Interview

Question 1

IPS vs IDS

Answer 1

IPS = Intrusion Prevention System
IDS = Intrusion Detection System

IDS only detects intrusion and leaves the rest to admin, whereas IPS will detect intrusion and take further action to prevent intrusion.

Question 2

Explain Risk, Vulnerability & Threat

Answer 2

Vulnerability- Potential weakness in security system.

Threat- Likelihood of a given attack or attacker trying to exploit a weakness.

Risk- Combined measure of vulnerability, threat, and impact.

Impact - Consequences of an attack

Question 3

Asymmetric vs Symmetric Encryption and which is better?

Answer 3

Symmetric Encryption uses the same key for both encryption and decryption while asymmetric uses different keys.

Symmetric is faster but key needs to be transferred over an unencrypted channel and is less secure.

Hybrid is best approach

Question 4

Encryption vs Hashing

Answer 4

Encryption is reversible, whereas hashing is irreversible.

Encryption ensures confidentiality
Hashing ensures Integrity

Question 5

Black Hat vs White Hat vs Grey Hat hacker

Answer 5

Black Hat hacker hacks without authority

White Hat- Those authorized to perform a hacking attempt under signed NDA.

Grey Hat - White Hat hacker who sometimes performs unauthorized activities

Question 6

What is a firewall?

Answer 6

A device that allows or blocks traffic as per defined set of rules. These are placed on the boundary of trusted and untrusted networks

Question 7

How do you keep yourself updated with information security news?

Answer 7

The hacker news

Threatpost

Pentest Mag

Question 8

What is CIA Triad?

Answer 8

Main mission of cybersecurity

Confidentiality- Only authorized users and processes should be able to access or modify data

Integrity- Data should be maintained in a correct state and shouldn’t be able to be improperly modified, whether maliciously or accidentally

Availability- Authorized users should be able to access data at any time

Question 9

RMF steps

Answer 9

0 -Prepare
1 - Categorize
2 - Select
3 - Implement
4 - Assess
5 - Authorize
6 - Monitor

Question 10

HIDS vs NIDS

Which is better and why?

Answer 10

HIDS - Host Intrusion Detection System

NIDS - Network Intrusion Detection System

For an enterprise, NIDS is preferred as HIDS is difficult to manage. It alsonconsumes processing power of the host.

Question 11

What is port scanning?

Answer 11

Process of sending messages in order to gather information about network, system etc. By analyzing the response received

Question 12

What is a security misconfiguration?

Answer 12

A vulnerability when a device/application/network is configured in a way that can be exploited by an attacker to take advantage of it.

This can be as simple as leaving the default username/password unchanged or too simple for device accounts

Question 13

What is CSRF?

Answer 13

Cross Site Request Forgery

A web application vulnerability in which the server does not check whether the request came from a trusted client or not.

The request is processed directly

Question 14

What is XSS and how will you mitigate it?

Answer 14

Cross Site Scripting

A Javascript vulnerability in the web applications

A client side injection attack where the attacker aims to execute malicious scripts in the victims browser

Manual test and ensure that input fields don’t test unvalidated user input. Apply proper input/output encoding.