Interview Questions Flashcards
What is the difference between encryption and hashing?
Main idea of encryption is to protect the confidentiality of data.
- Only person with the encryption key can access.
- Good for web traffic, email, data storage
Main idea of hashing is to protect the integrity of data
- Good for passwords
What is the difference between home network and home lab?
Home Network - daily use, plug and play devices
Home Lab - learning, testing, and experimenting
What is the OSI model?
- Physical Layer - Transmits raw bit stream over the physical medium
- Data Link Layer - Defines the format of data on the network
- Network Layer - Physical path the data will take
- Transport Layer - TCP and UDP
- Session Layer - maintaining connections
- Presentation Layer - Ensure that data is in usable format and where encryption is
- Human computer interaction
Provides a method of computing and networking communication. Used to help identify and deal with issues regarding out devices
Which is more secure, open or closed source?
It depends
- Open source maybe if your network is on the public and you want everyone helping you fix it
- Closed source maybe if you are a nation state and want to protect your zero-day attack
What is the best security framework?
It Depends:
NIST
What is the primary goal of IT security?
Protect business assets which include:
- Customers and their data
- Company secrets
Where do you get your IT/Cyber news?
What is a risk? what is a threat? what is a vulnerability?
Risk:
- Potential loss of damages
Threat:
- Anything that can explot a vulnerability to cause harm, hackers, insiders, malware
Vulnerability:
- a weakness in your system
Should you compress or encrypt first?
Compress then encrypt
- Compression looks at repeating patterns to reduce size, encrypting data is random
- Compression reduces the size and making it faster to encrypt
What is the difference between TCP and UDP?
TCP tries to establish a connection first, typically used in messaging apps
UDP is a connectionless, you would typically use this for videos, streaming,
What is the difference between symmetric and asymmetric encryption?
Symmetric: One key for both encryption/decryption (faster).
Asymmetric: Public key encrypts, private key decrypts (used in SSL, email).
How does hashing differ from encryption?
Hashing: One-way, fixed output (e.g., SHA-256), used for integrity.
Encryption: Two-way, reversible if you have the key.
What is MFA? and why is it important?
Requires two or more types of authentication:
Something you know (password)
Something you have (phone)
Something you are (fingerprint)
Adds an extra layer of security.
What are common types of malware and how do they differ?
Virus: Needs a host file.
Worm: Spreads without help.
Trojan: Disguised as legit software.
Ransomware: Locks data until paid.
Spyware: Secretly monitors activity.
What is a port number? Give examples of common ones.
Port = logical endpoint for communication.
Ex: 80 (HTTP), 443 (HTTPS), 22 (SSH), 53 (DNS).
What’s the purpose of ARP?
ARP maps IP addresses to MAC addresses on a local network.
- What is the OSI Model?
7-layer model to explain network communication.
Layers: Please Do Not Throw Sausage Pizza Away
Physical, Data Link, Network, Transport, Session, Presentation, Application.
What is a VLAN and why is it used?
VLAN = Virtual LAN. Separates networks logically on the same physical switch.
Improves security and traffic management.
If a user reports slow network performance, how would you investigate?
Check system performance (CPU, RAM).
Use tools like ping or traceroute.
Look at firewall/router logs.
Rule out malware or unusual traffic.
How would you secure a public Wi-Fi network in a small office?
Use WPA3 encryption.
Disable SSID broadcast.
Isolate guest and internal networks.
Use a firewall and VLANs.
Enable client isolation.
What is Wireshark and what can it be used for?
A network protocol analyzer.
It captures and inspects packet-level data to diagnose issues or investigate traffic.
Have you used any vulnerability scanning tools (e.g., Nessus)?
(If no): I’ve reviewed how scanners like Nessus and OpenVAS work and can identify unpatched systems.
What is ARP Poisoning?
ARP Poisoning (also called ARP Spoofing) is an attack where the attacker sends fake ARP messages to a network, tricking devices into thinking the attacker’s machine is the default gateway or another trusted device.
What is SQL Injection?
SQL Injection is a web application attack where the attacker inserts malicious SQL commands into an input field to manipulate or access a database.
