site with an alternate page or sometimes opposite to the text of the website.

19. What is MIB?

Management Information Base (MIB) is a virtual database of network objects. It contains all the formal descriptions of the network objects being monitored by a network management system. The MIB database of objects is used as a reference to a complete collection of management information on an entity like a computer network.

20. What is MAC flooding and how to prevent it?

MAC flooding is an attacking method that is used to compromise the security of the network switches. These switches maintain a table structure called a MAC table that consists of each MAC address of the host computer on the networks which are connected to the ports of the switch.

To prevent MAC flooding, use the following methods:

  • Authentication with the AAA server
  • Port security
  • Implement IEEE 802.1x suites
  • Employ security measures to prevent IP spoofing or ARP spoofing 

21. What is footprinting?

Footprinting is a technique used for collecting as much information as possible about the targeted network/system/victim to execute a successful cyber attack. It also finds out the security posture of the target. During this phase, a hacker can collect data about a domain name, IP address, namespace, employee information, phone numbers, emails, and job information.

Footprinting is divided into two types:

Passive footprinting: It collects data of the target system located at a remote distance from the attacker.

Active footprinting: It is performed directly by getting in touch with the target machine.

22. What do you mean by fingerprinting in ethical hacking?

Fingerprinting is a technique used for determining which operating system is running on a remote computer.

Active fingerprinting: In this, we send the specially crafted packets to the target machine, and based on its response and gathered data, we determine the target OS.

Passive fingerprinting: In this, based on the sniffer traces of the packets, we can find out the OS of the remote host.

23. What is sniffing and what are its types?

Sniffing is referred to as a process of monitoring and capturing the data packets passing through a given network. It is mostly used by system/network administrators to monitor and troubleshoot network traffic. Sniffing allows you to see all sorts of traffic, both protected and unprotected. Attackers use this to capture data packets having sensitive information such as email traffic, FTP password, web traffic, router configuration, DNS traffic, and more.

Sniffing is divided into two types:

Active sniffing:

In this, traffic is not only locked and monitored but it may be altered in some way determined by the attack. It is used to sniff a switch-based network. It involves injecting the address resolution packets into a target network to switch on the content addressable memory table.

Passive sniffing:

In this, traffic is locked but not at all altered in any way. It works with hub devices, and traffic is sent to all the ports. Any traffic that is passing through the unbridged or non-switched network segment can be seen by all the machines on the segment.

24. What are the best sniffing tools?

The best sniffing tools are listed below:

  • Tcpdump
  • Wireshark
  • Fiddler
  • EtherApe 
  • Packet Capture
  • NetworkMiner
  • WinDump
  • EtterCap
  • dSniff

25. What is ARP poisoning?

ARP (Address Resolution Protocol) poisoning is also known as ARP spoofing or ARP Poison routing. It is a form of attack where the attacker changes the MAC (Media Access Control) address and attacks the ethernet LAN network by changing the target computer’s ARP cache with forged requests and reply packets.

26. How to prevent ARP poisoning?

ARP poisoning can be prevented by the following methods:

Packet filters:

These help in reducing the chances of attacks being successful. These filters analyses each packet that has been sent over a network and filter out and blocks malicious packets that are suspicious.

Encryption:

Protocols such as SSH and HTTPS will also help you to reduce ARP poisoning attacks.

VPNs:

These are not suitable for larger organizations as each VPN connection needs to be placed between each computer and each server. If it is only a single person trying to attack using public wifi, then VPN will encrypt all the data that has been transmitted between the exit server and the client.

Static ARP entries:

This is suitable for smaller networks. This ARP is added for every machine on a network into a single individual computer.

27. What is DNS Cache Poisoning?

DNS cache poisoning is a technique that exploits vulnerabilities in the DNS (domain name system) to divert internet traffic away from legitimate servers and towards false ones. It is also known as DNS spoofing.

28. What is SQL injection and how to prevent it?

SQL injection is a type of injection attack that executes malicious SQL statements and controls the database server behind a web application.

These attacks mostly take place on the web pages developed using ASP.NET or PHP.

These attacks can be made with the following intentions:

  • To execute the different queries that are not allowed on the application.
  • To change the content of the database
  • To dump the entire database of the system.

