Google News
logo
Cyber Security Interview Questions
* RDP (Remote Desktop Protocol) is a Microsoft protocol specifically designed for application data transfer security and encryption between client devices, users, and a virtual network server.

* It allows administrators to remotely evaluate and resolve issues individual subscribers encounter.

* It supports up to 64,000 separate data channels with a provision for multipoint transmission.
Sniffing is a technique for evaluating data packets delivered across a network. This can be accomplished through the use of specialized software or hardware. Sniffing can be used for a variety of purposes, including:
 
* Capture confidential information, such as a password.
* Listen in on chat messaging
* Over a network, keep an eye on a data package.
Black Box Testing White Box Testing
It's a type of software testing in which the program's or software's internal structure is concealed. It is a method of software testing in which the tester is familiar with the software's internal structure or code.
It is not necessary to have any prior experience with implementation. It is not necessary to have prior experience with implementation.
On the basis of the requirement specifications paper, this testing can begin. This form of software testing begins once the detailed design document has been completed.
It takes the least amount of time. It takes the most amount of time.
It is the software's behavior testing. It is the software's logic testing.
It is relevant to higher levels of software testing. It is relevant to lower levels of software testing.
The major distinction between a block cypher and a stream cypher is that a block cypher turns plain text into ciphertext one block at a time. Stream cypher, on the other hand, converts plain text into ciphertext by taking one byte of plain text at a time.

Block Cipher Stream Cipher
By converting plaintext into ciphertext one block at a time, Block Cipher converts plain text into ciphertext. Stream Cipher takes one byte of plain text at a time and converts it to ciphertext.
Either 64 bits or more than 64 bits are used in block ciphers. 8 bits are used in stream ciphers.
The ECB (Electronic Code Book) and CBC (Common Block Cipher) algorithm modes are utilized in block cipher (Cipher Block Chaining). CFB (Cipher Feedback) and OFB (Output Feedback) are the two algorithm types utilized in stream cipher (Output Feedback).
The Caesar cipher, polygram substitution cipher, and other transposition algorithms are used in the block cipher. Stream cipher uses substitution techniques such as the rail-fence technique, columnar transposition technique, and others.
When compared to stream cipher, a block cipher is slower. When compared to a block cipher, a stream cipher is slower.
A virus is a piece of harmful executable code that is attached to another executable file and can modify or erase data. When a virus-infected computer application executes, it takes action such as removing a file from the computer system. Viruses can't be managed from afar.

Worms are comparable to viruses in that they do not alter the program. It continues to multiply itself, causing the computer system to slow down. Worms can be manipulated with remote control. Worms' primary goal is to consume system resources.
Polymorphic viruses are sophisticated file infectors that may build changed versions of themselves in order to avoid detection while maintaining the same fundamental behaviors after each infection. Polymorphic viruses encrypt their programming and employ various encryption keys each time to alter their physical file makeup throughout each infection.

Mutation engines are used by polymorphic viruses to change their decryption routines every time they infect a machine. Because typical security solutions do not use a static, unchanging code, traditional security solutions may miss them. They are considerably more difficult to detect because they use complicated mutation engines that generate billions of decryption routines.
Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address that is recognized in the local network.
 
When an incoming packet destined for a host machine on a particular local area network arrives at a gateway, the gateway asks the ARP program to find a physical host or MAC address that matches the IP address.
 
The ARP program looks in the ARP cache and, if it finds the address, provides it so that the packet can be converted to the right packet length and format and sent to the machine.
 
If no entry is found for the IP address, ARP broadcasts a request packet in a special format to all the machines on the LAN to see if one machine knows that it has that IP address associated with it.
VPN VLAN
Helps to group workstations that are not within the same locations into the same broadcast domain Related to remote access to the network of a company
Means to logically segregate networks without physically segregating them with various switches Used to connect two points in a secured and encrypted tunnel
Saves the data from prying eyes while in transit and no one on the net can capture the packets and read the data Does not involve any encryption technique but it is only used to slice up your logical network into different sections for the purpose of management and security
Data Protection in Transit Data Protection at Rest
Data is transmitted across devices or networks Data is stored in databases, local hard drives, or USBs
Protects the data in transit with SSL and TLS Protects the data at rest with firewalls, antiviruses, and good security practices 
You must protect the data in transit since it can become vulnerable to MITM attacks, eavesdropping, etc.  You should protect the data at rest to avoid possible data breaches even when stolen or downloaded
The following methods are used in preventing a brute force login attack :
 
Strong password policy and frequent password changes.

Account lockout policy : account is locked after a set number of failed login attempts. It is locked until the administrator unlocks it.

Use of Captcha : the user is asked to manually input some text or solve a simple problem.

Progressive delays : account is locked for a certain period after three failed login attempts. 

Limit logins to a specified IP address or range : if you allow access only from a designated IP address or range, it will be difficult for brute force attackers to gain access.

Two-factor authentication (2FA) : it reduces the risk of a potential data breach.

Monitor your server logs : ensure that you analyze your log files diligently.