Technology is constantly changing and online security threats are becoming more difficult to spot. The traditional method of dealing with threats is no longer effective for sophisticated cybercriminal groups. As the security landscape changes, cyber security professionals must keep up to date with new developments. They offer technical and advisory support to clients to improve their Security & Risk function. Here are some questions for them:
1. What do you have on your Home Network’s?
A Windows laptop equipped with a wireless generic router, a telephone all the way to 14 Linux Workstations and an Active Directory Domain Controller. It also includes a dedicated Firewall appliance, a toaster, and a dedicated Firewall appliance.
2. Which Project are you most proud of?
Your project can be as personal as your first game console modification or your first PC build, or as important as writing a program. The point is to show passion. This was covered in cyber security training.
3. What is “SQL Injection?”
This is one of the most common attacks hackers use to gain critical data. Hackers look for loopholes in the framework that allow them to pass SQL queries. This allows hackers to get critical data and evade security checks.
4. What is SSL Connection?
SSL connection is a transient peer to peer communications interface. Each connection is associated with one SSL session. This session is an association between client/server, usually crated using handshake protocol.
5.What are the three ways to authenticate a person?
They have something they know (password), and something they have (token). Sometimes, this authentication uses a password and token setup. However, at times it can be a thumbprint and a PIN.
6. There are many methods for security testing
White Box- All data are given to testers. Black Box- Testers can use the system in real-world scenarios. Grey Box- Partially data is with the analyzers.
7. What are Web Server Vulnerabilities (also known as Web Server Vulnerabilities)?
Common vulnerabilities that the webserver can exploit are: Misconfiguration, default settings, bugs in operating system and web server.
Also read: CEH Interview Questions and Answers
8. What is Traceroute and Tracert?
This tool allows you to identify the source of the problem by showing you the correct connection chain from router to router to your final goal.
9. Linux Server Security: Three Steps To Secure Each System
Auditing, Hardening, and Compliance are the three steps that will secure each system.
10. What is salting?
Although password salting is being used by your interviewer, they are trying to get you to use only half of the term. This is a safer type of encryption for passwords, and it is something you will need to be familiar with.
11. Use of component in SSL
SSL is used to establish secure connections between clients and computers. The following components are used in SSL: SSL Handshake protocol, SSL Recorded protocol and SSL Encryption algorithms.
12. What is WEP Cracking?
WEP cracking refers to the technique of exploiting security holes in wireless networks and gaining unauthorized entry.
13. Parameters that define an SSL Session state
An SSL session state is defined by the following parameters: Session ID, Compression method and Master secret.
14. How can you protect your home wireless access point?
There are many ways to protect a Wireless Access Point. The most popular are not broadcasting the SSID and using WPA2 or MAC address filtering.
15. What are the Attributes of Security Testing
The following seven attributes are part of Security Testing: Authentication and Confidentiality Authorization Integrity Non-repudiation