The only way to prevent the SQL injection attack is input validation and parameterized queries including prepared statements. The application code should never use the input directly.

29. What is Cross-Site scripting and how can you fix it?

Cross-Site Scripting (XSS) is also referred to as a client-side code injection attack. In this, the attacker intends to execute malicious scripts on the victim’s web browser by including malicious code in a legitimate page or web application. The actual attack occurs when the victim visits the page and executes malicious code, and this web application actually becomes a vehicle to deliver the malicious script to the user’s browser. Forums, web pages, and message boards that allow comments support cross-site scripting attacks.

To fix these attacks, apply context-dependent output encoding. 

30. What is a DDoS attack and how does it work?

DDoS (Distributed Denial of Service) attack is a type of DoS attack, where several compromised systems are often infected with a trojan and are used to target a single system causing a DoS (Denial of Service) attack.

Here is how DDoS work:

It is an attempt to make a webpage or online service inaccessible by overloading it with huge floods of traffic from various sources.

31. What are the types of DDoS attacks?

DDoS attacks are categorized into three types:

Volume-based Attacks:

These are also known as Layer3 & 4 attacks. In this, the attacker tries to saturate the bandwidth of the target site.

Protocol Attacks:

These attacks include actual server resources and others like load balancers and firewalls, and they are measured in Packets per Second.

Application Layer Attacks:

It includes the zero-day DDoS attacks, Slowloris, etc., that attack the Windows, Apache, or OpenBSD vulnerabilities and more. This is measured in Requests per Second.

32. What is a Pharming attack and how to prevent it?

Pharming attack is one of the various cyber-attacks practiced by the attackers. It is a fraudulent practice in which legitimate website traffic is manipulated to direct users to the fake look-alikes that will steal personal data such as passwords or financial details or install malicious software on the visitor's computer.

Pharming attacks can be prevented by the following methods:

Install the power antivirus software that will detect and remove the malware that is directed to the malicious sites on your computer.

Check the URLs on the sites that you visit are trustworthy. 

33. What is a phishing attack?

Phishing is an attempt to steal sensitive information such as user data, credit card numbers, etc. These attacks occur mostly while using personal email accounts or social networking sites, online transactions, and more.

34. What is Spoofing?

Spoofing is a fraudulent practice in which communication is sent from an unauthorized source and disguised as a known source to the receiver. It is used to gain access to targets' personal information and spread malware and redistribute traffic to execute a denial-of-service attack.

The below listed are the most popular spoofing attacks: 

  • Email spoofing
  • Website spoofing
  • Caller ID spoofing
  • ARP spoofing
  • DNS server spoofing

35. What are the different types of penetration testing?

There are five types of penetration testing:

  1. Black Box: In this, the hacker attempts to detect information by their own means.
  2. External Penetration Testing: In this case, the ethical hacker attempts to hack using public networks through the Internet. 
  3. Internal Penetration Testing: The ethical hacker is inside the network of the company and conducts his tests from there.
  4. White Box: In this, an ethical hacker is provided with all the necessary information about the infrastructure and the network of the organization that needs to penetrate.
  5. Grey Box: It this, the hacker has partial knowledge of the infrastructure, like its domain name server.

36. What are the types of password cracking techniques?

The most popular password cracking techniques used by hackers are listed below:

  1. Dictionary attack: This attack uses the common kind of words and short passwords that many people use. The hacker uses a simple file containing words that can be found in the dictionary and tries them frequently with numbers before or after the words against the user accounts.
  2. Brute force attacks: These are similar to dictionary attacks, but instead of using simple words, hackers detect the non-dictionary words by using all possible alphanumeric combinations from aaa1 to zzz10.
  3. Man in the middle attack: In this, the attacker's program actively monitors the information being passed and inserts itself in the middle of the interaction usually by impersonating an application or website. These attacks steal sensitive information such as social security numbers, account numbers, etc.
  4. Traffic interception: In this, the hacker uses packet sniffers to monitor network traffic and capture passwords.
  5. Keylogger attack: The hacker manages to install software to track the user's keystrokes and enable them not only to collect the user's account information and passwords but also to check which website or app the user was logging into the credentials.

37. What is a social engineering attack?

Social engineering is referred to like a broad range of methods majorly intended by the people who want to hack other people’s data or make them do a specific task to benefit the hacker.

