Q.1. What’s the use of filtering ports on Firewall?
A.1. Filtering ports on firewall application helps in blocking exact malware and applications which eventually protects the network from needless traffic. One common example will be like: many companies block the FTP (File Transfer Protocol) port, i.e. 21, when FTP hosting and communication is not required.
Q.2. What tool or technique you’ll suggest your company employees for encrypting the email
A.2. One common suggestion for encrypting emails for employees and general public will be PGP or some other techniques which gives public-private key pair mechanism where reading of the messages is restricted to sender and receiver only.
Q.3. Tell me the very simple way to secure a website that is running on HTTP protocol?
A.3. Most of the cases HTTP protocol provides security at its rear authenticated pages as well as directories. When correct username and password is not entered, the server proceeds with an error message showing the “403 authentication” which is an HTTP error. This helps protecting users from unofficial and illicit users who are trying to access your account.
Q.4. Tell me 3 ways to restricts Brute-force attacks.
A.4. 3 simple techniques to restrict Brute force attacks are –
- By stopping authentication session / option after a specific number of attempts leading to locking of account for next 24 or 48 hours.
- Another option will be by blocking IP addresses which leads to network flooding.
- IP restrictions set on firewall can also help eliminate & avoid the Brute force attack
Q.5. What type of attack is possible with Diffie Hellman Exchange?
A.5. Cyber criminals can perform Man in the Middle (MiTM) attack through Diffie Hellman exchange because in that case none of the ends (sending and receiving of packets), i.e. exchange between client and server is meant for authentication which makes it threat-prone.
Q.6. How will you explain SQL Injection?
A.6. SQL injection is a attach technique performed on faulty web applications which is purposely or unintentionally developed, attack is done for stealing valuable information from that application’s database to harm the owner of that web-application. The attack is initiated by injecting SQL-query string which alters the SQL query syntax in different ways.
Q.7. How will you explain IP address?
A.7. IP (Internet Protocol) addresses are virtual numbers allotted to computers. The address is utilized by TCP/IP (Transmission Control Protocol/Internet Protocol) for identifying computer lying over a network. Each computer residing in the network should have a unique address (the IP address) or it will result in an error which is known as IP conflict error.
Q.8. Explain in short the term ‘rogue DHCP server’?
A.8. ‘Rogue DHCP servers’ are those which helps in redirecting IP addresses’ assignments for allowing cyber criminals in identifying & redirect or forward the client PC to some other network segment.
Q.9. Why will you use Wireshark?
A.9. The tool, Wireshark is designed for penetration testing which helps us capturing the traffic of a network we’re monitoring using this tool and helps in identifying malicious packets that are coming and going in that network for security & testing purposes.