Top 100 Cybersecurity

Questions for:

✓ Beginners
✓ Intermediate Level
✓ Advanced Level

Mohammed Almunajam
Mohammed Almunajam
Welcome to Your Cybersecurity
Interview!

Hello there!
Welcome to your interview for a cybersecurity position. We're on
the lookout for talented individuals passionate about safeguarding our
systems from the growing digital threats.

Mohammed Almunajam
1. What is cybersecurity, and why is it important?
Cybersecurity: protects computer systems, networks, and data from
theft, damage, or unauthorized access. It's important to safeguard
sensitive information, maintain privacy, prevent financial losses, and
protect critical infrastructure from cyber threats.

2. Define the terms Virus, Warm, Malware, and Ransomware

•Virus: A program that replicates itself and spreads to other files or
systems, often causing harm.
•Warm: A computer worm is a type of malware that spreads to
networks copies of itself .
•Malware: A broader term encompassing any malicious software that
disrupts or gains unauthorized access to computer systems.
•Ransomware: A malicious software encrypting files or computer
systems and requesting a ransom for their decryption.

3. What is Cryptography?
Cryptography is the practice and study of techniques for securing
information and communication mainly to protect the data from third
parties that the data is not intended for.

[Link] CIA triad.

Confidentiality – restrict access to authorized
individuals
Integrity – data has not been altered in an
unauthorized manner
Availability – information can be accessed and
modified by authorized individuals in an appropriate
timeframe
Availability
Mohammed Almunajam
5. Explain the difference between a Threat, Vulnerability, and Risk in
cybersecurity.

6. What are some of the common Cyberattacks?

7. What is Phishing? Provide an example.

•Phishing: A cyberattack in which malicious actors employ deceptive
emails or messages to deceive individuals into disclosing sensitive
information.
•Example: An email claiming to be from a bank, requesting the recipient
to provide their login credentials by clicking a link that leads to a fake
website.
Mohammed Almunajam
8. What is a Brute Force Attack? How can you prevent it?
Brute Force is a way of finding out the right credentials by
repetitively trying all the permutations and combinations of possible
credentials.
Prevent Brute Force attacks (Password Length - Password Complexity -
Limiting Login Attempts )

[Link] is a DDoS attack and how does it work?

A Distributed Denial of Service (DDoS) attack inundates a target
server or network with excessive traffic originating from numerous
sources, making it inaccessible to genuine users

10. What is Port Scanning?

Port Scanning is the technique used to identify open ports and service
available on a host. Hackers use port scanning to find information that
can be helpful to exploit vulnerabilities.

11. What are cookies in a web browser?

Cookies are stored by websites on a user's device. They are used to
track user preferences, session information, and provide a personalized
browsing experience.

12. How can you prevent a Man-In-The-Middle attack?

a type of attack where the hacker places himself in between the
communication of two parties and steal the information
Use secure communication protocols, verify digital certificates, and
avoid public Wi-Fi for sensitive transactions. Implementing strong
encryption also helps
Mohammed Almunajam
13. .What is XSS?
XSS(Cross-Site Scripting) is a cyberattack that enables hackers to
inject malicious client-side scripts into web pages. XSS can be used to
hijack sessions and steal cookies,

14. What is an ARP ?

Address Resolution Protocol (ARP)is a protocol for mapping an Internet
Protocol address (IP address) to a physical machine address that is
recognized in the local network.
ARP poisoning is sending fake addresses to the switch so that it can
associate the fake addresses with the IP address of a genuine
computer on a network and hijack the traffic.

15. What is a Botnet?

A Botnet is a number of devices connected to the internet where each
device has one or more bots running on it. The bots on the devices and
malicious scripts used to hack a victim.

16. What is social engineering? Give an example.

•Social engineering manipulates individuals to disclose confidential
information or perform actions for malicious purposes.
•Example: Pretending to be a trusted colleague and asking for login
credentials over the phone.