The attacker first collects the victim’s information like security protocols required to proceed with the attack, and gains the victim's trust, and breaks security practices, such as granting access to critical resources or stealing sensitive information.  

38. What are the different types of social engineering attacks?

Different types of social engineering attacks include:

  • Phishing
  • Vishing
  • Pretexting
  • Quid pro quo
  • Tailgating
  • Spear phishing
  • Baiting

39. What is a rogue DHCP server?

A rogue DHCP server is a DHCP server set up on a network by an attacker which is not under the control of network administrators. It can be either a modem or a router.

Rogue DHCP servers are primarily used by hackers for the purpose of network attacks such as Sniffing, Reconnaissance, and Man in the Middle attacks.

40. What is Burp Suite?

Burp Suite is an integrated platform used for executing a security test of web applications. It consists of various tools that work seamlessly together to manage the entire testing process from initial mapping to security vulnerabilities. 

In case you have attended any ethical hacking interview in the recent past and unable to find out the best answers for it, do mention those interview questions in the comments section below and we’ll answer them ASAP. 

41. What does reconnaissance mean in ethical hacking?

This is the phase where all the information is gathered to know the system better. The information varies from determining network range to discover open ports and access points.

42. Are there different types of reconnaissance?

Two types of reconnaissance are active and passive. In active reconnaissance, an ethical hacker is given permission to interact with the system or the network. On the contrary, passive reconnaissance is carried out without any connection to the network.

43. What is defined as Scanning and how is it used in ethical hacking?

Using the data collected in the first stage, a profile of the network to be attacked is created. Three different types of scanning are carried out primarily. These are network scanning, port scanning, and vulnerability scanning.

44. What is Gaining access and how does an ethical hacker do this?

After the reconnaissance and scanning phase, the ethical hacker pins down the tools and techniques to penetrate the system. And this phase is called gaining access, where he is able to gain unauthorized access. As you read ahead you will find many ethical hacking technical interview questions about this stage.

45. How does an ethical hacker maintain access to a network?

A hacker might not be able to get all the information from the network or system at once. He might choose to just stay there and keep extracting data. This is what is achieved during this phase. The malware or Trojan is used to keep the hacker connected and maintain access.

46. What does the clearing of tracks mean and why is it important?

It is important for any hacker not to leave a trail behind. And this is achieved by his includes clearing out the sent emails, server logs, uninstalling apps, deleting folders and any temp files and more.

47. What is Trojan-Backdoor?

Like every common type of Trojan, it hands over the control of the infected computer to the malicious user. And it is also part of the most common ethical hacker job interview questions. Generally used for criminal purposes, it takes complete control of the system and can send, receive, and delete important files.

48. What does the Trojan-Ransom perform?

It is a type of Trojan program that modifies the sensitive files and encrypts them. And for the decryption or unlocking a ransom is demanded.

49. Why does a hacker require Trojan-Droppers?

It is dangerous and is used by malicious hackers to drop the malware into the system under attack. It requires quite some sophisticated antivirus to detect a dropper.

50. Can Trojan-IM steal private information?

A dedicated program that intends to steal the login credentials of instant messaging apps like Skype and the like.

51. Why can our regular anti-virus not trace the Trojan? What are Rootkits?

It generally accompanies the main malicious program. The task it accomplishes is to hide the tracks and activities of the malware. Thus it supports the malware to operate longer before being detected. In ethical hacking technical interview questions round, you might also be asked about some of the rootkits if you are looking for an advanced role.

51. Can a Trojan be used to conduct DDoS?

Yes, a Trojan- DDoS is the malware that particularly targets the Web-addresses and leads to a Denial of Service from the address.

52. What does the term exploitation mean?

This might be the first of your ethical hacking interview questions list. The hackers need to insert a program into the target network or system to exploit the soft-spots. That said, exploitation is a programmed software or script used by a hacker to take control.

53. How is exploitation executed?

A vulnerability scanner is used to identify the areas that can be exploited and Nexpose, Nessus and OpenVAS are the most commonly used ones.

54. What does enumeration mean?

The process of getting access to information like user names or network is known as enumeration. The hacker needs to establish an active connection with the system to get the maximum possible information. As a part of Scanning, it is used to get important information to exploit a system.

