Quick Contact


    Ethical Hacking Interview Questions and Answers

    Q1) Explain about Ethical Hacking?

    Ethical Hacking is when the individual is allowed to hacks the systems with the permission to the merchandise owner to search out of weakness in an exceedingly system and the later fix them.

    Q2)What is IP address and Mac address?
    IP address:

    To every device to an IP address is assigned, so that device can be located to the network.

    MAC (Machine Access Control) address:

    A MAC address is the unique serial number assigned to the every network interface on every device.

    Q3) List out some of common tools used by Ethical hackers?

    Following are the tools used by ethical hackers:-

    • MetaSploit
    • WireShark
    • NMAP
    • John The Ripper
    • Maltego
    Q4) What are the types of the ethical hackers?

    There are three types of ethical hackers:

    • Grey Box hackers.
    • Black Box penetration Testers.
    • White BoxpenetrationTesters.
    Q5)What is the footprinting in ethical hacking? What is techniques used for the footprinting?

    Footprinting refers to accumulating and uncovering as much as information about the target network before gaining to access into any network. Then approach adopted by hackers before hacking

    • Open Source Footprinting:

      It will be look for the contact information of administrators that will be used in the guessing password in Social engineering

    • Network Enumeration:

      The hacker tries to identify the domain names and network blocks of target network

    • Scanning:

      Once the network is known, the second step is to spy of active IP addresses on for identifying the active IP addresses (ICMP) Internet Control Message Protocol is an active IP addresses.

    • Stack Fingerprinting:

      Once of hosts and port have been mapped by the scanning to network, the final foot printing step can be performed. This is called Stack fingerprinting.

    Q6) Explain what is Brute Force Hack?

    Brute force hack is a technique for the hacking password and get access to the system and network resources, it takes much time, it needs toa hacker to learn about the JavaScripts. For this purpose, one can use of tool name is “Hydra”.

    Q7) Explain what is the DOS (Denial of service) attack?

    Denial of Service, is amalicious attack on network that is done by flooding the network with useless to traffic. Although, DOS does not cause any theft of the information or security breach, it can cost the website owner is great deal of money and time.

    Q8) What are the common forms of the DOS attack?

    Following are the common forms of DOS attack:-

    • Buffer Overflow Attacks
    • SYN Attacks
    • Teardrop Attacks
    • Smurf Attacks
    • Viruses
    Q9) Explain what is the SQL injection?

    SQL is one of the technique used to steal data from the organizations, it is a fault to create in the application code. SQL injection happens to when you inject the content into an SQL query string and the result mode of content into a SQL query string, and the result modifies the syntax of your query in the ways you did not intend.

    Q10) What are the types of computer based on social engineering attacks?

    Computer based social engineering attacks is,

    • Phishing
    • Baiting
    • Online scams
    Q11) What is Phishing?

    Phishing technique involves sending of false emails, chats or website to the impersonate real system with aim of stealing information from the original website.

    Q12) Explain what is the Network Sniffing?

    A network sniffer to monitors data flowing over the computer network links. By allowing you to capture and view the packet to level data on your network, sniffer tool can help you to the locate network problems. Sniffers can be used for both stealing information off the network and also for legitimate network management.

    Q13) Explain what is the ARP Spoofing or ARP poisoning?

    ARP (Address Resolution Protocol) is a form of attack in which an attacker changes MAC ( Media Access Control) address and attacks an internet to LAN by changing the target computer’s ARP cache with a forged to ARP request and reply to packets.

    Q14) how you can be avoid or prevent ARP poisoning?

    ARP poisoning can be prevented by following methods:

    • Packet Filtering :

      Packet filters are capable for the filtering out and blocking packets with an conflicting source address information.

    • Avoid to trust relationship :

      Organization should be develop protocol that rely on the trust relationship as little as possible.

    • Use ARP spoofing to detection software :

      There are programs that inspects and the certifies data before it is the transmitted and to blocks data that is spoofed.

    • Use cryptographic the network protocols :

      By using secure an communications protocols like the TLS, SSH, HTTP secure to prevents ARP spoofing attack by the encrypting data prior to transmission and the authentication data when it is received.

    Q15) What is the Mac Flooding?

    Mac Flooding is a technique of where the security of given to network switch is compromised. In Mac flooding the hacker or attacker floods to the switch with a large number of frames, then what a switch can handle. This make switch to behaving as a hub and transmits all the packets at all the ports. Taking the advantage of this attacker will try to send his packet inside the network to a steal the sensitive the information.

    Q16) Explain what is the DHCP Rogue Server?

    A Rogue DHCP server is a DHCP server on the network which is not under the control of administration of the network staff. Rogue DHCP Server can be router or modem. It will offer to users IP addresses, default gateway, WINS servers as the soon as user’s logged in. Rogue server can be sniff into all the traffic sent by a client to all other networks.