17. What is the difference between IDS and IPS?

•IDS (Intrusion Detection System): Monitors network traffic and
generates alerts when suspicious activity is detected.
•IPS (Intrusion Prevention System): Not only detects but also actively
blocks or prevents suspicious network activity. Mohammed Almunajam
18. What is SSL encryption?
SSL (Secure Sockets Layer) encryption is a protocol that ensures
secure data transmission between a user's web browser and a website
server, protecting data during transit.

19. Define the terms Encryption and Decryption.

•Encryption: Converting plaintext data into a coded format to protect it
from unauthorized access.
•Decryption: Converting encrypted data back into its original, readable
form.

20. What is two-factor authentication, and why is it important?

•Two-factor authentication enhances security by necessitating users to
furnish two distinct forms of verification, typically a password and a
temporary code, thereby bolstering protection.
•It's important because even if a password is compromised,
unauthorized access is prevented without the second factor.

21. What is a VPN and why is it used?

•A Virtual Private Network encrypts and secures internet connections,
ensuring privacy and anonymity.
•It protects data from eavesdropping, accesses restricted content, and
enhances public Wi-Fi security.

[Link] is SQL injection.

SQL Injection exploits vulnerabilities in SQL queries to manipulate a
database.

Mohammed Almunajam
[Link] is Cryptography?
Cryptography is the practice and study of techniques for securing
information and communication mainly to protect the data from third
parties that the data is not intended for.

24. What is a Firewall?

It is a security system designed for the network. A firewall is set on
the boundaries of any system or network which monitors and controls
network traffic.

25. What do you mean by data leakage?

Data leakage is an unauthorized transfer of data to the outside world.
Data leakage occurs via email, optical media, laptops, and USB keys.

26. Explain the difference between asymmetric and symmetric

encryption.
Symmetric encryption requires the same key for encryption and
decryption. On the other hand, asymmetric encryption needs different
keys for encryption and decryption.

27. Explain WAF

WAF stands for Web Application Firewall. WAF is used to protect the
application by filtering and monitoring incoming and outgoing traffic
between web application and the internet.

28. What is network sniffing?

Network sniffing is a tool used for analyzing data packets sent over a
network.
Mohammed Almunajam
29. What is a three-way handshake?
A three-way handshake is a method used in a TCP/IP network to
create a connection between a host and a client.

30. What is SSH?

SSH stands for Secure Switch Shell or Secure Shell. It is a utility set
that provides system administrators with a secure way to access data
on the network remotely.

31. What is a zero-day vulnerability?

It refers to a security vulnerability present in software or hardware
that is undisclosed to the vendor and lacks an existing solution. This
loophole can be leveraged by malicious actors before a remedy is
created.

32. How does a rootkit work and how would you detect it?
A rootkit is malicious software that gives attackers unauthorized
access to a computer or network. Detection involves using specialized
anti-rootkit tools and monitoring for suspicious system behavior.

33. What is black box testing and white box testing?

Black box testing: It is a software testing method in which the internal
structure or program code is hidden.
White box testing: A software testing method in which internal
structure or program is known by tester.
Mohammed Almunajam
34. Define the term residual risk. What are three ways to deal with
risk?
It is a threat that balances risk exposure after finding and eliminating
threats.
Three ways to deal with risk are:
Reduce it
Avoid it
Accept it.

35. Define Exfiltration.

Data exfiltration refers to the unauthorized transfer of data from a
computer system. This transmission may be manual and carried out by
anyone having physical access to a computer.

36. What is the difference between HIDS and NIDS?

HIDS(Host IDS) and NIDS(Network IDS) are both Intrusion Detection
System and work for the same purpose i.e., to detect the intrusions.
The only difference is that the HIDS is
set up on a particular host/device. It monitors the traffic of a
particular device and
suspicious system activities. On the other hand, NIDS is set up on a
network. It monitors
traffic of all device of the network.

37. How to make the user authentication process more secure?

In order to authenticate users, they have to provide their identity.
The ID and Key can be used to confirm the user’s identity. This is an
ideal way how the system should authorize the user.
Mohammed Almunajam