55. What kind of information is collected during enumeration?

Generally, the important information collected during this phase is:

  • User and group names
  • Network Resource and shares
  • Machine names
  • Applications
  • SNMP details
  • DNS details

56. What does defacement mean?

A very common attack on webpages and that is why it is present in our ethical hacking interview questions and answers list. It uses SQL injection attacks. If the input fields are not initialized, the hacker can use SQL strings to create a query.

57. What happens when defacement is executed?

Once the query is executed, the website may reflect defaced data thus impacting the visual appearance of the website. It is generally conducted by hacktivist groups.

58. What is a Firewall? Explain its need in brief?

 Firewalls are the defense system to any network that keeps your systems, devices, and other network touchpoints safe from any external threats like viruses, worms, trojans, DDoS attacks, Waterhole attacks and more. Firewalls are additionally used for filtering the communications that are happening between the internal and external touchpoints.

59. What is the difference between penetrating testing and vulnerability management?

The organization that has set up an outstanding security procedure will hire penetration testers to check how secure and unbreakable is their network, this is called penetration testing. However, vulnerability management  is the process of identifying vulnerabilities in the existing network using tools like patch management and endpoint security management and fix the same using them.

60. Who is a Cryptographer?

Any confidential data that is existing in the web has to be encrypted to keep it safe, but due to increased number of data breaches this is better if the same data is being converted into more convoluted using cryptography, a method of encrypting data in a unique way which only the receiver with the code can decrypt. The professional behind this cryptography process is called a cryptographer.

61. How will you secure a server?

  •     Checking servers for SSL protocol to encrypt and decrypt the sensitive data and secure it against anonymous access.
  •     Create new users using this server and making sure unwanted ports are blocked.
  •     Removing privileged access to the server data for users.
  •     Removing remote access to servers.
  •     Practicing VPN based access to servers.
  •     Configuring firewalls and proxy settings for secure communications.

62. What is data leakage?

Any intentional or unintentional leakage of data from the corporate database to external storage is called as data leakage. This leakage can be of one of three ways. Accidental breach Intentional breach using an insider threat Hacking attempt to break into the corporate network and steal the data.

63. Can You Name Eight Common cyberattacks?

  •     Ransomware
  •     DDoS attacks
  •     Malware
  •     Phishing
  •     Zero-day attacks
  •     Brute force attacks
  •     XSS
  •     Man-in-the-middle attacks

64. What are the OSI model and name their types?

OSI model is an inter-operative framework that developers would need to make their applications work along with the network. The types are:

  • Application layer
  • Presentation layer
  • Network layer
  • Transport layer
  • Session layer
  • Data link layer
  • Physical layer

65. What is SSL encryption?

Secure Socket Layer (SSL) is a security layer that is usually deployed between a web server and a browser to keep the communication secured and safe from any external cyber actors. Useful for online transaction and for digital privacy.

An SSL connection can be established when a browser requests for an SSL with the web browsers and the webserver confirms the same with its SSL certificate showing it is trustworthy, and that's when the browsers initiate the communication after verifying the SSL certificate and believes the connection would be trustworthy.

66. Explain Port Scanning

Port scanning is the process of identifying the opened ports in a host. Hackers exploit these opened ports to breach into a network while security pros try to close the same for safety. There are different types of port scan techniques,

    Ping scan

    UDP

    TCP connect

    Stealth scanning

    TCP half-open

67. What is VPN?

Virtual Private Network (VPN) is a safe private network that would allow employees to connect to their original corporate network even when they are away from their corporate office.

The server believes the employee is accessing the network within the office only but actually he/she is not in that location physically.

VPNs are encrypted and is practiced to avoid data breaches via public networks in cafes, train stations, and airports. Users can view movies, series and other games that are from a different location by using a proxy or VPN.

68. Hacker was able to break into your network using a port and outdated software. What will you do to fix it?

Initially, we need to block the ports that are kept open, followed by that we can either remove that software if is not required or update the software to its secured version by deploying the patches to the devices that have the software.

69. What is an XSS attack?

Cross-Site Scripting (XSS) attacks are malicious scripts that run on a web page injected by hackers to hijack sessions, perform phishing, track cookies, remote code executions and more. XSS attacks can be prevented by validating user inputs, using XSS HTML filters, or by using anti-XSS tools.

