Ethical Hacking interview

Top 15 Ethical Hacking Interview Questions and Answers For 2021:

by

This article will cover the top 15 Ethical Hacking interview questions to help you crack your next job interview.

The question covered in this article are:

Question - 1: What are the different types of hackers?

They can be divided into three types based on their motivation and the legality of their actions:

  • Black Hat These hackers are responsible for creating malware. They gain unauthorized access to networks or systems, harm their operations, and steal sensitive information.
  • White Hat These hackers are often referred to as ethical hackers. Government agencies or companies often use them to discover vulnerabilities. They don’t intend to harm the system but instead discover the weaknesses in the network/system through penetration testing and vulnerability assessments.
  • Grey Hat These hackers combine both black and white hat hackers. They find vulnerabilities in systems without the owner’s knowledge or permission. They are determined to bring down the system’s weaknesses and demand compensation or incentives from the owner.
  • Hacktivist A person who uses technology to announce political, religious or social messages. Hacktivism is characterized by website defacement and denial-of-service attacks.
  • Script Kiddie: A person who uses automation tools created by others to enter the computer system and has less knowledge about the underlying concept. This is why the term kiddie.
  • Elite Hackers: This is a social message for hackers that describes the best. These hackers will share exploits that have been recently identified.
  • Neophyte These hackers are also known as “green hat hacker” or “newbie hacker,” meaning they have no idea about technology and hacking.
  • Blue Hat If you are not a computer security consulting firm member, you can test a system for bugs before it is launched to discover any weaknesses and fix them.
  • Red hat: They combine both white hat and black hat hackers. These hackers are usually employed by government agencies or top security agencies that have sensitive information.

Question - 2: What are the various stages of hacking? Describe each stage.

Hacking or targeting a machine should be done following the five phases.

  • Reconnaissance: This is the first stage in which the hacker gathers as much information about the target as possible.
  • Scanning This stage involves using the information obtained during the reconnaissance phase to analyze the victim. During the scanning phase, hackers can make use of automated tools such as port scanners and mappers.
  • Gaining Access: This is where the real hacking happens. This is where the hacker attempts to exploit vulnerabilities found during the scanning and reconnaissance phases to gain access.
  • Access Maintenance: Hackers want to protect their access so they can exploit and attack future exploits.
  • Covering Tracks: Hackers can cover up their tracks to hide evidence and avoid detection once they have gained and maintained access to the system. They can continue to use the hacker system without being caught and avoid any legal action.

Question - 3: What is Footprinting? Are you familiar with Footprinting techniques?

Footprinting refers to collecting and uncovering information about a target network before you can gain access to it. To achieve the most information possible about your target network, you must focus on footprinting. This will allow you to plan your strategy and test methods.

These are some examples of footprinting:

Open Source Footprinting: This will allow you to find the contact information for administrators, which you can use to guess passwords in Social Engineering.

Network Enumeration: This section will help you find the target’s domain names and network blocks.

Scanning: This is where you will first discover the network and spy on active IP addresses to identify Internet Control Message Protocol.

Stack Fingerprinting: Stack fingerprinting is a method of mapping hosts and ports by scanning the network. Once you’ve completed scanning, you can perform final footprinting.

Question - 4: How can you avoid or prevent ARP poisoning?

It is possible to avoid ARP poisoning by following these steps.

  • Use packet filtering: You can use packet filters to filter out or block packets that have conflicting information.
  • Avoid trust relationships Organizations must follow procedures strictly and should avoid trusting in relationships.
  • Use ARP spoofing detection software: Some programs and applications can inspect and certify data before being transmitted. This helps to block data that has been spoofed.
  • Use cryptographic network protocol: ARP spoofing attacks are easily avoided using protocols such as SSH, TLS, and HTTPS that ensure data is encrypted before transmission and at reception.

Question - 5: What are the most common types of DoS attacks?

The most common types of DoS attacks are:

Plashing: By sending fake updates to hardware, you can permanently damage the system hardware. This issue can be solved by reinstalling new hardware.

Application Layer Attacks: An application-layer attack is where you exploit programming flaws in an application to launch a DoS attack. You send multiple requests to the target, exhausting its resources and causing it to not serve its valid clients.

TCP-State Exhaustion Attack: You can set up and destroy the TCP connections, and then overwhelm the stable tables. This results in a DoS attack.

Fragmentation Attacks: You can use fragmentation attacks to stop your target’s reassembling abilities. Multiple fragmented packets are sent to your target to make it more difficult to reassemble them. This denies you access to your target’s clients.

Syn Flooding: Syn flooding is where you create multiple zombies and flood the target using multiple SYN packets. The target’s performance will decrease dramatically or shut down if it is overwhelmed with SYN packets.

Volumetric Attacks: You consume all the bandwidth on a network to ensure that your target clients don’t have access to the resources. To do this, flood the network devices (such as switches and hubs) with multiple ICMP echo requests (or reply) packets to consume all bandwidth. By doing this, no other client will be able to connect to the target.

Question - 6: What does Trojan mean, and what are its types?

Trojan malware is a type that hackers and attackers often create to gain access to target systems. Some social media ads lure users into clicking on them and directing them to malicious websites that load and execute Trojans on their computers.

Types of Trojans

  1. Trojan-Downloader It’s a virus that installs malware and downloads it.
  2. Ransomware: This Trojan can encrypt your data on your computer/device.
  3. Trojan-Droppers: These programs are used by cybercriminals for installing malware. Droppers are not considered malicious by most antivirus programs, so they can be used to install viruses.
  4. Trojan-Rootkits: It helps to prevent the detection of malware or malicious activities on your computer.
  5. Trojan-Banker: They steal account information, such as card payments or online banking.
  6. Trojan-Backdoor: This Trojan is the most well-known. It creates a backdoor that allows attackers to gain remote access to the computer using remote access tools (RAT). This Trojan gives you complete control of the computer.

Question - 7: State some benefits and drawbacks of ethical hacking?

Ethical Hacking has many benefits:

  • It helps in the fight against cyber terrorism, national security breaches, and other threats.
  • Allows you to take preventive measures against hackers.
  •  It helps to prevent security breaches.
  • Protects against malicious hackers gaining access.
  • Provides security for banks and financial institutions
  • It helps to find and close any security gaps in a computer network or system.

Here are the drawbacks of ethical hacking:

  • An ethical hacker may steal sensitive information from your computer system.
  • May use the data gained for malicious intent.
  • The cost of hiring ethical hackers could increase the expenses for a company.
  • An ethical hacker might gain sensitive information from your computer system and sell it.

Question - 8: What is an IP address and MAC address, and what is the difference between them?

IP address: Every device is given an IP address so it can be found on the network. An IP address is akin to a postal address. Anyone who has your address can send you mail.

MAC address: A MAC address, also known as Machine Access Control address, refers to a unique serial number assigned to each device’s network interface.

The main difference between MAC address and IP address lies in the fact that a MAC address uniquely identifies the device that is interested in joining a network.

An IP address, on the other hand, is a unique way to identify a connection between a network and an interface of a device.

Question - 9: What is Phishing?

Phishing refers to a type of cybercrime where a target is reached by email, phone, or text message from someone pretending to be a legitimate institution to get sensitive data, such as bank and credit card details and passwords.
This information can then be used to gain access to important accounts, leading to identity theft or financial loss.

To make their phishing attempts seem more legitimate, a cybercriminal may resort to spoofing. To make it seem more plausible, an attacker could spoof a phone number or email address. These attempts are more likely to succeed because the victim believes that the communication is credible.

Question - 10: What is Spoofing, and explain the different types of Spoofing?

Spoofing refers to a type of attack in which an untrustworthy or unknown method of communication is disguised to appear as legitimate information. Spoofing is a way to persuade users to reveal their personal information.

There are many types of spoofing that you should be aware of:

Email Spoofing: Email spoofing is when an email sender falsifies the ‘from’ address to make it appear legitimate. Phishing and business email compromise often incorporate email spoofing. These attacks are designed to steal your data, infect your device, and request money.

