Cyber Security Interview Questions and Answers
Question - 31 : - What is SSH?
Answer - 31 : -
SSH stands for Secure Socket Shell or Secure Shell. It is a utility suite that provides system administrators secure way to access the data on a network.
Question - 32 : - Is SSL protocol enough for network security?
Answer - 32 : -
SSL verifies the sender’s identity, but it does not provide security once the data is transferred to the server. It is good to use server-side encryption and hashing to protect the server against a data breach.
Question - 33 : - What is black box testing and white box testing?
Answer - 33 : -
- Black box testing: It is a software testing method in which the internal structure or program code is hidden.
- White box testing: A software testing method in which internal structure or program is known by tester.
Question - 34 : - Explain vulnerabilities in network security.
Answer - 34 : -
Vulnerabilities refer to the weak point in software code which can be exploited by a threat actor. They are most commonly found in an application like SaaS (Software as a service) software.
Question - 35 : - Explain TCP Three-way handshake.
Answer - 35 : -
It is a process used in a network to make a connection between a local host and server. This method requires the client and server to negotiate synchronization and acknowledgment packets before starting communication.
Question - 36 : - Define the term residual risk. What are three ways to deal with risk?
Answer - 36 : -
It is a threat that balances risk exposure after finding and eliminating threats.
Three ways to deal with risk are:
- Reduce it
- Avoid it
- Accept it.
Question - 37 : - Define Exfiltration.
Answer - 37 : -
Data exfiltration refers to the unauthorized transfer of data from a computer system. This transmission may be manual and carried out by anyone having physical access to a computer.
Question - 38 : - What is exploit in network security?
Answer - 38 : -
An exploit is a method utilized by hackers to access data in an unauthorized way. It is incorporated into malware.
Question - 39 : - What do you mean by penetration testing?
Answer - 39 : -
It is the process of checking exploitable vulnerabilities on the target. In web security, it is used to augment the web application firewall.
Question - 40 : - List out some of the common cyber-attack.
Answer - 40 : -
Following are the common cyber-attacks which can be used by hackers to damage network:
- Malware
- Phishing
- Password attacks
- DDoS
- Man in the middle
- Drive-by downloads
- Malvertising
- Rogue software