==
» » » » » » What is an Exploit?

What is an Exploit?

, , , ,
What is an Exploit?
The security functionality triangle
The attacker's process
Passive reconnaissance
Active reconnaissance
Types of attacks
Categories of exploits

Footprinting
What is Footprinting
Steps for gathering information

Enumeration
What is Enumeration
NetBios Null Sessions
Null Session Countermeasures
NetBIOS Enumeration


System Hacking
Administrator Password Guessing
Performing Automated Password Guessing

Trojans and Backdoors
What is a Trojan Horse?


Sniffers
What is a Sniffer?
Passive Sniffing
Active Sniffing
Hacking Tool: EtherFlood
How ARP Works?

Denial of Service
What is Denial of Service Attack?
Types of DoS Attacks
How DoS Work?
What is DDoS?


Social Engineering
What is Social Engineering?
Art of Manipulation

Session Hijacking
What is Session Hijacking?
Session Hijacking Steps

Hacking Web Servers
Apache Vulnerability
Attacks against IIS

Web Application Vulnerabilities
Documenting the Application Structure
Manually Inspecting Applications


Web Based Password Cracking Techniques
Basic Authentication
Message Digest Authentication


SQL Injection
What is SQL Injection Vulnerability?
SQL Insertion Discovery

Hacking Wireless Networks
802.11 Standards

Virus and Worms

Novell Hacking
Common accounts and passwords
Accessing password files


Linux Hacking
Why Linux ?
Linux Basics


IDS, Firewalls and Honeypots
Intrusion Detection System
System Integrity Verifiers
How are Intrusions Detected?

What is a Buffer Overflow?

Cryptography
What is PKI?
Digital Certificates

1) Explain what is the role of information security analyst?

From small to large companies role of information security analyst includes

Implementing security measures to protect computer systems, data and networks
Keep himself up-to-date with on the latest intelligence which includes hackers techniques as well
Preventing data loss and service interruptions
Testing of data processing system and performing risk assessments
Installing various security software like firewalls, data encryption and other security measures
Recommending security enhancements and purchases
Planning, testing and implementing network disaster plans
Staff training on information and network security procedures
2) Mention what is data leakage? What are the factors that can cause data leakage?

The separation or departing of IP from its intended place of storage is known as data leakage.  The factors that are responsible for data leakage can be

Copy of the IP to a less secure system or their personal computer
Human error
Technology mishaps
System misconfiguration
A system breach from a hacker
A home-grown application developed to interface to the public
Inadequate security control for shared documents or drives
Corrupt hard-drive
Back up are stored in an insecure place
3) List out the steps to successful data loss prevention controls?

Create an information risk profile
Create an impact severity and response chart
Based on severity and channel determine incident response
Create an incident workflow diagram
Assign roles and responsibilities to the technical administrator, incident analyst, auditor and forensic investigator
Develop the technical framework
Expand the coverage of DLP controls
Append the DLP controls into the rest of the organization
Monitor the results of risk reduction
4) Explain what is the 80/20 rule of networking?

80/20 is a thumb rule used for describing IP networks, in which 80% of all traffic should remain local while 20% is routed towards a remote network.

5) Mention what are personal traits you should consider protecting data?

Install anti-virus on your system
Ensure that your operating system receives an automatic update
By downloading latest security updates and cover vulnerabilities
Share the password only to the staff to do their job
Encrypt any personal data held electronically that would cause damage if it were stolen or lost
On a regular interval take back-ups of the information on your computer and store them in a separate place
Before disposing off old computers, remove or save all personal information to a secure drive
Install anti-spyware tool
SecurityAnalyst1

6) Mention what is WEP cracking? What are the types of WEP cracking?

WEP cracking is the method of exploiting security vulnerabilities in wireless networks and gaining unauthorized access.  There are basically two types of cracks


Active cracking: Until the WEP security has been cracked this type of cracking has no effect on the network traffic.
Passive cracking: It is easy to detect compared to passive cracking. This type of attack has increased load effect on the network traffic.
7) List out various WEP cracking tools?

Various tools used for WEP cracking are

Aircrack
WEPCrack
Kismet
WebDecrypt
8) Explain what is phishing? How it can be prevented?

Phishing is a technique that deceit people to obtain data from users.  The social engineer tries to impersonate genuine website webpage like yahoo or face-book and will ask the user to enter their password and account ID.

It can be prevented by

Having a guard against spam
Communicating personal information through secure websites only
Download files or attachments in emails from unknown senders
Never e-mail financial information
Beware of links in e-mails that ask for personal information
Ignore entering personal information in a pop-up screen
9) Mention what are web server vulnerabilities?

The common weakness or vulnerabilities that the web server can take an advantage of are

Default settings
Misconfiguration
Bugs in operating system and web servers
10) List out the techniques used to prevent web server attacks?

Patch Management
Secure installation and configuration of the O.S
Safe installation and configuration of the web server software
Scanning system vulnerability
Anti-virus and firewalls
Remote administration disabling
Removing of unused and default account
Changing of default ports and settings to customs port and settings
11) For security analyst what are the useful certification?

Useful certification for security analyst are

Security Essentials (GSEC): It declares that candidate is expert in handling basic security issues- it is the basic certification in security
Certified Security Leadership: It declares the certification of management abilities and the skills that is required to lead the security team
Certified Forensic Analyst: It certifies the ability of an individual to conduct formal incident investigation and manage advanced incident handling scenarios including external and internal data breach intrusions
Certified Firewall Analyst: It declares that the individual has proficiency in skills and abilities to design, monitor and configure routers, firewalls and perimeter defense systems
12) How can an institute or a company can safeguard himself from SQL injection?

An organization can rely on following methods to guard themselves against SQL injection

Sanitize user input: User input should be never trusted it must be sanitized before it is used
Stored procedures: These can encapsulate the SQL statements and treat all input as parameters
Regular expressions: Detecting and dumping harmful code before executing SQL statements
Database connection user access rights: Only necessary and limited access right should be given to accounts used to connect to the database
Error messages: Error message should not be specific telling where exactly the error occurred it should be more generalized.

101 IT Security Interview Questions
        posted by John Spacey, January 11, 2013

The following IT security interview questions are at the architectural level. They may be of use for interviewing:

Security Architects
Security Specialists (e.g. Network Security Administrators)
IT Executives
Enterprise Architects
IT Managers

Solution Architects 
Admin

Pro Teknologi dibuat pada 22 Februari 2017. Blog ini adalah harapan saya agar dapat membagi manfaat kepada orang lain,berupa tips-tips Seputar Blog,Internet,Komputer,dan Info-Info Menarik lainnya.

0 Response to "What is an Exploit?"

Post a Comment

Subscribe to: Post Comments (Atom)