It is a hacking method that makes use of trial and error to
break encryption keys, passwords, and login credentials.
It is a straightforward but effective strategy for
unauthorized access to user accounts, company
systems, and networks.
3. www.infosectrain.com | sales@infosectrain.com 03
1 Differentiate between Hashing & Salting?
Interview
Questions
Hashing is a one-way technique; data is confined to a
fixed-length value and is mainly used for authentication.
Hashing
Hashing requires an additional step called salting, which
gives passwords that modify the generated hash value
more excellent value.
Salting
4. www.infosectrain.com | sales@infosectrain.com 04
2 SSL vs. HTTPS: which one is more secure?
Hypertext Transfer Protocol Secure is what HTTPS stands
for, and it is the fundamental Internet protocol used by
websites on browsers. The secure variant of the HTTP
protocol is HTTPS, and all data transferred using the
protocol is entirely safe because it is encrypted.
Secure socket layers are referred to as SSL. The
encryption of the Internet security protocol is done by SSL,
which is essentially a component of the HTTPS protocol.
Data integrity, confidentiality, and availability to only
authorized users are its responsibilities.
3 What is a Brute Force Attack?
It is a hacking method that makes use of trial and error to
break encryption keys, passwords, and login credentials.
It is a straightforward but effective strategy for
unauthorized access to user accounts, company
systems, and networks. Until they discover the correct
login information, the hacker tries a variety of usernames
and passwords, frequently utilizing a computer to test a
wide range of combinations.
“Brute Force” refers to attacks that utilize excessive force
to obtain user accounts. Despite being a tried-and-true
type of hacking, brute force attacks continue to be a
favorite among hackers.
5. 4 What do you mean by risk, vulnerability, and
threat in a network?
Antivirus software detects, stops and removes viruses
from a computer. After installation, most antivirus
programs run in the background to provide real-time
protection against Cyberattacks.
www.infosectrain.com | sales@infosectrain.com 05
An organization’s risk profile changes as a result of
internal and external environmental factors. It takes into
account the possibility or potential of a harmful
occurrence and the possible effects that event might
have on your infrastructure.
Risk
Your surroundings and your assets have weak points, or
vulnerabilities, making you more vulnerable to threats
and higher risk. And unfortunately, a company may have
thousands, sometimes even millions, of openness, and it
is impossible to fix them all.
Vulnerabilities
6. www.infosectrain.com | sales@infosectrain.com 06
5 What do “white hat,” “black hat,” and “grey hat”
hackers mean?
Antivirus software detects, stops and removes viruses
from a computer. After installation, most antivirus
programs run in the background to provide real-time
protection against Cyberattacks.
The Cybersecurity landscape is disrupted by an endless
stream of potential threats, ranging from Ransomware
that locks up your systems and malware that inserts
deadly executables into your software. All of these
dangers search for a way in and a weakness in your
environment that they may take advantage of.
Threats
assist authorities, businesses, security agencies, and
individual users. They are typically employed by a
company that requires them to monitor potential
exposure locations.
White hat hackers
7. 6 What is Cognitive Cybersecurity?
The concept of cognitive Cybersecurity is to use artificial
intelligence to enhance digital security systems. AI in
security is anticipated to significantly improve
comprehensive security in systems currently exposed to
various risks from hackers and other malicious attackers.
are dishonest people who employ hacking techniques to
get consumer data, business trade secrets, government
secrets, and any other information they may use for
harm.
www.infosectrain.com | sales@infosectrain.com 07
Black hat hackers
are unaware that security and hacking are rarely
black-and-white issues. Grey hat hackers embrace a
more complex world by combining “good” and “evil.” For
just this reason, some people use them.
Grey hat hackers
8. 7 What is a phishing attack and how can it be
prevented?
The fraudulent use of electronic communications to trick
and exploit users is known as phishing. Phishing attacks
aim to obtain private information such as usernames,
passwords, credit card numbers, login credentials for
networks, and more. Cyber attackers employ social
engineering to trick victims into taking specified actions,
including clicking on a harmful link or attachment or
willingly disclosing sensitive information by assuming the
identity of a trustworthy person or organization over the
phone or via email.
www.infosectrain.com | sales@infosectrain.com 08
Know what a phishing scam looks like.
Don’t click on that link.
Get free anti-phishing add-ons.
Don’t provide your information to an untrusted website.
Change passwords regularly
Prevention tips:
9. www.infosectrain.com | sales@infosectrain.com 09
8 How will you stay current on the latest
Cybersecurity news?
Follow security professionals’ blogs and news sites.
9 How do you define compliance in terms of
Cybersecurity?
Cybersecurity compliance is an organizational risk
management strategy that complies with pre-
established security controls and safeguards about the
administrational procedures used to maintain data
confidentiality. Determining and accomplishing IT goals
as well as reducing threats through methods like
vulnerability management, are all made easier with its
assistance.
Search social media for subjects relating to security.
Examine advisory websites, and vulnerability alert feeds.
Observe live Cybersecurity events
10. 10 What does a Cybersecurity risk assessment
require?
Assessing the risks associated with assets that
Cyberattacks might impact is known as Cybersecurity
risk assessment. You have to recognize internal and
external threats, determine how they might affect issues
like data availability, confidentiality, and integrity, and
calculate the costs associated with experiencing a
Cybersecurity catastrophe. Using the information
supplied, you can adjust your Cybersecurity and data
protection controls to fit the actual level of risk tolerance
for your organization.
