Cyber security questions
11. What is SSL encryption?
(Secure Sockets Layer) encryption is a protocol that ensures secure data transmission between a user's web browser and a website server, protecting data during transit.
What is the OSI model
- Physical layer 1 - transmits raw bit steam ofver the phycial medum - Data link layer 2- defines the format of data on a network - Network Layer 3- decideds which physical path the data will take - Transport Layer 4- transmits data using transmission protacls inluding TCP and UDP - Session Layer 5- Maintians connections and is responible for controlling parts and session - Presentation Layer 6- ensures data is usable foramt where data encrypotion occurs - Application Layer 7- human computer interaction layer
17. What is a DDoS attack and how does it work?
A Distributed Denial of Service (DDoS) attack inundates a target server or network with excessive traffic originating from numerous sources, making it inaccessible to genuine users.
What is a VPN and how does it work?
A VPN (Virtual Private Network) encrypts your internet connection to secure your data and provide privacy online. It creates a secure tunnel between your device and the internet, masking your IP address and location.
4. What is Phishing? Provide an example.
A cyberattack in which malicious actors employ deceptive emails or messages to deceive individuals into disclosing sensitive information.
Explain the concept of a firewall.
A firewall is a network security device that monitors and filters incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between trusted and untrusted networks.
21. What is a honeypot in cybersecurity?
A honeypot is a decoy system or network designed to attract attackers. It allows security professionals to study their tactics, techniques, and motivations.
Diffrence between a Threat, Vulnerablity, or Risk
A threat is a threat is anything that poses a possible danger to information systems or data. A vulnerability is a weakness or flaw in a system, network, application, or process that can be exploited by a threat.The possibility of the hacker exploiting the outdated software to access and steal the sensitive data.
What is a three way handshake
A three-way handshake is a method used in a TCP/IP network to create a connection between a host and a client. It's called a three-way handshake because it is a three-step method in which the client and server exchanges packets. The three steps are as follows: 1. The client sends a SYN(Synchronize) packet to the server check if the server is up or has open ports 2. The server sends SYN-ACK packet to the client if it has open ports 3. The client acknowledges this and sends an ACK(Acknowledgment) packet back to the server
Can you describe a time when you identified a security issue and how you handled it?
At ITSS we had a lot of phishing attacks that targeted students that would be sent out making people think it was the school or IT departmetn to click on this link and change there password and alot of people feel for it. when they came in we would first make a ticket with the person and the description of what happend. then we would quickly identify the composied there accounts and we would temparrly disable thier account and make them a new password, then we would block that phishnig email, then we would send out a mass email to the school or and telling those who where infected to change their passwords and not to reuse old password, But then it would be taken over from there from the securtiy department in chico state
24. What are the common cyber threats today?
Common threats include malware, ransomware, phishing, DDoS attacks, insider threats, and zero-day vulnerabilities.
Describe the CIA triad.
Confidentiality: Ensuring that information is not accessed by unauthorized individuals. Integrity: Ensuring that information is accurate and unaltered. Availability: Ensuring that information is accessible to authorized users when needed.
16. What are cookies in a web browser?
Cookies are stored by websites on a user's device. They are used to track user preferences, session information, and provide a personalized browsing experience.
1. What is cybersecurity, and why is it important?
Cybersecurity protects computer systems, networks, and data from theft, damage, or unauthorized access. It's important to safeguard sensitive information, maintain privacy, prevent financial losses, and protect critical infrastructure from cyber threats.
How can SQL injection be prevented?
Using prepared statements and parameterized queries. Validating and sanitizing user inputs. Using ORM (Object Relational Mapping) frameworks.
10. Define the terms Encryption and Decryption.
Encryption: Converting plaintext data into a coded format to protect it from unauthorized access. Decryption: Converting encrypted data back into its original, readable form.
5. How do firewalls protect network security?
Firewalls serve as protective barriers, overseeing and screening both inbound and outbound network traffic in accordance with established security regulations.
12. What is the difference between IDS and IPS?
IDS (Intrusion Detection System): Monitors network traffic and generates alerts when suspicious activity is detected. IPS (Intrusion Prevention System): Not only detects but also actively blocks or prevents suspicious network activity.
14. What steps would you take if you discovered a security breach?
Isolate affected systems, contain the breach, notify relevant parties, investigate the incident, remediate vulnerabilities, and implement measures to prevent future breaches.
Why i personally want to be in the field of cybersecurity
Personal Motivation Interest in Technology and Problem-Solving Continuous Learning and Growth
What is SQL injection
SQL injection, also known as SQL, is a cyberattack that uses malicious SQL code to access information in a database. This information can include sensitive company data, user lists, or private customer details. SQL injection is one of the most common and threatening types of attack because it can be used against any web application or website that uses an SQL-based database
If a company's system is infected with ransomware, what steps would you take to handle the situation?
Steps include isolating the infected systems, identifying the strain of ransomware, consulting backups, informing relevant stakeholders, and following the company's incident response plan. Emphasize not paying the ransom and contacting law enforcement.
What is the difference between symmetric and asymmetric encryption?
Symmetric encryption uses the same key for both encryption and decryption. It is faster but less secure if the key is compromised. Asymmetric encryption uses a pair of keys, one for encryption (public key) and one for decryption (private key). It is more secure but slower due to complex algorithms.
8. What are the common techniques for securing a computer network?
Techniques include using strong passwords, regular updates and patch management, implementing firewalls, using intrusion detection systems, and conducting security audits.
20. How can you prevent a Man-In-The-Middle attack?
Use secure communication protocols, verify digital certificates, and avoid public Wi-Fi for sensitive transactions. Implementing strong encryption also helps.
2. Define the terms Virus, Malware, and Ransomware.
Virus: A program that replicates itself and spreads to other files or systems, often causing harm. Malware: A broader term encompassing any malicious software that disrupts or gains unauthorized access to computer systems. Ransomware: A malicious software encrypting files or computer systems and requesting a ransom for their decryption.
Why it is important to udnerstand networking for cybersecurity
a solid understanding of networking is foundational for anyone in cybersecurity. It enables professionals to detect and prevent threats, implement robust security measures, secure network architecture, respond effectively to incidents, comply with standards, and develop secure systems.
How do you stay updated with the latest cybersecurity trends and threats?
krebsonSecurity, Security Weekly