70. What is Cyber Espionage?

Cyber espionage is the process of gaining access to sensitive business documents through malicious practices and using the same as an advantage against the company or government agency. Cyber espionage has become prevalent, thanks to the ransomware trends.

71. What is enterprise mobility management?

Organizations need to take care of the roaming devices that either belongs to them or the users, in other words, the BYOD, CYOD, and COPE. When employees are out of the corporate network so does their devices which includes smartphones, tablets, and laptops. Organizations need to manage these roaming devices and users to keep their business-sensitive data secured and safe from any public threats. Additionally, IT departments need to manage these devices from a single console for better efficiency. 

72. How to secure the IoT devices from cyberattacks?

Users need to ensure they have a solid router, that does not compromise on network security. They also need to check for good firewalls and build an IoT customized Wi-Fi network with the right passwords and hosted as WAP2 or WAP3. Above all users need to make sure they have got their IoT devices updated and free from vulnerabilities. Patching the IoT devices can prevent any application-level breaches while the former will help with network-level breaches.

73.Explain about CIS critical security controls?

Centre for Internet Security(CIS) is an organization established by a group of security researchers to make the internet a better place for the end-users. CIS group of researchers have defined 20 critical security controls that are at three different levels. They are,

  •     Basic security controls
  •     Foundation security controls
  •     Organizational security controls

74. What is ransomware, give some examples

Ransomware is a type of malware that encrypts users data, leaves a ransom note requesting a certain amount of ransom to decrypt the data. Ransomware has become very common in recent years, their motive could be to either encrypt and request ransom, encrypt and steal the data, or encrypt and erase the data thus causing havoc to the targeted audience. Examples: WannaCry, Ryuk, NotPetya, SamSam, and GandCrab.

75. How will you increase the security over network browsers?

Browsers are the touchpoints for any digital communication. With so much information being communicated via browsers it's important to establish the right cybersecurity policies for your browsers to keep them safe from cyberattacks like MITD, XSS and remote code execution flaws.

Browsers need to be,

  •     Updated with the right security policies, by channeling the network traffic via the right proxy server.
  •     Defined with browser configurations thus preventing users from visiting malicious and anonymous websites.
  •     Updated with the latest extension and plugin patches.

76. Tell me about Meltdown and Spectre bugs?

Meltdown and Spectre are processor bugs that exploit a speculative execution flaw in the processors that allows hackers and cybercriminals to access sensitive data that is being stored in the cache. Both these bugs were later mitigated when OS manufacturers and AV vendors gave their compatibility patches. The Internet went berserk when these processor bugs were reported on Jan 2018.

77. Explain about automated patch management in detail.

Automated patch management is a process in which the IT admin scans the network for missing patches, identifies the missing patches and downloads them from the vendors websites, test them in a closed environment and later deploy them to the targeted devices based on the criticality of patches by scheduling them according to the convenience of the organization.

78. Explain the difference between penetration tester and vulnerability assessor

Penetration tester tries to break into a network or software to identify potential loopholes associated with that particular entity, however, vulnerability assessor will check for the potential vulnerabilities about the given body alone, unlike the penetration tester where the assessment is done combining all the components of the target environment. A vulnerability assessment will be narrow compared to penetration testing.

79. How to avoid Zero-Day Exploits?

Keeping your applications and devices up-to-date with the latest patches, both security and non-security irrespective of their reason for an update can keep your application and device safe against external threats. Enterprises need to employ an automated patch management procedures to maintain the MS Patch Tuesday updates and third party patches, but updating them with the latest patches may have performance hits in some cases but it is better than to get screwed by cyberthreats.

80. How to secure roaming devices?

Security professionals can use mobile device management (MDM) or unified endpoint management solutions (UEM) to take care of roaming devices even if they are connected to public Wi-Fi's. Organizations can also request their employees to use VPN for safe and secure browsing and business data accessing routines. Sandbox technique that is being implemented in these solutions will help security professionals and IT administrators to secure their corporate data.

81. How will you Secure the USB Devices?

USB devices need to be secured based on how trustworthy they are to the enterprise. IT security professionals need to restrict and allow USB devices based on whether those devices are recognized or not. USB security management can help organizations prevent data leaks, cause havoc through USB sticks, and booby-trapped USB sticks.

