Interview Flashcards

1
Q

IPS vs IDS

A

IPS = Intrusion Prevention System
IDS = Intrusion Detection System

IDS only detects intrusion and leaves the rest to admin, whereas IPS will detect intrusion and take further action to prevent intrusion.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Explain Risk, Vulnerability & Threat

A

Vulnerability- Potential weakness in security system.

Threat- Likelihood of a given attack or attacker trying to exploit a weakness.

Risk- Combined measure of vulnerability, threat, and impact.

Impact - Consequences of an attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Asymmetric vs Symmetric Encryption and which is better?

A

Symmetric Encryption uses the same key for both encryption and decryption while asymmetric uses different keys.

Symmetric is faster but key needs to be transferred over an unencrypted channel and is less secure.

Hybrid is best approach

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Encryption vs Hashing

A

Encryption is reversible, whereas hashing is irreversible.

Encryption ensures confidentiality
Hashing ensures Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Black Hat vs White Hat vs Grey Hat hacker

A

Black Hat hacker hacks without authority

White Hat- Those authorized to perform a hacking attempt under signed NDA.

Grey Hat - White Hat hacker who sometimes performs unauthorized activities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a firewall?

A

A device that allows or blocks traffic as per defined set of rules. These are placed on the boundary of trusted and untrusted networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How do you keep yourself updated with information security news?

A

The hacker news

Threatpost

Pentest Mag

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is CIA Triad?

A

Main mission of cybersecurity

Confidentiality- Only authorized users and processes should be able to access or modify data

Integrity- Data should be maintained in a correct state and shouldn’t be able to be improperly modified, whether maliciously or accidentally

Availability- Authorized users should be able to access data at any time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

RMF steps

A

0 -Prepare
1 - Categorize
2 - Select
3 - Implement
4 - Assess
5 - Authorize
6 - Monitor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

HIDS vs NIDS

Which is better and why?

A

HIDS - Host Intrusion Detection System

NIDS - Network Intrusion Detection System

For an enterprise, NIDS is preferred as HIDS is difficult to manage. It alsonconsumes processing power of the host.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is port scanning?

A

Process of sending messages in order to gather information about network, system etc. By analyzing the response received

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a security misconfiguration?

A

A vulnerability when a device/application/network is configured in a way that can be exploited by an attacker to take advantage of it.

This can be as simple as leaving the default username/password unchanged or too simple for device accounts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is CSRF?

A

Cross Site Request Forgery

A web application vulnerability in which the server does not check whether the request came from a trusted client or not.

The request is processed directly

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is XSS and how will you mitigate it?

A

Cross Site Scripting

A Javascript vulnerability in the web applications

A client side injection attack where the attacker aims to execute malicious scripts in the victims browser

Manual test and ensure that input fields don’t test unvalidated user input. Apply proper input/output encoding.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly