Ques 1
What is the CIA triad in information security?
CIA stands for Confidentiality, Integrity, and Availability. It is a model designed to guide policies for information security within an organization.
Ques 2
Explain the concept of zero-day vulnerability.
A zero-day vulnerability is a security flaw in software or hardware that is unknown to the vendor. It is called 'zero-day' because developers have zero days to fix the issue before it is exploited.
Ques 3
What is the difference between symmetric and asymmetric encryption?
Symmetric encryption uses the same key for both encryption and decryption, while asymmetric encryption uses a pair of public and private keys.
Ques 4
What is a firewall and how does it work?
A firewall is a network security device that monitors and controls incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between a trusted internal network and untrusted external networks.
Ques 5
Define penetration testing.
Penetration testing, or ethical hacking, is a simulated cyber attack on a computer system, network, or application to discover security vulnerabilities. It helps identify weaknesses that malicious attackers could exploit.
Ques 6
What is multi-factor authentication (MFA)?
Multi-factor authentication is a security system that requires more than one method of authentication from independent categories of authentication to verify the user's identity.
Ques 7
Explain the concept of a honeypot.
A honeypot is a security mechanism set to detect, deflect, or counteract attempts at unauthorized use of information systems. It lures attackers away from critical systems while providing insights into their methods.
Ques 8
What is the principle of least privilege?
The principle of least privilege is the practice of limiting access rights for users, accounts, and processes to the minimum necessary to perform their job functions.
Ques 9
What is a DDoS attack?
A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.
Ques 10
Explain the concept of encryption in transit and encryption at rest.
Encryption in transit protects data as it is transferred between systems, while encryption at rest protects data when it is stored on media such as hard drives or in databases.
Ques 11
What is a Man-in-the-Middle (MitM) attack?
A Man-in-the-Middle attack occurs when an attacker intercepts and potentially alters the communication between two parties without their knowledge.
Ques 12
What is the purpose of a Security Information and Event Management (SIEM) system?
SIEM systems collect and analyze log data from various systems across an organization to detect and respond to security incidents.
Ques 13
What is the difference between a virus and a worm?
A virus requires user interaction to spread, usually by executing an infected program, while a worm is a self-replicating malware that spreads without user interaction.
Ques 14
Define social engineering.
Social engineering is a tactic used by attackers to manipulate individuals into divulging confidential information, such as passwords or financial information.
Ques 15
What is the concept of least common mechanism in security design?
The least common mechanism principle states that security mechanisms should not be shared by multiple users, to minimize the potential impact of a security breach.
Ques 16
What is a VPN and how does it enhance security?
A Virtual Private Network (VPN) is a technology that creates a secure and encrypted connection over an unsecured network, such as the internet. It enhances security by ensuring that data transmitted between two parties is encrypted and secure.
Ques 17
What is the difference between white-box testing and black-box testing?
White-box testing involves testing with knowledge of the internal workings of the system, while black-box testing focuses on testing without knowledge of the internal code or logic.
Ques 18
Explain the concept of a security token.
A security token is a physical device or software application used to generate secure and one-time passcodes for authentication purposes.
Ques 19
What is a honeynet and how does it differ from a honeypot?
A honeynet is a network set up with the intention of luring attackers and studying their behavior. It differs from a honeypot in that it is an entire network, not just a single system.
Ques 20
Define biometric authentication.
Biometric authentication uses unique physical or behavioral characteristics, such as fingerprints or facial recognition, to verify a person's identity.
Ques 21
What is the concept of a security perimeter?
A security perimeter is the boundary that separates an organization's internal network from the external environment. It is defined by security devices such as firewalls and intrusion detection systems.
Ques 22
Explain the term 'malware' and provide examples.
Malware, short for malicious software, is software designed to harm or exploit systems. Examples include viruses, worms, Trojans, ransomware, and spyware.
Ques 23
What is the principle of defense in depth?
Defense in depth is a security strategy that employs multiple layers of security controls to protect the integrity and confidentiality of information.
Ques 24
What is the concept of a security patch?
A security patch is a software update designed to fix security vulnerabilities in a system or application. It helps protect against potential exploitation by attackers.
Ques 25
Explain the role of an Intrusion Detection System (IDS).
