OasisInterview

Question 1

What is CSRF?

Answer 1

Cross site request forgery is a web application vulnerability where the server does not check whether the request comes from a trusted client or not. The request is processed directly.

Question 2

What is security misconfiguration?

Answer 2

Security misconfiguration is a vulnerability when a device/application/network is configured in a way which can be exploited by an attacker to take advantage of it. This can be leaving the default username/password unchanged or too simple for device accounts etc.

Question 3

Definitions of black hat, white hat and grey hat hacker

Answer 3

Black hat: hack without authority.
White hat: authorized to perform hacking
Grey hats: white hat who sometimes perform unauthorized activities

Question 4

What is a firewall?

Answer 4

Device that blocks/allows traffic as per defined by a set of rules. Placed as boundaries of trusted and untrusted networks

Question 5

How do you keep yourself updated with information security news?

Answer 5

I follow threatpost and occasionally listen to podcasts like Cybersecurity weekly.

Question 6

CIA triangle

Answer 6

Confidentiality

Integrity and availability

Question 7

Explain risk, vulnerability and threat

Answer 7

Risk: measure of potential loss when the vulnerability is exploited by threat
Vulnerability: weakness in a system
Threat: when an attacker exploits a vulnerability

Question 8

Difference between asymmetric and symmetric encryption and which is better

Answer 8

Symmetric encryption: is the same key for both encryption and decryption. Faster but is transferred over an unencrypted channel

Asymmetric: uses different keys. More secure but slow
Hybrid approach is best. Setting up a channel using asymmetric encryption and sending data over symmetric process

Question 9

What is an IPS and how does it differ from IDS

Answer 9

IPS (intrusion prevention system): will detect and also take action to prevent intrusion (more noisy)

IDS (intrusion detection system): detect the intrusion and administrator decides what to do next

Question 10

What is XSS and how will you mitigate it?

Answer 10

Cross site scripting is JavaScript vulnerability in the web applications. User enters script in client side input fields and that input gets processed without validation. Leading to untrusted data getting saved and executed on client side

Example: hacking of MySpace

Countermeasure: input validation, implementing CSP (content security policy)

Question 11

What is difference between encryption and hashing?

Answer 11

Encryption: reversible. Ensures confidentiality

Hashing: can be cracked but is not reversible. Ensures integrity

Question 12

HIDS vs NIDS and which one is better and why?

Answer 12

HIDS (host intrusion detection system):
Placed on the host

NIDS (network intrusion detection system): placed on the network

Placement is different

Question 13

What is port scanning?

Answer 13

Process of sending messages to gather information about network, system, etc. analyzing responses received

Nmap command
Also netstat

Question 14

Difference between VA and PT

Answer 14

VA: vulnerability assessment: finds flaws in application/network

PT (penetration testing): of finding exploitable vulnerabilities

VA is on the surface and PT is more in depth

Question 15

What is WAF and it’s types?

Answer 15

WAF: web application firewall. Used to protect the application by filtering legitimate traffic from malicious traffic. Can be box or cloud based

Question 16

Explain objects of basic web architecture

Answer 16

Front ending server (provides scalability), web application server (hosts applications) and database server

Question 17

Difference between policies, processes and guidelines

Answer 17

Policies: defines security objectives and security framework of an organization

Process: detailed step by step how to document that specifies the exact action to necessary to implement important security mechanism

Guidelines: recommendations

Question 18

What is false positive and false negative?

Answer 18

False positive: false alarm. No threat

False negative: intrusion has taken place and there is no alarm

Question 19

How to harden a server?

Answer 19

Close unused ports, create accounts with least privilege permissions, disable remote access for admin and root accounts

Question 20

What is the difference between UDP and TCP?

Answer 20

UDP: kind of a shot in the dark. Could miss some packets. An example is live-streaming

TCP: when each packet is accounted for. For example Netflix

Question 21

OSI model

Answer 21

Physical
Data link
Network
Transport
Session 
Presentation 
Application

Question 22

Port of file transfer protocol (FTP)

Transport protocol: TCP

Answer 22

20, 21

20: data transfer
21: control

Used for transferring files on internet or private network

Question 23

Secure shell (SSH)

Uses TCP and UDP

Answer 23

Primary method used to manage network devices on the command level. Secure Alternative to Telnet

22

Question 24

Telnet port

Uses TCP

Answer 24

23

Primary method used to manage network devices at the command level. Insecure connection

Question 25

Simple mail transfer protocol (SMTP)

Uses TCP

Answer 25

25

Used for transferring mail (email) from source to destination and mail servers and used for end users to send emails

Question 26

IPSec

Answer 26

50, 51

Question 27

Dynamic host configuration protocol (DHCP)

UDP

Answer 27

69

Used on networks that do not use static IP address assignment. Set up by admin with a poll of addresses that are available for assignment

Question 28

Trivial file transfer protocol (TFTP)

Uses UDP

Answer 28

69

Method of file transfer (like FTP but without session establishment—uses UDP instead of TCP).

Question 29

Hyper text transfer protocol (HTTP)

Uses TCP

Answer 29

80

Main protocol used by web browsers

Question 30

Post office protocol (POP3)

Uses TCP

Answer 30

110

Retrieve mail from server.

Question 31

HTTP with secure sockets layer (SSL)

TCP and UDP

Answer 31

443

Question 32

FTP over SSL/TLS

Uses TCP

Answer 32

989,990

Question 33

Remote Desktop protocol

TCP and UDP

Answer 33

3389

Question 34

Domain name system (DNS)

TCP/UDP

Answer 34

53

Used on public internet and on private networks to translate domain names into IP addresses.

Question 35

Network time protocol (NTP)

UDP

Answer 35

123

Synchronized devices on the Internet

Question 36

NetBios

TCP/UDP

Answer 36

137/138/139

Not a protocol but is used with IP with the NetBios over TCP/IP (NBT) protocol.

Question 37

Internet message access protocol (IMAP)

TCP

Answer 37

143

Like POP (receivers mail), but supports wider array of remote mailbox operations

Question 38

Simple network management protocol (SNMP)

TCP/UDP

Answer 38

161/162

For network management. Monitor, configure and control