Google News
logo
Cyber Security Interview Questions
In the Man-in-the-Middle attack, the hacker eavesdrops on the communication between two parties. The individual then impersonates another person and makes the data transmission look normal for the other parties. The intent is to alter the data, steal personal information, or get login credentials for sabotaging communication.
 
These are a few ways to prevent a MITM attack :
 
* Public key pair based authentication
* Virtual private network
* Strong router login credentials
* Implement a well-built Intrusion Detection Systems (IDS) like firewalls. 
* Strong WEP/WPA encryption on access points
Distributed processing describes various computer systems that use more than one processor to run an application. Multiple computers across different locations share the same processor. The advantages of distributed processing are :
 
Data Recovery : When one computer loses data, another interconnected computer can recover this loss of data.

Reliability : Any glitch in one machine does not affect the processing since it will use several other machines.

Lower Cost : Several cost-effective minicomputers are used instead of using costlier mainframe machines.

Easy to expand : Depending on the data processing amount, we can attach additional computers to the network.
Transmission Control Protocol (TCP) is a set of communication protocols used to interconnect network devices on the internet. It defines how data should be transmitted over the internet by providing end-to-end communication.
 
Internet Protocol (IP) is all about routing every individual packet to ensure it reaches its destination. The TCP/IP model is a compressed version of the OSI model. It consists of four layers; they are :
 
* Application Layer
* Transport Layer
* Internet Layer
* Network Access Layer
ipconfig ifconfig

ipconfig (Internet Protocol Configuration) is a command used on Microsoft Windows to view and configure the network interface.

ifconfig (Interface Configuration) command is used on Linux, Mac, and UNIX operating systems.

This is a useful command for displaying all the TCP/IP network summary information currently available on a network. Additionally,  it also helps in modifying the DHCP protocol and the DNS setting.

This command is used to configure and control the TCP/IP network interface parameters from the Command Line Interface. It also allows you to view the IP addresses of these network interfaces.

Domain Workgroup

A domain is a centralized network model.

A workgroup is a decentralized network model.

Here, one administrator manages the domain and its resources.

Here, every user manages the resources individually on their PCs.

It is good for large networks.

It is good for small networks.

Here, the computer can be connected to any network.

All the computers here should be connected to the same LAN.

As we know, HIDS and NIDS are both Intrusion Detection Systems and work for the same purpose, i.e., to detect intrusions.
 
Difference between HIDS and NIDS :
Host Intrusion Detection System (HIDS) Network Intrusion Detection System (NIDS)
HIDS is set up on a particular host/device and monitors the traffic of a particular device and suspicious system activities. On the other hand, NIDS is set up on a network and is used to monitor the traffic of all network devices.
HIDS is used to detect intrusions. NIDS is used for the network to monitor the traffic of all devices.
In Cyber security, patch management is a process to keep the software on computers and network devices up to date and make them capable of resisting low-level cyber attacks. It is used in any software which is prone to technical vulnerabilities.
 
We should perform patch management as soon as it is released. For example, when a patch is released for Windows, it should be applied to all machines as soon as possible. Same in network devices, we should apply patch management as soon as it is released. We should follow proper patch management for better security.
Patch management tools or software are used to ensure that the components of a company's software and IT infrastructure are up to date. The patch management tools work by tracking updates of various software and middleware solutions, and then they alert users to make necessary updates or execute updates automatically.
 
Following is a list of the top 10 best patch management software or tools : 
 
* Atera
* NinjaRMM
* Acronis Cyber Protect Cloud
* Acronis Cyber Protect
* PDQ Deploy
* ManageEngine Patch Manager Plus
* Microsoft System Center
* Automox
* SmartDeploy
* SolarWinds Patch Manager
Honeypots are the possible attack targets set up to see how different attackers attempt to exploit a network. Private firms and governments use this concept to evaluate their vulnerabilities, widely used in academic settings.
Honeypot
There are three types of XSS attacks :
 
(i) Non-Persistent XSS attack – Here the data injected by the attacker is reflected in the response and has a link with the XSS vector
 
(ii) Persistent XSS attack – The most harmful type of attack, where the script executes automatically the moment a user opens the page
 
(iii) Document Object Model (DOM)-based XSS attack – An advanced type of XSS attack which happens when a web application writes data to the DOM without any sanitization