Cyber Security Interview Questions Part-3

 

Precontext: This is the part 3 of the series of cyber security interview questions. If you haven’t read the first part go here –

Part-1 https://shifacyclewala.medium.com/cyber-security-interview-questions-part-1-ae00b96c5610

Part-2 https://shifacyclewala.medium.com/cyber-security-interview-questions-part-2-13fbb38b9b46

 

 

              1.What is SPF, DMARC DKIM?

These are basically the DNS Records which are added in the domain name which are responsible for email security. All these records is added in TXT Record in the DNS setting

SPF: Sender Policy Framework (SPF is an email authentication protocol that allows the receiving mail server to check if the sender mail server is authorized to send emails).It has a soft fail and hard fail ~ or -. There should be hard fail to validate that email, in such case spoofing is not possible.

D-MARC: Domain Message Authentication Reporting & Conformance.(DMARC is an email validation protocol built on 2 globally accepted authentication protocols)
Dmarc has 3 policies — reject, quarantine, none

D-KIM: Domain Key Identified Mail : (DKIM is a public and private crypto based authentication protocol designed to ensure that messages aren’t altered in transit between the sender & receiver mail server)

              2. What is nmap?

Nmap is an awesome tool,

It is a network mapping utility, this is used to scan ports and gather information about services running on that port.

Note : If asked more details like Can explain how to scan any target?

nmap -A -sV -Pn -p- -oN example.com

Nmap -A (Aggressive)

Nmap -sV (Service Version Detection)

Nmap -Pn (Ping Probe bypass)

Nmap -p- (ports all)

Nmap -oN (OP Normal)

               3. Approach to test mobile or mobile pentesting

We can do static and dynamic analysis of the apk.

As we now that all the apk are generally a zip file, we can extract them in a folder and then check the manifest files and other files. We can use MobSF and other tools for it.

In case of dynamic testing :We can also do dynamic testing by ssl pinning bypass using frida, objection, magisk framework and capture the requests and response using burp suite.

We can also configure a mobile app in emulator or mobile phone, then add the IP Address of our machine in the wifi manual settings and port number, and configure the same in burp and capture the traffic in burp suite.

We can also install Xposed Installer in the phone and also install ssl pinning bypass apks.

                 4. TCP vs UDP

TCP : Transmission Control Protocol
It is a Connection Oriented protocol
Acknowledgement is received
Reliable for Netbanking Websites

UDP : User Datagram Protocol
It is a Connection less protocol
Acknowledgment is not received
Fast Data Transmission like Video Broadcasting

               5. Explain OSI Model (Interviewer may also ask about each layer in detail)

               Layer : Protocol (Data Flow)

Application Layer : HTTP, SMTP FTP (Data)
Presentation Layer : SSL, TLS (Data)
Session Layer : NetBios, PPTP (Data)
Transport Layer : TCP, UDP (Segment)
Network Layer : IP (Packet)
Data Link Layer : Bridge, Switch, Ethernet(Frames)
Physical Layer :Coax, Fiber, Wireless (Bit)

              6. What is LFI ?

Local File Inclusion Attack, We can read and execute local files from the system by this attack.

For Eg: reading a etc/passwd file using dot dot slash payload .

               7. What is Reverse shell , Bind shell.

Reverse shell is a type of shell originating from the “target host back” to the attacker’s system, which is in a listening state to catch up the shell.

whereas, A bind shell is set up on the “target host” , which binds to a specific port to listen for any incoming connection from the attacker’s system.

               8. How sql vulnerability works.

SQL vulnerability arises when any attacker tries to break the backend sql query and insert malicious query within the original query to get more detailed information according to the query that has been inserted.

An attacker can also perform CRUD(Create, Read, Update, Delete) operations and can also get shell of the database/system.

               9. What is VA/PT?

VA : Vulnerability Assessment:

VA is a process of finding vulnerabilities through assessments , scanning.

Also,We can define, detect, and prioritise the vulnerabilities in computer systems, network infrastructure, applications, etc., and give the organisation with required information to fix the flaws.

PT : Penetration testing is done after VA,

In PT we generally exploit the identified vulnerabilities that we found in the VA Step.

We try to see what can be the maximum impact of exploiting the bug.

               10. Explain Vulnerability,Threat, Risk

Vulnerability — Vulnerability is Weaknesses , gaps , flaws or loopholes in a security program.

Threat : Anything that can exploit a vulnerability, intentionally or accidentally, and obtain data, damage assets, or destroy any asset is called Threat

Risk — The potential for loss, destruction or damage of any asset as a result of a threat exploiting a vulnerability is called Risk

Note: This is the third part of the article and there will be more upcoming parts with more questions.

🧑🏻‍🏫 💥Stay Tuned and follow us for more:💥🧑🏻‍🏫

🧑🏻‍💻 Cyber Security School : https://learn.hacktify.in
🔗 Udemy: https://www.udemy.com/user/rohit-gautam-38/
🧑🏻‍🏫 Join our Live Trainings: https://hacktify.in/#live_training-slider
🔐Github: https://github.com/shifa123
📌 Youtube :
https://www.youtube.com/channel/UCS82DNnKOhXHcGKxGzQvNSQ
💬 Linkedin: https://www.linkedin.com/company/hacktifycs