    Q17) Explain what is the Cross-site scripting and what are the types of Cross site scripting?

    Cross site scripting is done by the using of known vulnerabilities like web based on applications, their servers or plug-ins users rely upon. Exploiting one of these by inserting malicious coding into the link which appears to be a trustworthy source. When users click on this link of malicious code will run as a part of the client’s web request and execute on the user’s computer, allowing the attacker to steal information.

    There are three types of Cross-site scripting:

    • Non-persistent.
    • Persistent.
    • Server side versus DOM based vulnerabilities.
    Q18) Explain what is the Burp Suite?

    Burp suite is an integrated platform used for the attacking web applications. It consists of all the Burp tools a required for attacking an applications. Burp Suite tool has to same approach for the attacking web applications like framework for handling HTTP requests, upstream proxies, alerting, logging and so on.

    Q19) What are the tools That Burp Suite consist of?
    • Proxy.
    • Spider.
    • Scanner.
    • Intruder.
    • Repeater.
    • Decoder.
    • Comparer.
    • Sequencer.
    Q20) Explain what is Pharming and Defacement?
    Pharming:

    In this technique the attacker to compromises the DNS (Domain Name System) servers or on the user to computers so that traffic is directed to a malicious site.

    Defacement:

    In this technique the attacker replace to organization website with a different to pages. It contains the hacker’s name, images and may even to include messages and background music.

    Q21) Explain how you can be stop your website getting hacked?

    By adapting following method you can be stop your website from getting hacked.

    • Sanitizing and Validating users parameters:

      By a Sanitizing and Validating user the parameters before submitting them to the database can be reduce the chances of being attacked by SQL injection.

    • Using Firewall:

      Firewall can be used to drop traffic from a suspicious IP address if attack is the simple DOS.

    • Encrypting the Cookies:

      Cookie or Session poisoning can be prevented by a encrypting the content of cookies, associating cookies with a client IP address and timing out the cookies after some time.

    • Validating and Verifying user input:

      This approach is ready to the present form tampering by verifying and validating the user input before processing it.

    • Validating and Sanitizing headers:

      This techniques is a useful against cross site scripting or XSS, this technique includes to validating and sanitizing headers, parameters passed via to URL, form parameters and hidden values to the reduce XSS attacks.

    Q22) Explain what is Keylogger Trojan?

    Key logger Trojan is a malicious software that can be monitor your keystroke, logging them to a file and sending them off to remote attackers. When the desired to behavior is observed, it will record to keystroke and the captures your login username and password.

    Q23) Explain what is the Enumeration?

    The process of the extracting machine name, user names, network resources, shares and services from the system. Under Intranet environment enumeration techniques is conducted.

    Q24) Explain what is the NTP?

    To synchronize clocks of the networked computers, NTP (Network Time Protocol) is used. For its primary means of the communication UDP port 123 is used. Over the public in internet NTP can be maintain time to within 10 milliseconds.

    Q25) Explain what is the MIB?

    MIB (Management Information Base) is the virtual databases. It contains all the formal description about the network objects that can be managed using the SNMP. The MIB database is the hierarchical and in MIB each managed objects is addressed through object identifiers (OID).

    Q26) Mention what are the types of password cracking techniques?

    The types of the password cracking technique includes:

    • Attack Brute Forcing.
    • Attacks Hybrids.
    • Attack Syllables.
    • Attack Rules.
    Q27) Explain what are the types of the hacking stages?

    The types of hacking stages are

    • Gaining Access Escalating.
    • Privileges Executing.
    • ApplicationsHidings.
    • Files Covering Tracks.
    Q28) Explain what is the CSRF (Cross Site Request Forgery)? How you can to prevent this?

    CSRF or Cross site request forgery is an attack from the malicious website that will send a request to a web application that a user is already authenticated against the from a different website. To prevent a CSRF you can append unpredictable challenge token to the each request and associate them with user’s session. It will ensure the developer that the request received is the form a valid source.

    Q29) What is the Cowpatty?

    Cowpatty is the implemented on an offline dictionary attack against WPA/WPA2 networks utilizing a PSK-based verification (e.g. WPA-Personal). Cowpatty can be execute an enhanced attack if a recomputed PMK document is the accessible for SSID that is being assessed.

    Q30) Why is Python utilize for hacking?

    Most broadly utilized a scripting language for Hackers is Python. Python has some of very critical to highlights that make it especially to valuable for the hacking, most importantly, it has some pre-assembled is libraries that give some intense is functionality.

    Q31) What are the hacking stages? Explain each stage?

    Hacking, or targeting on a machine, should have the following 5 phases:

    Surveillance:

    This is the principal stage where the hacker is endeavours to gather as much data is possible about the target.

