Interview Questions: Cyber Security Graded A+ 2024

Interview Questions: Cyber Security Graded A+ 2024 What port does ping work over? It doesn't. Ping is ICMP, which is layer 3. Ports are not used until layer 4 which handles UDP and TCP. What OSI layer does a router work at? The Network Layer, which is the layer that handles switching, routing, and addressing. Describe Layer 1 of the OSI model Physical Layer Description: Holds the bit streams and electronic impulses over cables, air, or other medium that transmits bit stream signals. Protocols: ATM Examples: Ethernet Describe Layer 2 of the OSI model Data Link Layer Description: Responsible for encoding and decoding data packets into bits. This involves defining packet frames and the structure of the bits streaming across the physical layer. Protocols: Ethernet Frame Relay, IEEE 802.5, PPP Levels: 1) MAC - Media Access Control interfaces with the network medium and gives a unique address to the hardware on the network 2) LLC - Logical Link Control handles flow rate, synchronization of packets, and error checking Examples: Describe Layer 3 of the OSI model Network Layer Description: provides addressing, switching, routing, internetworking, error handling and data flow control. Examples: Protocols: ICMP, ARP, IPv4, IPv6, IPSec, BGP, OSPF Describe Layer 4 of the OSI model Transport Layer Description: transfers data from end to end, ie. one host over a network or the internet to another host. Examples: Protocols: UDP, TCP Describe Layer 5 of the OSI model Session Layer Description: establishes, manages, and terminates conversations between applications at each end. Protocols: SMB, NSF, RPC, SQL Describe Layer 6 of the OSI model Presentation Layer aka Syntax Layer Description: provides conversion between lower layer information and the application so the application can understand. Handles compatibility issues. Examples: TLS, MP3, ASCII, TIFF, JPG Describe Layer 7 of the OSI mode Application Layer Description: provides services used by applications running on the host. Examples: HTTP, FTP, Telnet, SNMP, DNS Do you prefer filtered ports or closed ports on your firewall? Filtered: sends back a response that traffic is blocked, gives away firewall presence Closed: causes timeout, not response Obscurity increases the attackers work by a bit. They suspect but do not know for sure that a firewall is present. Attacker can attempt again or attempt other types of traffic. This may increase chances of detecting 'scanning'. How would you create a secure login field on a high traffic website where performance matters? The login must be on an https paging using SSL. With HTTP, the attacker could gain man-in-middle, and redirect the form information to a new site or embed a script in the page that captures the login information and directs it to the attacker. It is also secure to use Facebook and Twitter APIs, good if you dont want to buy and host your own SSL certificate and service. What is HTTPs? Is it more secure than HTTP? HTTPs is a secure version of the HTTP web protocol that uses SSL or TLS and PKI to encrypt data in transit. The server responds with various SSL/TLS options. THe client issues a response encrypted with the servers public key so that the server can decrypt with its private. HTTPs/SSL/TLS runs on port 443. HTTP usually goes over port 80. What are some common HTTP attacks? URL interpretation attacks SQL injection attacks Input Validation attacks Impersonation attacks Buffer overflow attacks Session Hijacking Cross-Site Scripting Explain how an HTTPs sessions is established. An SSL sessions uses PKI, public key infrastructure, to exchange information needed to encrypt data for transit and restrict decryption to host at each end. With SSL, each end, the host and the webserver must have an SSL certificate containing their public key. The server and the client requesting exchange public keys which are used to encrypt the data. Upon receiving the publi key encrypted message the recipient decrypts the message using their private key which only they have. What is a semantic URL attack? Category: Web traffic Protocol: HTTP Description: the attacker manipulates the parameters in the URL to achieve a desired result. Example: a reset password site includes the username and email where the reset password should be sent in the URL string parameters. The attacker simply enters his own email and a victim's user name. The attacker receives the reset password email. Countermeasures: Use session variables. This would require the attacker to have an established session tied to a victims username and include it in the attack string. What is a URL misinterpretation attack? URL Redirection attack? URL file inclusion attack? URL misinterpretation: the attacker sends a URL that takes advantage of the way the web server parses the URL. For example, the webserver may expect a certain Unicode characterization. The attacker sends a URL that the web services Unicode decorder translates into something malicious, perhaps even a malicious java command that gets passed to the server code/server application. URL redirection: includes a bad site to go to in the URL _web_ bad~&ERROR=Path+'OPTIONS'+is+forbidden. _web_ bad~ URL file inclusion: knowing the directory structure, request a resource that not visible from regular