1. What is Cyber Security? Or Define Cyber Security? And why it is important?
Cyber Security is the system of protecting computer software, hardware and data from threats that can lead to unauthorised access, theft or damage of hardware, software and data.
2. What is firewall?
A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted network, such as the Internet.
3. What is CIA Triad?
The CIA triad is a framework that combines three key principles of information security – Confidentiality, Integrity and Availability. Confidentiality is limiting data access. Integrity is ensuring data is accurate and Availability is making sure it is accessible to only authorised ones.
4. What is VPN?
Virtual private network is a network architecture for virtually extending a private network across one or multiple other networks which are either untrusted or need to be isolated.
5. Explain SSL and TSL?
SSL is Secure Socket Layer and TSL is Transport Socket Layer. SSL, It is a protocol that allows computer systems to communicate with each other over internet safely. It provides privacy, authentication and integrity to internet communication. TSL is the most widely used protocol for implementing cryptography on the web. TLS uses a combination of cryptographic processes to provide secure communication over a network.
6. Define SSL Encryption?
SSL is standard technology for securing an internet connection by encrypting data sent between a website and a browser or between two servers.
7. Explain Encryption and decryption?
Encryption is a process by which a readable message is converted to an unreadable form to prevent unauthorised parties from reading it. Decryption is a process of converting encrypted data or information to its original readable form.
8. Explain Symmetric and asymmetric encryption?
Symmetric encryption involves using a single key to encrypt and decrypt data, while asymmetric encryption uses two keys- one public and one private key to encrypt and decrypt data.
9. What is difference between Proxy and Firewall?
A Proxy server is a system that acts as a gateway between the user who wants to access information from web and the internet. It prevents cyber attacks entering the private network.
A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted network, such as the Internet.
10. What is difference between HTTP and TCP/IP?
TCP/IP is a two layer protocol, with transport layer responsible for end to end communication and the internet layer (IP) accountable for routing packets from the host to host.
11. What is cryptography?
Cryptography is the process of hiding or coding the information so that only the intended person can read the message.
12. Explain what are different types of cyber attacks?
Different types of cyber attacks are –
- Phishing -Phishing is a form of social engineering and a scam where attackers deceive people into revealing sensitive information or installing malware such as viruses, worms, adware, or ransomware.
- Malware – Malware is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user’s computer security and privacy
- Ransomware – Ransomware is a type of malware that permanently blocks access to the victim’s personal data unless a “ransom” is paid. While some simple ransomware may lock the system without damaging any files, more advanced malware uses a technique called cryptoviral extortion.
- Password Attack – password cracking is the process of guessing passwords protecting a computer system. A common approach is to repeatedly try guesses for the password and to check them against an available cryptographic hash of the password.
- Man in the Middle Attack – In cryptography and computer security, a man-in-the-middle(MITM) attack, or on-path attack, is a cyberattack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other, as the attacker has inserted themselves between the two user parties.
- SQL Injection Attack – SQL injection is a code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution.
- Denial of Service Attack – a denial-of-service attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to a network.
- Brute force attack – a brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correct one is found.
- IOT Based Attack – An IoT attack is a type of cyber attack that targets the vulnerabilities of smart devices and applications connected to the internet, allowing attackers to gain unauthorized access, steal data or cause damage to the devices
- Code Injection Attack – Code injections are a class of computer security exploits in which a vulnerable computer program misinterprets external data as part of its code. An attacker thereby “injects” code into the program, changing the course of its execution.
13. Explain difference between Treat, Vulnerability and Risk?
Treat refers to the malicious act that seeks to steal or damage the data that can have negative consequence on the organisations or person’s data.
Vulnerability, refers to the flaw in the system design that can exploit the system and is prone to attacks by cyber criminals.
Risks, is a potential consequence of loss of data caused by cyber attacks.
14. What is phishing?
Phishing is a form of social engineering and a scam where attackers deceive people into revealing sensitive information or installing malware such as viruses, worms, adware, or ransomware.
15. Difference between hashing and encryption?
Code injections are a class of computer security exploits in which a vulnerable computer program misinterprets external data as part of its code. An attacker thereby “injects” code into the program, changing the course of its execution.
16. What is three way handshake?
A ‘Three-Way Handshake’ is a special sequence of three TCP segments exchanged between a client and a server to establish an end-to-end connection over an unreliable IP network, ensuring both hosts are aware of the connection status before data transfer begins.
The three-way handshake involves the following three steps: Synchronize (SYN), Synchronize – acknowledge (SYN-ACK) and Acknowledge (ACK).
17. What is penetration testing?
A penetration test, colloquially known as a pentest, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system; this is not to be confused with a vulnerability assessment. The test is performed to identify weaknesses (or vulnerabilities), including the potential for unauthorized parties to gain access to the system’s features and data, as well as strengths, enabling a full risk assessment to be completed.
18. Explain OSI model?
The OSI (Open Systems Interconnection) Security Architecture defines a systematic approach to providing security at each layer. It defines security services and security mechanisms that can be used at each of the seven layers of the OSI model.
- Physical Layer
- Data Link Layer
- Network Layer
- Transport Layer
- Session Layer
- Presentation Layer
- Application Layer
19. What is port scanning?
A port scan is a common technique hackers use to discover open doors or weak points in a network.
20. Define DNS?
A Domain Name System (DNS) turns domain names into IP addresses, which allow browsers to get to websites and other internet resources. Every device on the internet has an IP address, which other devices can use to locate the device.
21. Define traceroute?
Traceroute and tracert are diagnostic command-line interface commands for displaying possible routes and transit delays of packets across an Internet Protocol network. The command reports the round-trip times of the packets received from each successive host along the route to a destination.
22. Explain XSS types?
Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected in to otherwsie benign and trusted websites. There are three main types of XSS attacks. These are: Reflected XSS, where the malicious script comes from the current HTTP request. Stored XSS, where the malicious script comes from the website’s database. DOM-based XSS, where the vulnerability exists in client-side code rather than server-side code.
23. Define term Virus, Malware and Ransomware?
A virus is a malicious piece of code–a form of malware that attaches itself to files, such as email attachments. Malware is any software used to gain unauthorized access to IT systems in order to steal data, disrupt system services or damage IT networks in any way. Ransomware is a type of malware identified by specified data or systems being held captive by attackers until a form of payment or ransom is provided.
24. What is 2FA (Two factor authentication)?
Two-factor authentication (2FA) is an identity and access management security method that requires two forms of identification to access resources and data. 2FA gives businesses the ability to monitor and help safeguard their most vulnerable information and networks.
25. Difference between IDS and IPS?
As IDS is designed to identify the anomalies in the systems and provide alerts to take further action on it. It is also called as passive system whereas IPS takes preventive actions to block the potentials attacks on the system. It is also called as active system.
26. Explain SQL Injection?
SQL injection is a code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution.
27. What is Ethical Hacking?
Ethical Hacking is the use of hacking technique in an authorized way to gain unauthorized access to computer, systems, devices or applications and actions of malicious attackers. This practice helps prevent potential attacks.