82. What is DPO?

Data Protection Officer (DPO) is a new role created as per the norms of the General Data Protection Regulation (GDPR) in the year 2018. The demand for this role is high considering the huge risk associated with it. Data Protection Officer will be the official touchpoint and responsible for all the data that is existing inside any corporate environment. He must be aware of the different types of data collected, their source, why they are being collected, what is the process associated with the data collection, whether users have given their consent for processing the data, and when these data are erased from the organization database.

83. Difference Between threat, Vulnerability, and Risk?

Your organization is exposed to a threat when a malicious actor is trying to leverage a vulnerability existing in a network that was not fixed as there is not a proper identification system to define this as a risk. Another way to explain these three would be, IT security professionals should not risk their network allowing device and applications vulnerabilities to exist as this could cause potential cyber threats.                                                            

84. What is Deception Technology?

Not all attacks can be prevented proactively and that is why an organization additionally need to equip the reactive approach to keep themselves safe against any unforeseen breaches. Deception Technology is a reactive approach where IT security professionals use their skills and tools, to lure hackers into a path that they did not intend to take.

For example, let us assume a hacker is trying to take down a system in the targeted location with its IP address.

85. What is PKI?

Public Key Infrastructure (PKI) is a framework that is compiled of policies, hardware, software, standards, configurations, to facilitate the trust among the entities that are using the data encryption.

Public key encryption is imperative for communication over emails, any sensitive information communicated over an email can be public-key encrypted, thus leaving the receiver with the information that is very much valid and ensuring it has not reached an incorrect inbox. This is because public key encryption work with a digital certificate, even duplication of the key cannot be successful in this case. Public key encryption is for better security and private key encryption are for storage purposes.

86. Name the difference between process, guidelines, and policies?

The process is a step by step procedure where the readers will be shown what to do next, in case of guidelines its little high-level recommendations and suggestions for networks or applications to formulate a strategy or process to implement the same. Policies are the criteria that have to be defined to maintain security and compliance in a network or application. 

87. What is the Zero Trust Network?

Zero trust Network is an evolving framework, where organizations will not trust any device or user so easily, according to this model there will zero trust that will not allow the devices to directly connect with the corporate network unless they verify their identity every time they join the intended network. This Zero Trust is already being implemented in a few fortune 500 companies however, it will take a while before this is being implemented across industries. With the Zero Trust Model, business-sensitive data can stay safe from outside and insider threats.

88. Difference between EU personal data and US personal information?

EU personal data will be a superset for US personal information, as the EU personal data is very vast and it can include anything from data subject's name, age, email, phone number, social security number, country etc however in case of US personal information it does not consider these vast details. Anything that will allow an entity to narrow down and identify the target data subject is personal data. GDPR deals with personal data handling and companies are moving their infrastructure from personal information to personal data handling.

89. Explain the server-client based model?

Server-client based model is composed of two key components server and clients. When one of the machines is hosted as a server, then its clients are generated through these servers and will be deployed to a targeted set of machines. The server will no be able to define settings, policies, configurations and actions to all the clients, or only hand-picked clients which can again be defined based on a workgroup and domains.

Server-client model is mostly used in IT management applications, to facilitate IT administrators to manage, control, monitor, troubleshoot, and update the clients (machines). These clients could be laptops, desktops, smartphones, tablets, IoT devices, virtual machines, hypervisors and more.             

90. What is Steganography?

Steganography is the process of hiding and delivering a message to a receiver without showing any identification for the existence of the message itself is called Steganography. In the case of cryptography, the message will be encrypted but in steganography, the presence of message itself is kept hidden.

91. What privacy features are essential for a VPN?

VPN in recent times come with a lot of features like kill switch, multi-hopping and more for retaining privacy. However, what's often ignored while choosing a VPN is a good logging policy. Many VPNs retain logs of personally identifiable information of the end-user and destroy the mere purpose of using a VPN.

Understanding and analyzing the VPN comparison in general illuminates what types of log tracking are being offered in the market along with their storing mechanisms. Users should make the right call by evaluating the VPN's based on their network demands.

