Upgrade to remove ads
Only $35.99/year

Interview

Terms in this set (39)

What is symmetric and asymmetric encryption?
A: symmetric encryption us single key for both encryption and decryption is faster performance (DES 3DES AES) Asymmetric uses different keys for encryption and decryption is slow due to computation. (DIFFIE-HELLMAN RSA)
What is the CIA Triad?
A - provide bassline standard for information security for the systems in the organization. (Confidentiality Integrity availability)
What is the difference between IPS and IDS system?
A: IDS just detect the intrusion for evaluation. IPS detects the intrusion and takes necessary action to further prevent intrusion
What is SSL?
A: Secure Socket Layer is a protocol which enable safe conversation between two parties and with the combination of HTTPS provides safer web browsing experience with encryption
What is DDoS attack?
A: Distribution denial of service When a network is flooded with large number of requests which is not recognized and makes the server unavailable.
What is the Black hat, white hat and grey hat hackers?
A: Black hat hackers are those who hack without authority. White hat hackers discovers a vulnerability, they will exploit it only with permission and not tell others about it until it has been fixed. Grey hat violate laws or typical ethical standards, but usually does not have the malicious intent typical o
What is the difference between penetration testing and software testing?
A: Pen is to help identify and address the security vulnerabilities. Software testing focuses on the functionality of the software and not the security aspect.
What is tracert/Traceroute?
A: It helps identify where the connection stops or get broken whether it is firewall, ISP, router etc.
What do you know about Cyber Security Frameworks?
A: It is guidelines for organizations to better manage and reduce cyber risk Frameworks such as ISO 27001 NIST PCI DDS
What is Man in the Middle Attack?
A: Someone is impersonating the endpoint in an online information exchange
What is Cross Site Scripting or XSS?
A: Client-side code injection attack where attacker can execute malicious into web application or website. Occurs when web application make use of unvalidated or unencoded user input.
What is ARP (Address Resolution Protocol)
A: When an incoming packet destined for a host machine and arrives at a gateway and the gateway ask ARP to find a physical host or MAC address that matches the IP address
What is BGP?
A: refers to a gateway protocol that enables the internet to exchange routing information between autonomous systems
What is pharming?
A: cyberattack intended to redirect a website's traffic to another, fake site by installing a malicious program on the computer.
What is Spoofing?
A: Spoofing is the act of disguising a communication from an unknown source as being from a known, trusted source. Spoofing can apply to emails, phone calls, and websites, or can be more technical, such as a computer spoofing an IP address, Address Resolution Protocol (ARP), or Domain Name System (DNS) server.
hackers and attackers of all types imitate people, companies and even computers with the intent to trick people into giving up personal information in order to gain access to something valuable.
What is Vishing?
A: Vishing is short for "voice phishing," which involves defrauding people over the phone, enticing them to divulge sensitive information.
What is Whaling?
A: Whaling is a type of phishing attack specifically aimed at a high-profile target, like a senior executive or a high-ranking government official.
What is SMTP?
A: SMTP stands for Simple Mail Transfer Protocol, and it's an application used by mail servers to send, receive, and/or relay outgoing mail between email senders and receivers.
What is RDP?
A: RDP (Remote Desktop Protocol) is a network communications protocol developed by Microsoft, which allows users to connect to another computer from a remote location.
What is TCP?
A: Transmission Control Protocol a communications standard that enables application programs and computing devices to exchange messages over a network.
Do you know Splunk?
A: it is a SIEM system that makes use of machine-generated data to get operational insights into threats, vulnerabilities, security technologies, and identity information.
What is Smishing?
A: the fraudulent practice of sending text messages purporting to be from reputable companies in order to induce individuals to reveal personal information,
What is Metasploit?
A: that provides information about security vulnerabilities and aids in penetration testing
What is Wireshark
Wireshark is a packet sniffer and analysis tool. It captures network traffic
Do you have significant knowledge of the OWASP top 10 vulnerabilities and how to mitigate those vulnerabilities?
#1) Injection- Injection occurs when data is inserted into a program from an untrusted source because of the lack of input validation
Do you have significant knowledge of the OWASP top 10 vulnerabilities and how to mitigate those vulnerabilities?
#2) Broken Authentication - session management and credential management. These two are classified as broken authentication because either of these two can be used to hijacked session IDs or can steal login credentials.
