11) Explain what is ARP Spoofing or ARP poisoning?
ARP (Address Resolution Protocol) is a form of attack in which an attacker changes MAC ( Media Access Control) address and attacks an internet LAN by changing the target computer’s ARP cache with a forged ARP request and reply packets.
12) How you can avoid or prevent ARP poisoning?
ARP poisoning can be prevented by following methods
Packet Filtering : Packet filters are capable for filtering out and blocking packets with conflicting source address information
Avoid trust relationship : Organization should develop protocol that rely on trust relationship as little as possible
Use ARP spoofing detection software : There are programs that inspects and certifies data before it is transmitted and blocks data that is spoofed
Use cryptographic network protocols : By using secure communications protocols like TLS, SSH, HTTP secure prevents ARP spoofing attack by encrypting data prior to transmission and authenticating data when it is received
13) What is Mac Flooding?
Mac Flooding is a technique where the security of given network switch is compromised. In Mac flooding the hacker or attacker floods the switch with large number of frames, then what a switch can handle. This make switch behaving as a hub and transmits all packets at all the ports. Taking the advantage of this the attacker will try to send his packet inside the network to steal the sensitive information.
14) Explain what is DHCP Rogue Server?
A Rogue DHCP server is DHCP server on a network which is not under the control of administration of network staff. Rogue DHCP Server can be a router or modem. It will offer users IP addresses , default gateway, WINS servers as soon as user’s logged in. Rogue server can sniff into all the traffic sent by client to all other networks.
15) Explain what is Cross-site scripting and what are the types of Cross site scripting?
Cross site scripting is done by using the known vulnerabilities like web based applications, their servers or plug-ins users rely upon. Exploiting one of these by inserting malicious coding into a link which appears to be a trustworthy source. When users click on this link the malicious code will run as a part of the client’s web request and execute on the user’s computer, allowing attacker to steal information.
There are three types of Cross-site scripting
Non-persistent
Persistent
Server side versus DOM based vulnerabilities
16) Explain what is Burp Suite, what are the tools it consist of?
Burp suite is an integrated platform used for attacking web applications. It consists of all the Burp tools required for attacking an application. Burp Suite tool has same approach for attacking web applications like framework for handling HTTP request, upstream proxies, alerting, logging and so on.
The tools that Burp Suite has
Proxy
Spider
Scanner
Intruder
Repeater
Decoder
Comparer
Sequencer
17) Explain what is Pharming and Defacement?
Pharming: In this technique the attacker compromises the DNS ( Domain Name System) servers or on the user computer so that traffic is directed to a malicious site
Defacement: In this technique the attacker replaces the organization website with a different page. It contains the hackers name, images and may even include messages and background music
18) Explain how you can stop your website getting hacked?
By adapting following method you can stop your website from getting hacked
Sanitizing and Validating users parameters: By Sanitizing and Validating user parameters before submitting them to the database can reduce the chances of being attacked by SQL injection
Using Firewall: Firewall can be used to drop traffic from suspicious IP address if attack is a simple DOS
Encrypting the Cookies: Cookie or Session poisoning can be prevented by encrypting the content of the cookies, associating cookies with the client IP address and timing out the cookies after some time
Validating and Verifying user input : This approach is ready to prevent form tempering by verifying and validating the user input before processing it
Validating and Sanitizing headers : This techniques is useful against cross site scripting or XSS, this technique includes validating and sanitizing headers, parameters passed via the URL, form parameters and hidden values to reduce XSS attacks
19) Explain what is Keylogger Trojan?
Keylogger Trojan is malicious software that can monitor your keystroke, logging them to a file and sending them off to remote attackers. When the desired behaviour is observed, it will record the keystroke and captures your login username and password.
20) Explain what is Enumeration?
The process of extracting machine name, user names, network resources, shares and services from a system. Under Intranet environment enumeration techniques are conducted.
