Cyber Security Interview Questions

Cybersecurity involves protecting computer systems, networks, and data from unauthorized access, attacks, or damage. It encompasses measures to protect systems against various cyber threats, including hackers, malware, and phishing attacks.

The CIA Triad is a model that represents the three core principles of cybersecurity:

• Confidentiality – Ensuring that information is only accessible to authorized individuals.
• Integrity – Ensuring that data is accurate and unaltered.
• Availability – Ensuring that information and resources are available when needed.

• Virus: A type of malware that attaches itself to a legitimate program and spreads when the program is executed.
• Worm: A self-replicating program that spreads across networks without needing to attach to an existing program.
• Trojan: Malicious software disguised as a legitimate program or file to deceive users.

A firewall is a security device or software that monitors and filters incoming and outgoing network traffic based on predefined security rules, preventing unauthorized access to or from a network.

Malware (malicious software) refers to any program or code that is intentionally harmful to a system, network, or device. Types of malware include viruses, worms, ransomware, and spyware.

Phishing is a cyberattack method where attackers impersonate legitimate organizations to trick individuals into revealing personal information such as passwords, credit card numbers, or login credentials through deceptive emails or websites.

SQL Injection is a code injection technique where malicious SQL statements are used to manipulate a web application's database by inserting them into an input field, allowing unauthorized access to the data.

A DDoS attack involves overwhelming a target server or network with a massive amount of traffic, causing it to crash or become unavailable to legitimate users.

MFA is a security mechanism that requires two or more verification factors (something you know, something you have, and something you are) to authenticate a user's identity, providing an added layer of protection.

Encryption is the process of converting data into an unreadable format using algorithms to ensure that only authorized parties with the decryption key can access the original data.

A VPN creates a secure, encrypted connection over a less secure network (e.g., the internet), allowing users to send and receive data safely, and masking their IP addresses to protect their privacy.

A zero-day vulnerability refers to a security flaw in software that is unknown to the software vendor. Attackers can exploit this vulnerability before the vendor releases a patch or fix, which is why it is called a "zero-day."

Penetration testing (or ethical hacking) is the practice of testing a system, application, or network for vulnerabilities by simulating real-world cyberattacks to identify weaknesses that could be exploited.

IDS is a system that monitors network or system activities for malicious activity or policy violations and generates alerts when suspicious behavior is detected.

IPS is similar to IDS, but it goes a step further by actively blocking potential threats rather than just alerting administrators, preventing unauthorized access and attacks in real-time.

• Symmetric encryption uses the same key for both encryption and decryption.
• Asymmetric encryption uses a public key for encryption and a private key for decryption, ensuring more secure data transmission.

Social engineering is a technique used by cybercriminals to manipulate individuals into revealing confidential information or performing actions that may compromise security, such as clicking on malicious links or sharing passwords.

• Using strong, complex passwords with a combination of letters, numbers, and symbols.
• Avoiding reusing passwords.
• Implementing multi-factor authentication (MFA).
• Regularly updating passwords.
• Using password managers to store passwords securely.

A MITM attack occurs when an attacker secretly intercepts and potentially alters communication between two parties who believe they are directly communicating with each other.

Vulnerability assessment is the process of identifying, quantifying, and prioritizing vulnerabilities in a system or network. It involves scanning for weaknesses, analyzing potential threats, and taking action to mitigate or patch these vulnerabilities.