cyber

Application security

It entails safeguarding software and devices against malicious attacks. This can be accomplished by regularly updating the apps to ensure that they are secure against threats.

Network security

It is the process of securing a computer network against unauthorized access, intruders, attacks, disruption, and misuse using hardware and software. This security aids in the protection of an organization's assets from both external and internal threats. Example: Using a Firewall.

Identity management:

It refers to the process of identifying each individual's level of access inside an organization. Example: Restricting access to data as per the job role of an individual in the company.

Mobile security:

It refers to the protection of organizational and personal data held on mobile devices such as cell phones, PCs, tablets, and other similar devices against a variety of hostile attacks. Unauthorized access, device loss or theft, malware, and other threats are examples of these dangers.

Cloud security:

It refers to the safeguarding of data held in a digital environment or in cloud infrastructures for an organization. It employs a variety of cloud service providers, including AWS, Azure, Google, and others, to assure protection against a variety of threats.

32. What do you mean by Domain Name System (DNS) Attack?

DNS hijacking is a sort of cyberattack in which cyber thieves utilize weaknesses in the Domain Name System to redirect users to malicious websites and steal data from targeted machines. Because the DNS system is such an important part of the internet infrastructure, it poses a serious cybersecurity risk.

9. What do you mean by a botnet?

A botnet is a collection of internet-connected devices, such as servers, PCs, and mobile phones, that are infected with malware and controlled by it. It's used to steal data, send spam, launch distributed denial-of-service (DDoS) attacks, and more, as well as provide the user access to the device and its connection.

14. What do you mean by brute force in the context of Cyber Security?

A brute force attack is a cryptographic assault that uses a trial-and-error approach to guess all potential combinations until the correct data is discovered. This exploit is commonly used by cybercriminals to gain personal information such as passwords, login credentials, encryption keys, and PINs. It is very easy for hackers to implement this.

2. Differentiate between threat, vulnerability and risk.

Threat: A threat is any form of hazard that has the potential to destroy or steal data, disrupt operations, or cause harm in general. Malware, phishing, data breaches, and even unethical employees are all examples of threats.

5. Define VPN.

VPN, is an encrypted link between a device and a network via the Internet. The encrypted connection aids in the secure transmission of sensitive data. It protects against illegal eavesdropping on the traffic and allows the user to work remotely. In corporate settings, VPN technology is commonly used.

20. What do you mean by Man-in-the-Middle Attack?

A cyber threat (a type of eavesdropping assault) in which a cybercriminal wiretaps a communication or data transmission between two people is known as a man-in-the-middle attack. Once a cybercriminal enters a two-way conversation, they appear to be genuine participants, allowing them to obtain sensitive information and respond in a variety of ways. The main goal of this type of attack is to acquire access to our company's or customers' personal information. On an unprotected Wi-Fi network, for example, a cybercriminal may intercept data passing between the target device and the network.

4. What is a Firewall?

A firewall serves as a barrier between a LAN and the Internet. It allows private resources to remain private while reducing security threats. It manages both inbound and outbound network traffic. A sample firewall between a LAN and the internet is shown in the diagram below. The point of vulnerability is the connection between the two. At this point, network traffic can be filtered using both hardware and software. There are two types of firewall systems: one that uses network layer filters and the other that uses user, application, or network layer proxy servers.

38. What form of cookie might be used in a spyware attack?

A tracking cookie, instead of a session cookie, would be used in a spyware attack because it would last through multiple sessions rather than just one.

37. What is the difference between virus and worm?

A virus is a piece of harmful executable code that is attached to another executable file and can modify or erase data. When a virus-infected computer application executes, it takes action such as removing a file from the computer system. Viruses can't be managed from afar.Worms are comparable to viruses in that they do not alter the program. It continues to multiply itself, causing the computer system to slow down. Worms can be manipulated with remote control. Worms' primary goal is to consume system resources.

Vulnerability

A vulnerability is a flaw in hardware, software, personnel, or procedures that threat actors can use to achieve their objectives.

41. What do you mean by Active reconnaissance?

Active reconnaissance is a type of computer assault in which an intruder interacts with the target system in order to gather information about weaknesses.Port scanning is commonly used by attackers to detect vulnerable ports, after which they exploit the vulnerabilities of services linked with open ports.

Operational security:

It entails analyzing and making decisions about how to handle and secure data assets. Example: Storing data in an encrypted form in the database.

Data security:

It entails putting in place a strong data storage system that ensures data integrity and privacy while in storage and transport.

21. Differentiate between Information protection and information assurance.

Information protection protects data from unauthorized access by utilizing encryption, security software, and other methods.

27. Differentiate between IDS and IPS in the context of Cyber Security.

Intrusion Detection Systems (IDS) scan and monitor network traffic for signals that attackers are attempting to infiltrate or steal data from your network using a known cyber threat. IDS systems detect a variety of activities such as security policy violations, malware, and port scanners by comparing current network activity to a known threat database. Intrusion Prevention Systems (IPS) are located between the outside world and the internal network, in the same area of the network as a firewall. If a packet represents a known security hazard, an IPS will proactively prohibit network traffic based on a security profile.

26. What do you mean by a DDoS attack? How can you prevent it?

It's a form of cyber threat or malicious effort in which fraudsters use Internet traffic to fulfill legitimate requests to the target or its surrounding infrastructure, causing the target's regular traffic to be disrupted. The requests originate from a variety of IP addresses, which might cause the system to become unworkable, overload its servers, cause them to slow down or go offline, or prevent an organization from performing its essential responsibilities.

36. What do you mean by SQL Injection? How do you prevent it?

SQL injection is a typical attack in which fraudsters employ malicious SQL scripts to manipulate backend databases and get access to sensitive data. The hostile actor can see, edit, or remove important company data, customer lists, or customers' personal details contained in the SQL database after the attack is successful.

28. What do you mean by Network Sniffing?

Sniffing is a technique for evaluating data packets delivered across a network. This can be accomplished through the use of specialized software or hardware. Sniffing can be used for a variety of purposes, including:

33. Differentiate between Stream Cipher and Block Cipher.

The major distinction between a block cypher and a stream cypher is that a block cypher turns plain text into ciphertext one block at a time. Stream cypher, on the other hand, converts plain text into ciphertext by taking one byte of plain text at a time.

1. What is the main objective of Cyber Security?

The primary goal of cyber security is to protect data. To safeguard data from cyber-attacks, the security sector offers a triangle of three connected principles. The CIA trio is the name for this principle. The CIA model is intended to help organizations develop policies for their information security architecture. One or more of these principles has been broken when a security breach is discovered. Confidentiality, Integrity, and Availability are the three components of the CIA model. It's a security paradigm that guides individuals through many aspects of IT security.

Risk

The probability of a threat and the consequence of a vulnerability are combined to form risk. To put it another way, the risk is the likelihood of a threat agent successfully exploiting a vulnerability, which may be calculated using the formula:

3. What does XSS stand for? How can it be prevented?

XSS stands for Cross-site scripting. It is a web security flaw that allows an attacker to manipulate how users interact with a susceptible application. It allows an attacker to get around the same-origin policy, which is meant to keep websites separate from one another. Cross-site scripting flaws allow an attacker to impersonate a victim user and execute any actions that the user is capable of, as well as access any of the user's data. If the victim user has privileged access to the application, the attacker may be able to take complete control of the app's functionality and data.

Physical vulnerabilities

such as publicly exposed networking equipment, software vulnerabilities, such as a buffer overflow vulnerability in a browser, and even human vulnerabilities, such as an employee vulnerable to phishing assaults, are all examples of vulnerabilities.