Read More Questions:
Ethical Hacking interview questions Part1
Ethical Hacking interview questions Part2
Ethical Hacking interview questions Part3
ARP (Address Resolution Protocol) is a form of attack in which an attacker changes MAC ( Media Access Control) address and attacks an internet LAN by changing the target computer’s ARP cache with a forged ARP request and reply packets.
12) How you can avoid or prevent ARP poisoning?
ARP poisoning can be prevented by following methods
Packet Filtering : Packet filters are capable for filtering out and blocking packets with conflicting source address information
Avoid trust relationship : Organization should develop protocol that rely on trust relationship as little as possible
Use ARP spoofing detection software : There are programs that inspects and certifies data before it is transmitted and blocks data that is spoofed
Use cryptographic network protocols : By using secure communications protocols like TLS, SSH, HTTP secure prevents ARP spoofing attack by encrypting data prior to transmission and authenticating data when it is received
13) What is Mac Flooding?
Mac Flooding is a technique where the security of given network switch is compromised. In Mac flooding the hacker or attacker floods the switch with large number of frames, then what a switch can handle. This make switch behaving as a hub and transmits all packets at all the ports. Taking the advantage of this the attacker will try to send his packet inside the network to steal the sensitive information.
14) Explain what is DHCP Rogue Server?
A Rogue DHCP server is DHCP server on a network which is not under the control of administration of network staff. Rogue DHCP Server can be a router or modem. It will offer users IP addresses , default gateway, WINS servers as soon as user’s logged in. Rogue server can sniff into all the traffic sent by client to all other networks.
15) Explain what is Cross-site scripting and what are the types of Cross site scripting?
Cross site scripting is done by using the known vulnerabilities like web based applications, their servers or plug-ins users rely upon. Exploiting one of these by inserting malicious coding into a link which appears to be a trustworthy source. When users click on this link the malicious code will run as a part of the client’s web request and execute on the user’s computer, allowing attacker to steal information.
There are three types of Cross-site scripting
Non-persistent
Persistent
Server side versus DOM based vulnerabilities
16) Explain what is Burp Suite, what are the tools it consist of?
Burp suite is an integrated platform used for attacking web applications. It consists of all the Burp tools required for attacking an application. Burp Suite tool has same approach for attacking web applications like framework for handling HTTP request, upstream proxies, alerting, logging and so on.
The tools that Burp Suite has
Proxy
Spider
Scanner
Intruder
Repeater
Decoder
Comparer
Sequencer
17) Explain what is Pharming and Defacement?
Pharming: In this technique the attacker compromises the DNS ( Domain Name System) servers or on the user computer so that traffic is directed to a malicious site
Defacement: In this technique the attacker replaces the organization website with a different page. It contains the hackers name, images and may even include messages and background music
18) Explain how you can stop your website getting hacked?
By adapting following method you can stop your website from getting hacked
Sanitizing and Validating users parameters: By Sanitizing and Validating user parameters before submitting them to the database can reduce the chances of being attacked by SQL injection
Using Firewall: Firewall can be used to drop traffic from suspicious IP address if attack is a simple DOS
Encrypting the Cookies: Cookie or Session poisoning can be prevented by encrypting the content of the cookies, associating cookies with the client IP address and timing out the cookies after some time
Validating and Verifying user input : This approach is ready to prevent form tempering by verifying and validating the user input before processing it
Validating and Sanitizing headers : This techniques is useful against cross site scripting or XSS, this technique includes validating and sanitizing headers, parameters passed via the URL, form parameters and hidden values to reduce XSS attacks
19) Explain what is Keylogger Trojan?
Keylogger Trojan is malicious software that can monitor your keystroke, logging them to a file and sending them off to remote attackers. When the desired behaviour is observed, it will record the keystroke and captures your login username and password.
20) Explain what is Enumeration?
The process of extracting machine name, user names, network resources, shares and services from a system. Under Intranet environment enumeration techniques are conducted.
Read More Questions:
Ethical Hacking interview questions Part1
Ethical Hacking interview questions Part2
Ethical Hacking interview questions Part3
No comments:
Post a Comment