Do you have significant knowledge of the OWASP top 10 vulnerabilities and how to mitigate those vulnerabilities?
#3) Sensitive Data Exposure - This is also known as information disclosure or information leakage. This usually occurs when an application or website unknowingly discloses sensitive data to users who do not have the privilege of view or access.
Do you have significant knowledge of the OWASP top 10 vulnerabilities and how to mitigate those vulnerabilities?
#4) XXE Injection - This is an attack against a web application that parses XML* input. This input can reference an external entity, attempting to exploit a vulnerability in the parser.
Do you have significant knowledge of the OWASP top 10 vulnerabilities and how to mitigate those vulnerabilities?
#5) Broken Access Control - Access control refers a system that controls access to information or functionality. Broken access controls allow attackers to bypass authorization and perform tasks as though they were privileged users such as administrators.
Do you have significant knowledge of the OWASP top 10 vulnerabilities and how to mitigate those vulnerabilities?
#6) Security Misconfiguration - Security misconfiguration is the most common vulnerability on the list, and is often the result of using default configurations or displaying excessively verbose errors. For instance, an application could show a user overly-descriptive errors which may reveal vulnerabilities in the application.
Do you have significant knowledge of the OWASP top 10 vulnerabilities and how to mitigate those vulnerabilities?
#7) Cross-Site Scripting - Cross-site scripting vulnerabilities occur when web applications allow users to add custom code into a url path or onto a website that will be seen by other users. This vulnerability can be exploited to run malicious JavaScript code on a victim's browser. For example, an attacker could send an email to a victim that appears to be from a trusted bank
Do you have significant knowledge of the OWASP top 10 vulnerabilities and how to mitigate those vulnerabilities?
#8) Insecure Deserialization - This threat targets the many web applications which frequently serialize and deserialize data. Serialization means taking objects from the application code and converting them into a format that can be used for another purpose, such as storing the data to disk or streaming it. Deserialization is just the opposite: converting serialized data back into objects the application can use. Serialization is sort of like packing furniture away into boxes before a move, and deserialization is like unpacking the boxes and assembling the furniture after the move. An insecure deserialization attack is like having the movers tamper with the contents of the boxes before they are unpacked.
Do you have significant knowledge of the OWASP top 10 vulnerabilities and how to mitigate those vulnerabilities?
#9) Using Components with Known Vulnerability - Many modern web developers use components such as libraries and frameworks in their web applications. These components are pieces of software that help developers avoid redundant work and provide needed functionality; common example include front-end frameworks like React and smaller libraries that used to add share icons or a/b testing. Some attackers look for vulnerabilities in these components which they can then use to orchestrate attacks.
Do you have significant knowledge of the OWASP top 10 vulnerabilities and how to mitigate those vulnerabilities?
#10) Insufficient Logging & Monitoring - Many web applications are not taking enough steps to detect data breaches. The average discovery time for a breach is around 200 days after it has happened. This gives attackers a lot of time to cause damage before there is any response. OWASP recommends that web developers should implement logging and monitoring as well as incident response plans
What is a Brute Force Attack and how to prevent it?
Is a way to find out the right credentials repetitively and trying all different type of combinations. To prevent set a limit of fail login attempt and password complexity
What is a Botnet?
A Botnet is a number of devices connected to the internet where each device has one or more bots running on it. The bots on the devices and malicious scripts used to hack a victim. Botnets can be used to steal data, send spams and execute a DDOS attack.
Tell me about yourself
...
Why do you want to leave your current position and want to get into CYBER?
I want to continue building my IT career in put my focus more into the cyber field of my interest and want to also obtain cyber certificates
What has been your biggest Challenge ?
My biggest challenge was Covid 19 since we had to prepare multiple laptops and mobile devices the whole agency. The preparation was small scale of time period and had to made sure the devices was in compliance and had the protection. We also had to assist multiple users for the first few months since the navigations was different due to different setting using certain applications.
Sets with similar terms