Cyber Security Interview Questions and Answers
Question - 81 : - Explain Security Scanning.
Answer - 81 : -
Security scanning involves identifying network and system weaknesses and later provides solutions for reducing these risks. This scanning can be performed for both Manual as well as Automated scanning.
Question - 82 : - Name the available hacking tools.
Answer - 82 : -
Following is a list of useful hacking tools.
- Acunetix
- WebInspect
- Probably
- Netsparker
- Angry IP scanner:
- Burp Suite
- Savvius
Question - 83 : - What is the importance of penetration testing in an enterprise?
Answer - 83 : -
Here are two common application of Penetration testing.
- Financial sectors like stock trading exchanges, investment banking, want their data to be secured, and penetration testing is essential to ensure security.
- In case if the software system is already hacked and the organization would like to determine whether any threats are still present in the system to avoid future hacks.
Question - 84 : - What are the disadvantages of penetration testing?
Answer - 84 : -
Disadvantages of penetration testing are:
- Penetration testing cannot find all vulnerabilities in the system.
- There are limitations of time, budget, scope, skills of penetration testers.
- Data loss and corruption
- Down Time is high which increase costs
Question - 85 : - Explain security threat
Answer - 85 : -
Security threat is defined as a risk which can steal confidential data and harm computer systems as well as organization.
Question - 86 : - What are physical threats?
Answer - 86 : -
A physical threat is a potential cause of an incident that may result in loss or physical damage to the computer systems.
Question - 87 : - Give examples of non-physical threats
Answer - 87 : -
Following are some examples of non-physical threat:
- Loss of sensitive information
- Loss or corruption of system data
- Cyber security Breaches
- Disrupt business operations that rely on computer systems
- Illegal monitoring of activities on computer systems
Question - 88 : - What is Trojan virus?
Answer - 88 : -
Trojan is a malware employed by hackers and cyber-thieves to gain access to any computer. Here attackers use social engineering techniques to execute the trojan on the system.
Question - 89 : - Define SQL Injection
Answer - 89 : -
It is an attack that poisons malicious SQL statements to database. It helps you to take benefit of the design flaws in poorly designed web applications to exploit SQL statements to execute malicious SQL code. In many situations, an attacker can escalate SQL injection attack in order to perform other attack, i.e. denial-of-service attack.
Question - 90 : - List security vulnerabilities as per Open Web Application Security Project (OWASP).
Answer - 90 : -
Security vulnerabilities as per open web application security project are as follows:
- SQL Injection
- Cross-site request forgery
- Insecure cryptographic storage
- Broken authentication and session management
- Insufficient transport layer protection
- Unvalidated redirects and forwards
- Failure to restrict URL access