An Intrusion Detection System (IDS) monitors network or system activities for malicious activities or policy violations. It can generate alerts or take preventive actions.
Ques 26
What is the concept of two-factor authentication (2FA)?
Two-factor authentication requires users to provide two separate authentication factors, typically something they know (password) and something they have (security token or mobile device).
Ques 27
Define the term 'phishing' and explain how to prevent it.
Phishing is a social engineering attack where attackers trick individuals into providing sensitive information. Prevention measures include user education, email filtering, and implementing anti-phishing technologies.
Ques 28
What is the concept of a security policy?
A security policy is a set of rules and practices established to regulate and secure an organization's information systems. It defines the organization's approach to security.
Ques 29
Explain the term 'sandboxing' in the context of security.
Sandboxing is an isolated environment where untrusted code can be executed without affecting the rest of the system. It is often used for testing and analyzing potentially malicious software.
Ques 30
What is the concept of a Security Operations Center (SOC)?
A Security Operations Center (SOC) is a centralized unit responsible for monitoring and managing an organization's security posture. It includes people, processes, and technology to detect and respond to security incidents.
Ques 31
Explain the concept of a security incident response plan.
A security incident response plan outlines the steps an organization should take in the event of a security incident. It helps minimize damage, reduce recovery time, and improve overall security posture.
Ques 32
What is the difference between symmetric and asymmetric encryption algorithms?
Symmetric algorithms use a single key for both encryption and decryption, while asymmetric algorithms use a pair of public and private keys. Asymmetric encryption is more secure but computationally expensive.
Ques 33
Define the term 'Cross-Site Scripting (XSS).'
Cross-Site Scripting is a web application vulnerability where attackers inject malicious scripts into web pages that are viewed by other users. It can lead to theft of sensitive information.
Ques 34
What is the concept of a digital signature?
A digital signature is a cryptographic technique used to verify the authenticity and integrity of a message or document. It involves using a private key to sign and a public key to verify.
Ques 35
Explain the term 'Cross-Site Request Forgery (CSRF).'
Cross-Site Request Forgery is an attack where an attacker tricks a user into performing an action on a website without their knowledge. It can result in unauthorized actions being taken on the user's behalf.
Ques 36
Define the concept of a security token in the context of authentication.
A security token is a physical or virtual device that generates one-time passcodes used for authentication. It adds an extra layer of security beyond just a password.
Ques 37
What is the role of a Security Information and Event Management (SIEM) system in threat detection?
SIEM systems collect, analyze, and correlate log data from various sources to identify patterns and anomalies that could indicate security threats or incidents.
Ques 38
Explain the concept of a Virtual Private Network (VPN) tunnel.
A VPN tunnel is a secure, encrypted connection between two devices or networks over an untrusted network, such as the internet. It ensures confidentiality and integrity of data during transmission.
Ques 39
What is the OWASP Top Ten and why is it important for web application security?
The OWASP Top Ten is a list of the most critical web application security risks. It is important for developers and security professionals to be aware of these risks and take preventive measures.
Ques 40
Define the term 'SQL Injection' and explain how it can be prevented.
SQL Injection is a type of attack where an attacker injects malicious SQL code into input fields to manipulate a database. Prevention measures include using parameterized queries and input validation.
Ques 41
What is the concept of 'security through obscurity'?
Security through obscurity is the practice of relying on secrecy and hiding the inner workings of a system as the main method of providing security. It is not considered a best practice.
Ques 42
Explain the principle of 'separation of duties' in the context of access control.
Separation of duties is the practice of dividing tasks and responsibilities among different individuals or systems to prevent a single point of failure or abuse of power.
Ques 43
What is the concept of a 'security baseline'?
A security baseline is a set of security controls and configurations that an organization considers the minimum necessary to secure its systems and networks.
Ques 44
What is the role of a Security Policy in an organization?
A Security Policy is a set of rules and guidelines that define how an organization will protect its information assets and manage security. It provides a framework for decision-making and actions.
Ques 45
Explain the concept of 'security awareness training.'
Security awareness training is the process of educating employees or users about security threats, best practices, and the importance of following security policies. It helps reduce the risk of human error.