    Scanning:

    This stage of includes exploiting the data accumulated amid Surveillance stage and utilizing it to the inspect the casualty. The hacker can be a utilize computerized devices amid the scanning stage which can be incorporate port scanners, mappers and vulnerability scanners.

    Getting access:

    This is where the real hacking as happens. The hacker attempts to the exploit data found amid the surveillance and the Scanning stage to get access.

    Access Maintenance:

    Once access is gained, hackers need to a keep that access for future the exploitation and assaults by securing their exclusive access with a backdoors, rootkits and Trojans.

    Covering tracks:

    Once hackers have a possessed the capacity to pick up and maintain to access, they cover their tracks and to keep away from getting is detected. This likewise enables them to be proceed with the utilization of the hacked framework and keep themselves away from legitimate activities.

    Q32) What are the types of password attack?
    • Guessing. Simple, repeated attempts using a common passwords or known facts about the users.
    • Stealing. Physically or electronically acquiring a user’s passwords– can be include sniffing of the network communications.
    • Dictionary Attacks.
    • Brute Forces Attacks.
    • Rainbows Tables.
    • Hybrid Password Attacks.
    • Birthday Attacks.
    Q33) What do you mean by ethical hacking?

    The legal way of accessing the system to find the malicious activities.

    Q34) Difference between hacking Vs. Ethical Hacking.
    • Hacking:

      it defines the illegal way of accessing the system (Unauthorized Access)

    • Ethical hacking:

      Legal way of accessing the system (Penetration testing)

    Q35) What is Trojans?

    Trojan is used for creating a remote connection which helps in performing malicious tasks? The attacker will create a stub, which he will bind with the different file such as pdf, video, pic, etc—- and will pass to the victim by any means necessary, and ask the victim to execute or run the particular file.

    Q36) Wi-Fi Hacking and steps?

    Wi-Fi Stands for Wireless Fidelity is a technology used to access communication over a network along with devices.

    Steps:
    • airmon-ng :

      (Info and detects the Wi-Fi card whether its capable of hacking or not).

    • airodump-ng:

      It will dump the packets in air and used to collect the key (password) to be used later to know the real Wi-Fi password.

    • aircrack-ng:

      This is used to decrypt the key which we got from air dump.

    Q37) What is Cyber Kill Chain?

    The cyber kill chain is a process which defines primary steps of a cyber-attack. Below is the 7 stages of cyber kill chain.

    • Reconnaissance-

      Passively (searching information on various search engines like google dork, shodanetc) gathering information about target.

    • Weaponization

      Preparing remote access malware with an exploit into a deliverable payload.

    • Delivery-

      Transferring payload (any malicious application or script) to victim’s device by social engineering or by some other method.

    • Exploitation-

      Exploit vulnerable application to make use of delivered payload.

    • Installation-

      Installation of backdoor using payload for remote access.

    • Command & Control-

      After the successful installation of a backdoor device can be controlled remotely and various actions can be performed.(DDOS is the most common attack performed using CnC servers).

    • Actions on Objective-

      Attacker will work to achieve the objective for which attack is performed, which can include data exfiltration or destruction of data or attacking some other device.

    Q38) What is a Zero-day attack?

    A vulnerability of system which is unknown to the responsible person and that has got exploited by attackers. The time difference in attack and getting aware of unknown vulnerability is called zero days.

    Q39) What is CIA triad in information security?

    CIA stands for Confidentiality, Integrity, and Availability. These are the 3 basic components for information security which stands to secure our data in an organization

    • Confidentiality-

      It ensures that the data should not be disclosed to unauthorized access, an attacker can breach confidentiality by network sniffing, shoulder surfing or stealing the password files during transmission of data. So, confidentiality can be provided by encrypting the data as it is stored or transmitted from client to server.

    • Integrity-

      It assures the accuracy and reliability of the information and prevents unauthorized modification. An attacker can insert a virus, backdoor or key logger into a system, so the system’s integrity can be compromised.

    • Availability-

      It ensures reliability and timely access to data and resource to authorized people, if resources is not available at the time when is required, it can lead to a huge business loss like which usually happen in DOS attack.

    Q40) Explain Heartbleed attack.

    Heartbleed is the vulnerability in OpenSSL library, Heartbeat is a component of TSL/SSL protocol when any system sends an encrypted piece of data is called heartbeat request to other systems, the other system will also send an exact same encrypted piece of data to maintain the connection. Now the system which receives the data never checked the size of data which was claimed, so attacker increase the size of data let’s say 64kb but actual size of data is 40kb, now the receiving system will send back the data of 64kb in which 24kb is plus size taking form memory buffer whatever happens in next 24kb memory. This extra 24kb data an attacker can extract from a web server. So this is the way we can exploit heart bleed attack.

    Copyright 1999- Ducat Creative, All rights reserved.