Website Spoofing: Although they may appear to be trusted sites, cybercriminals could create fake websites to steal your personal information. One example is a site pretending to be a bank site but asking for your login information. Then it will use that information to steal funds from your real account.

Website spoofing can often be linked to email spoofing. The email will link to the spoof website.

Caller ID fraud: This is a form of spoofing in which the phone number is made to appear like a local or trusted number. The hope is that you will answer the call and reveal more personal information. Robocalls are unwanted calls that come from unknown numbers every day and often include ID spoofing.

The FCC is constantly proposing and implementing policies to combat robocalls.

IP Spoofing: Cybercriminals use this form of spoofing to hide IP addresses. Hackers can use IP spoofing to pretend to be another computer system or conceal the sender’s true identity.

IP spoofing can be used to disguise the source of malicious traffic in distributed denial-of-service (DDoS).

DNS Server Spoofing: This type of attack is when attackers redirect traffic to another IP address. This often leads to sites that are designed to spread malware.

Question - 11: How to protect yourself from a Phishing and Spoofing attack?

You can protect yourself from phishing by following these steps:

  • Never click on links in an email first. Instead, hover over the link to verify their destination.
  • Scam emails with sensational subject lines like “Must Act Now” and unprofessional misspellings in the message body should be deleted.
  • Only expected attachments received from trustworthy sources should be opened.
  • If in doubt, contact the sender by phone to confirm that they sent the email.

You can protect yourself from spoofing by following these steps:

  • Check for spelling mistakes in emails, URLs, and webpages.
  • Be aware of grammatical errors.
  • Attention to sentence structure and odd sentence phrasing.

These could all indicate that the website, email, phone, or other communication forms are being spoofed.

You can take additional precautions and protect yourself against phishing. This means that you should be cautious about any communication coming from unknown senders, especially if they ask for personal information. If you don’t recognize the sender or something seems strange, you can delete the message and close your browser. You may also call the sender to verify the legitimacy of the email.

Cybercriminals are adapting their methods to incorporate spoofing in their schemes as technology improves.

Question - 12: What is the difference between Virus, Worm, and Trojan?

Virus: Computer viruses attach themselves to files or programs so they can spread to other computers, causing infections. Computer viruses are similar to human viruses. Some viruses cause mild problems, while others can inflict severe damage to your computer’s hardware, software, and files.

Nearly all viruses attach to executable files. This means that the virus can exist on your computer but cannot infect it unless you open or run the malicious program.  Unknowingly, people spread computer viruses by sharing infected files and sending emails with viruses attached.

Worm: By its design, a worm is similar in appearance to viruses and is classified as a sub-class. Although worms can spread from one computer to another, unlike viruses, they can travel without the assistance of a person. A worm exploits the file and information transport features of your computer, which allows it unassisted travel. A worm’s ability to duplicate itself on your system is the greatest danger. Instead of sending one worm out, your computer could send hundreds, or even thousands, of it, causing a devastating effect. A worm could send copies of itself to every person in your email address book. The worm then replicates itself and sends it out to each receiver’s address. And so on.

Because worms can copy and travel across networks, the end result is that the worm uses too much system memory or network bandwidth. This causes Web servers, network servers, and individual computers to cease responding. The worm can also be used to control your computer via a tunnel remotely.

Trojan: Trojan horses are not viruses. Trojan horses are a destructive program, but they look like a legitimate application. Trojan horses are not able to replicate themselves like viruses, but they can still be catastrophic. Trojan horses also allow hackers to gain backdoor access to your computer, allowing malicious programs and full control of your system. This can lead to the theft of confidential or personal information.

Question - 13: What is a MAC flooding attack, and how to protect yourself against it?

MAC flooding is a cyber attack that compromises the security of network switches. The fake MAC addresses flood the network. The hacker uses this attack to steal sensitive data being transferred over the network. This attack can be used to force the legitimate MAC table contents out from the switch and force unicast flooding behavior to potentially send sensitive information to unintended areas of the network.

  1. This attack involves the hacker first connecting to the switch ports and flooding its interface with fake MAC addresses.
  2. Once the MAC address list is full, the network switch enters fail-open mode. It behaves like a hub and broadcasts all packets to all switch ports.
  3. Finally, the hacker uses a packet analyzer to capture these packets to steal sensitive information.

These are some tips to help you stay safe in the face of this attack:

  • Authentication, Authorization, and Account Servers (AAA). As a preventive measure, it can be used to authenticate against MAC addresses.
  • You can configure the switches to limit how many MAC addresses can be connected to the ports.

Question - 14: What is Cross-site Scripting and how to protect yourself?

Cross-site scripting (XSS) is a code injection security attack targeting web applications that deliver malicious, client-side scripts to a user’s web browser for execution. Cross-site scripting attacks are not directed at targets, but vulnerable websites and web apps are used to execute cross-site scripting attacks on users who interact with them.

For example, an unwitting user might visit a compromised site. At that point, the attacker’s malicious code is loaded onto the browser and executed. This could lead to session hijacking and theft of sensitive data. JavaScript is a popular choice among XSS attack authors due to its widespread support across multiple web browsers and platforms. However, an attack can still be crafted using any language supported by browsers.

How to stop Cross-site scripting attacks?

Organizations need to be able to prevent and protect themselves from cross-site scripting attacks. Because websites are getting more complex, it is becoming harder to monitor them. As time passes, the frequency of attacks will only increase.

These suggestions will help you protect your users from XSS attacks.

User input should be cleaned up.

  • Validate to detect potentially malicious input from users.
  • Always make sure to encode output to prevent malicious user-provided information from being used to trigger automatic load-and execute behavior by a web browser.

Limit the use of user-provided information.

  • Use only where it is absolutely necessary.

Question - 15: What is SQL Injection, and how to prevent it?

SQL injection (SQLi) is a technique to inject malicious code into SQL statements.

These injections allow malicious users to bypass security controls and gain unauthorized access to customer records and personal information. Attackers can use this technique to find the credentials of administrators and gain full control over the affected websites, applications, or database servers.

SQL injection attacks can be severe and affect any application that has access to a SQL database.

SQL injections are usually performed through web page input or application input. These input forms can be found in search boxes, form fields, and URL parameters.

Bad actors must identify weaknesses in a website or application to perform an SQL injection attack. Once they have identified a target, attackers create malicious payloads that send malicious content to execute malicious commands.

Bad actors might use an automated program to execute an SQLi for them. All they have to do is provide the URL of the target site to steal data from the victim.

Steps to prevent SQL injection attack:

  1. All web application software components, including libraries, plugs, frameworks, and web server software, must be up-to-date with vendors’ most recent security patches.
  2. Utilize the principle of least privilege when provisioning accounts used to connect to the SQL database. If a website only needs to retrieve web pages from a database using SELECT, don’t give other privileges like INSERT, UPDATE or DELETE to its database connection credentials. These privileges can often be managed with appropriate account roles. Your web application should never be allowed to connect to the Microsoft SQL Server database with Administrator privileges.
  3. Never use shared databases accounts between websites and applications.
  4. Validate input from users for expected data types. This includes input fields such as radio buttons or drop-down menus.
  5. Make sure that the error reporting and handling is done correctly on the webserver. Attackers can use technical details in the verbose error messages to modify their queries for a successful exploit.

Conclusion

Cybersecurity is a rapidly changing field. You need to stay on top of the latest developments in cybersecurity to protect your system and network from sophisticated and sneaky cyber threats. Hackers operate in a variety of ways. They can work alone, with others, or with the help of a government. To be vigilant against malicious cyber actors and their unending cyberattacks, keep your reactive and proactive security up to date.

These 15 questions and answers will help to brush up on your knowledge, before you go for an interview

Interested in kickstarting your career in Cybersecurity no matter your educational background or experience? Click Here to find out.

error

Care to Share? Please spread the word :)