1. What is Cyber Security?
Cyber Security is nothing but the protection of data on computer systems from unauthorized access and other attacks. It mainly protects networks, programs and computers from the attacks.2. What is Encryption and what is its use?
Encryption is widely used in an organization to secure their data by converting the data of file into an unreadable format and thereby protecting the data from attack.3. What is Firewall and why it is used?
Firewall is a security system to protect the computers from unauthorized access. It monitors network traffic and allows or blocks unauthorized access.4. Can Identity theft be prevented?
Yes, we can prevent by using the unique username and password. While online shopping, we should use only trusted or secured websites. Using latest and secured web browsers ensures better security and always use the computer which is protected with anti-virus tools.5. What is CSRF?
CSRF stands for Cross-site request forgery which refers to the vulnerability in the application to the extent that attackers can exploit it.6. What is DDoS attacks?
DDoS stands for distributed denial of service. It is a malicious attempt to disrupt normal traffic by flooding the bandwidth or resources of a targeted system. A DDoS is a cyberattack on a server, service, website, or network floods it with Internet traffic.A DDoS attack is like a traffic jam clogging up with highway, preventing regular traffic from arriving at its desired destination.
7. What is MITM attack and how to prevent it?
MITM stands for Man in the Middle. It occurs when an outside attacker jumps between when two systems are interacting with each other. Here, the attacker secretly relays or alters the communication between two parties who believe they are directly communicating with each other.This can happen in any form of online communication, such as email, social media, web surfing, etc.
These attacks can be prevented by using public key encryption while sending the data or set the email as secured if it contains any confidential information like bank account and passwords. Using open networks makes vulnerable to such attacks, use SSL and TLS instead.
8. What is IPS and IDS?
IPS, Intrusion Prevention System, helps in detecting the intrusion and taking action to prevent it from the intrusion. IDS, Intrusion detection system helps in detection of an intrusion and let administrator of the system to take decision for assessment and evaluation.Both IDS and IPS compare network packets to a cyber threat database containing known signatures of cyber attacks and flag any matching packets.
IDS is a monitoring system and doesn’t alter the network packets in any way. IPS is a control system, it proactively deny network traffic if the packet represents a known security threat.
9. What is the difference between HTTPS, SSL and TLS?
HTTPS is hypertext transfer protocol which secures communications over a given network. HTTPS is basically HTTP connection which is delivering the data secured using SSL/TLS.SSL stands for Secure Sockets Layer. It is a standard security technology which helps in creating an encrypted link between a server and a client. The usage of SSL technology ensures that all data transmitted between the web server and browser remains encrypted.
TLS is an improved version of SSL. It is the successor protocol to SSL.
10. What is a traceroute?
A traceroute, which is sometimes also called a tracert, is a network diagnostic tool that traces route taken by a packet on an IP network from source to destination.It helps in determining the response delays of packets across an Internet Protocol (IP) network. It also helps to locate any points of failure encountered while en route to a certain destination.
11. What is salting and its uses?
Salting is an excellent way to turn passwords stronger. It makes cracking password very hard even if the actual password is weak. Salting is a process of appending a password to a given username and then hashing the new string of characters.12. What is Data Leakage and what are the ways to prevent it?
Data Leakage refers to the unauthorized transfer of classified information from a computer or datacenter to the outside world. This happens through various means like emails, unauthorized upload of data to public portals etc.To prevent Data leakage, we should closely monitor traffic on all networks. There are monitoring tools that can notify administrators of red flags when an employee downloads copies or deletes information.
Encrypting any private, confidential or sensitive information is great way to provide significant protection from even the most advanced attacks.
13. What are Black Hat, White Hat and Grey Hat Hacker?
Black Hat Hackers are the ones who hack systems and software to gain unauthorized entry and exploit them for malicious reasonsWhite Hat Hackers are authorized hackers who hack systems to find and fix unethical actions. They work with organizations to strengthen the security of a system.
Grey Hat Hackers are the combination of Black and White Hat Hackers. They perform unauthorized activities to look for system vulnerabilities.
14. What is phishing? How it can be prevented?
Phishing is a fraudulent attempt to obtain personal information such as usernames, passwords and credit card details using deceptive e-mails and websites.It is far easier to trick someone by impersonating genuine website webpage like yahoo or face-book and asking the user to enter their password and account ID.
There are ways to avoid becoming a victim of phishing scam:
Keep yourself informed about new Phishing Techniques
Avoid clicking on links that appear in random emails and instant messages.
Communicate personal information through secure websites only
Never download files or attachments in emails from unknown senders
Never e-mail financial information
Beware of links in e-mails that ask for personal information
Ignore entering personal information in a pop-up screen
15. What are the risks if I use public Wi-Fi?
Public Wi-Fi networks present a significant security risk making your system vulnerable to "Man in the Middle" (MiTM) attacks. The hacker can position himself between you and the connection point and can secretly relays or alters the communication.We should use a virtual private network (VPN) connection when connecting to an unsecured connection like a Wi-Fi hotspot. Even if a hacker manages to position himself in the middle of your connection, the data here will be strongly encrypted.
16. Explain Hashing and Encryption. Explain the differences between them.
Hashing is an ideal way to store passwords, as hashes are inherently one-way in their nature. Hashing is great for usage in any instance where you want to compare a value with a stored value.Encryption turns data into a series of unreadable characters, that aren't of a fixed length.
The key difference between encryption and hashing is that encrypted strings can be reversed back into their original decrypted form if you have the right key.
No comments:
Post a Comment