11 What is BIOS?
BIOS is a ROM chip found on all motherboards that allows
you to access and configure your computer system at
the most basic level. Phoenix is an excellent example of a
BIOS manufacturer.
12 What is RDP or Remote Desktop Protocol?
The Microsoft RDP (Remote Desktop Protocol) protocol
was created to secure and encrypt application data
transfers between client devices, users, and a virtual
network server.
www.infosectrain.com | sales@infosectrain.com 10
11. www.infosectrain.com | sales@infosectrain.com 11
14 Differentiate between the Red team and the
Blue team?
An attacker who takes advantage of security gaps in a
company is known as a” red team.”
A defense that spots vulnerabilities and fixes them to
prevent successful intrusions is known as the “blue
team.”
Red teams are offensive security specialists specializing
in defending defenses and attacking systems. Defensive
security experts on blue teams keep internal network
13 What are the many indicators of compromise
(IOC) that organizations need to keep an eye on?
Unusual Outbound Network Traffic
HTML Response Sizes
Geographical Irregularities
Increases in Database Read Volume
Log-In Red Flags
Unexpected Patching of Systems
12. www.infosectrain.com | sales@infosectrain.com 12
defenses up to date against all Cyberattacks and threats.
To evaluate the efficacy of the network’s security, red
teams simulate attacks against blue teams. These red
and blue team exercises offer a comprehensive security
approach that ensures substantial barriers while keeping
an eye on changing threats.
15 Describe MITM attacks and how to avoid them?
Use VPN
Utilize powerful WEP/WPA encryption.
Detect intrusions using IDS
Require HTTPS
Based on Public Key Pair Authentication
The following procedures can help you avoid
MITM attacks:
Man-in-the-Middle” (MITM) attack occurs when a hacker
inserts himself into the middle of a conversation between
two people to acquire their data.
13. www.infosectrain.com | sales@infosectrain.com 13
16 What is an ARP?
The Address Resolution Protocol (ARP) is a
communication protocol used to identify the link-layer
address, like a MAC address, connected to a particular
internet layer address, which is commonly an IPv4
address. An essential part of the Internet protocol suite is
this mapping. RFC 826, which defines Internet Standard
STD 37, defined ARP in 1982.
Numerous network and data link layer technologies,
including IPv4, Chaosnet, DECnet, and Xerox PARC
Universal Packet, have been used to implement ARP.
17 Describe System hardening?
System hardening generally refers to a collection of tools
and approaches for managing vulnerabilities in an
organization’s systems, applications, firmware, and other
areas. System hardening reduces security risks by limiting
potential attacks and shrinking the system’s attack
surface.
Database hardening
Operating system hardening
The following are the various types of system
hardening:
14. www.infosectrain.com | sales@infosectrain.com 14
18 Why is accessing free WiFi dangerous?
Hackers are drawn to free WiFi hotspots for the same
reasons that customers are; primarily, the lack of
authentication needed to establish a network
connection. As a result, the hacker has a fantastic
opportunity to gain unrestricted access to unprotected
devices connected to the same network.
The capacity of the hacker to place himself between you
and the connection point poses the biggest threat to the
security of free WiFi. You communicate with the hacker,
who would then pass the information to the hotspot
rather than the hotspot directly.
Application hardening
Server hardening
Network hardening
15. www.infosectrain.com | sales@infosectrain.com 15
19 What is HIDS?
Host-based intrusion detection system (HIDS) is a device
that keeps track of activities on a computer system on
which it has been placed to spot intrusions and misuse.
Then it logs the actions and alerts the appropriate
authorities. A HIDS can be compared to an agent that
checks to see if anything or anyone, internal or external,
has violated the system’s security policy.
20What is NIDS?
An organization can monitor its cloud, on-premise, and
hybrid systems for suspicious occurrences that can point
to a compromise with the aid of a network-based
intrusion detection system. This includes
communications with unknown sources and destinations,
port scanning, and policy infractions.
21 What is the difference between information
protection and information assurance?
Information assurance, or IA, ensures and controls the
risks associated with sensitive data while it is being sent,
processed, and stored. Data protection in the system’s
integrity, availability, authenticity, non-repudiation, and
confidentiality is the primary goal of information
16. www.infosectrain.com | sales@infosectrain.com 16
22 How frequently should patch management
be done?
When a patch is released, it should be managed. When a
patch for Windows is released, it should be installed on all
devices no later than one month later. The same would
be valid for network devices; patch them as soon as they
are available. Patch management procedures should be
followed.
assurance. It includes physical approaches in addition to
digital measures for data protection.
On the other hand, information security is a practice that
involves reducing information risks to secure information.
Typically, it reduces the risk of data theft or other unlawful
uses, as well as the destruction, discovery, modification,
inspection, or recording of sensitive data. It entails taking
steps to avoid such occurrences. Information security’s
primary goal is to secure data while retaining its
confidentiality, integrity, and availability against
Cyberattacks and hackers.
17. www.infosectrain.com | sales@infosectrain.com 17
23 What is SQL Injection, and how to prevent it?
An injection attack known as SQL Injection (SQLi) enables
the execution of malicious SQL commands. These
commands manage a database server in front of a web
application. SQL Injection vulnerabilities allow attackers to
get around application security safeguards. The entire
content of a SQL database can be retrieved by getting
past authentication and authorization of a web page or
online application. They can also add, alter, and delete
records in the database using SQL Injection.
Use prepared statements
Use Stored Procedures
Validate user input
You can prevent SQL Injection attacks by using
the following practices: