Theoretical Questions Flashcards
What is Cryptography?
The science of securing information and communication to ensure confidentiality
What is the difference between Symmetric and Asymmetric encryption?
Symmetric encryption uses the same key for encryption/decryption; asymmetric uses different keys
What is the difference between IDS and IPS?
An IDS detects cyber attacks while an IPS prevents attacks based on predefined filters, patterns, etc.
CIA triad
Stands for confidentiality, integrity, and available. used as a model to guide/create security policies.
Define encryption
encryption = concealing data and communication that can later be decrypted
Define hashing
hashing = processing data (with a function) to produce a unique message digest, not intended to be decrypted
What is a firewall?
A firewall is a network security device that monitors network traffic and blocks data packets depending on a set of security rules.
What is a vulnerability assessment?
This is the process of finding “predefined” security weaknesses in a system
What is penetration testing?
This is the process of finding “undefined” security weaknesses in a system
What is a three-way handshake?
the method used in a TCP/IP network to create a connection between a host and a client.
What are the response codes that can be received from a Web Application?
1xx – Informational responses 2xx – Success 3xx – Redirection 4xx – Client-side error 5xx – Server-side error
What is traceroute? Why is it used?
Traceroute is a tool that shows the path of a packet.
What steps will you take to secure a server?
Step 1: Make sure you have a secure password for your root and administrator users
Step 2: The next thing you need to do is make new users on your system. These will be the users you use to manage the system
Step 3: Remove remote access from the default root/administrator accounts
Step 4: The next step is to configure your firewall rules for remote access
Explain Data Leakage
Data Leakage is an intentional or unintentional transmission of data from within the organization to an external unauthorized destination.
What are some of the common Cyberattacks?
Malware Phishing Password Attacks DDoS Man in the Middle Drive-By Downloads Malvertising Rogue Software
What is a Brute Force Attack? How can you prevent it?
Brute Force is a way of finding out the right credentials by repetitively trying all the permutations and combinations of possible credentials.
What is Port Scanning?
Port Scanning is the technique used to identify open ports and service available on a host.
What is a VPN?
VPN stands for Virtual Private Network. It is used to create a safe and encrypted connection.
What do you understand by Risk, Vulnerability & Threat in a network?
Threat: Someone with the potential to harm a system or an organization
Vulnerability: Weakness in a system that can be exploited by a potential hacker
Risk: Potential for loss or damage when threat exploits a vulnerability
What are black hat, white hat and grey hat hackers?
Black hat hackers are known for having vast knowledge about breaking into computer networks.
White hat (ethical) hackers specialize in penetration testing to protect the information system of an organization
Grey hat hackers sometimes violate ethical standards without malicious intent
What is cybersecurity?
Cybersecurity refers to the protection of hardware, software, and data from attackers.
Explain botnet.
A botnet is short for robot network. A botnet is a network of computers infected by malware that is under the control of an attacking party.
Explain the differences between a worm and a virus
The main difference is that viruses must be triggered with a host’s help (human interaction), while worms are stand-alone malicious programs that act independently.
Explain TCP Three-Way Handshake
It’s a three–step process in which the client establishes a connection with a server, the server responds to its request, and the client acknowledges the response to create a stable connection to transfer data.
What is phishing?
Phishing is the cybercrime where targets are reached by email, phone, or text message by a hacker posing as a legitimate institution to gain access to sensitive information, such as social security numbers, financial data, and passwords.
What are the differences between HTTPS, SSL, and TLS?
HTTP is the protocol used by browsers and web servers to communicate and exchange information. HTTPS (S stands for SSL) is the secured version of this protocol. TLS is a transport layer security and the successor protocol to SSL.
Explain SSL
SSL stands for Secure Sockets Layer. It is a technology creating encrypted connections between a web server and a web browser. I
What do you mean by data leakage?
Data leakage is an unauthorized transfer of data to the outside world.
What is encoding?
Encoding involves changing data into a new format using a scheme; data can be decoded
What is hashing?
hashing involves computing a fixed-length mathematical summary of data, can’t be reversed, and is commonly used to verify data integrity.
What is encryption?
The process of securely encoding data and only authorized users with a key or password can decrypt to access the original data.
What is SQL injection?
SQL Injection (SQLi) is a code injection attack where an attacker manipulates the data being sent to the server to execute malicious SQL statements
What is 2FA?
An extra layer of security that is known as “multi-factor authentication“.
What are salted hashes?
Salt is a random data, often combined with a hash value to ensure password confidentiality
What is ARP?
a protocol for mapping an Internet Protocol address (IP address) to a physical machine address that is recognized in the local network
What is a MITM attack?
a type of attack where the hacker places himself in between the communication of two parties and steal the information.
What are some of the common Cyberattacks?
Malware Phishing Password Attacks DDoS Man in the Middle Drive-By Downloads Malvertising Rogue Software