92. What is an Evil Twin?

Evil twin is a fake Wi-Fi access point that appears to be legible network. When users connect to this fake network they accidentally disclose the usernames and passwords, allowing the hacker to access the same later. This is more like a endpoint security, but at the network level, using Wi-Fi replication techniques.

93. What are the different kinds of password cracking techniques?

There are several different sorts of password cracking techniques:

  • Brute Force Attack
  • Hybrid Attack
  • Syllable Attack
  • Rule-Based Attac

93. How can one protect himself from being hacked?

Yes, a computer system or network may be secured against hacking by following these approaches:

  • Updating the operating systems for security updates
  • Formatting any device intended to sell
  • Securing the Wi-Fi with a strong password
  • Using memorable and tough security answers
  • Emailing via a trusted source
  • Not storing any sensitive information on cloud

94.What Do you mean by Phishing?

Ans: Phishing is a form of online scam where an attacker tries to obtain sensitive information such as passwords, passphrases, usernames, and other data by impersonating a legitimate or trustworthy organization. Phishing attacks occur through many digital media such as email, social media, text messages, and even phone calls. 

95. What is a DoS (Denial of Service) Attack?

Ans: A Denial of Service attack, also known as a DoS attack, focuses on shutting down a network and making it inaccessible to its users. It achieves this goal by flooding the target with traffic or sending it information that causes the target to crash.

96. What do you mean by the DHCP Rogue Server?

Ans: A rogue DHCP server is a DHCP server on a network that is no longer under the network staff’s or the administration’s control. It can be a router or model and will offer clients the default gateway, IP addresses, WINS servers, DNS servers, and other facilities.

In this case, if the rogue DHCP server passes information that differs from the real servers, the clients might face network access problems. It can also sniff all the traffic sent by the clients’ other networks and violate network security policies. 

97. What do you Mean by Keylogger Trojan?

Ans: A keylogger trojan or a keylogger virus tracks and logs everything you enter through your keyboard to give the attacker access to your personal data. As it tracks your every keystroke, the attacker can use its data to find your username and password. Keylogger Trojans are available for all kinds of computer devices including laptops, smartphones, and PCs. 

98. What is network security, and what are the types of network security?

Network security is basically a set of rules and configurations designed to protect the confidentiality, accessibility, and integrity of computer networks and data using software or hardware technologies. Types of network security include:

  • Network access control: In order to avoid attacks and infiltrations into the network, network access control policies are in place for the most granular level of users and devices. For example, authorization to access network and confidential files may be assigned and regulated when required.
  • Anti-Virus & Anti-Malware Software: Antivirus and antimalware software are used to analyze continually and protect against viruses, malicious softwares, ransomware, worms, and Trojans.
  • Virtual private networks(VPNs): VPN forms a network connection from other endpoints or sites. For example, a work-from-home employee uses a VPN to connect to the network of the organization. The user would require authentication to authorize this communication. It encrypts the data between the two points.
  • FireWalls Protection: Firewall will act as a barrier between the internal network and an unreliable external network. Administrators may configure a set of rules for allowing traffic over the network.

99. What does an SQL injection attack mean?

SQL injection is a way to hack a Web application. In this method, the attacker runs malicious SQL commands to gain control over the database server. Attackers are using SQL vulnerabilities to recover or change SQL data.

Types of SQL injections are as follows:

  • Blind SQL injection
  • Error-based SQL injection
  • Time-based SQL injection

100. Describe how you can prevent Hacking of your Website?

By adopting the following method, we can prevent our website from being hacked:

  • Validation and verification of user input: This approach prevents form tempering by verification and validation of user input prior to accessing it. 
  • Validating and Sanitizing user parameters: We can reduce the chances of being attacked by SQL injection by Sanitizing and validating user settings prior to submission to the database.
  • Sanitizing and Validating headers: This technique is used against the cross-site or XSS script. This technique involves the Validating and Sanitizing of headers, of passed parameters, through the URL, form settings, and hidden values to minimize XSS attacks.
  • Using Firewall: The firewall may be used to remove traffic of a suspicious IP address if the attack is simply a DOS.
  • Encryption of Cookies: A cookie or session poisoning can be avoided by encrypting the cookies contents, combining the cookies with the customer's IP address, and synchronizing the cookies after a certain time.