面试题与答案

Hacking refers to unauthorized intrusion in a system or a network. The person involved in this process is called a hacker. They use the computer to commit non-malicious activities such as privacy invasion, stealing personal/corporate data, and more.

Ethical hacking is also known as penetration testing or intrusion testing where the person systematically attempts to penetrate/intrude into a computer system, application, network, or some other computing resources on behalf of its owner and finds out threats and vulnerabilities that a malicious hacker could potentially exploit.

The main objective of ethical hacking is to improve the security of the system or network and fix the vulnerabilities found during the testing. Ethical hackers employ the same tools and techniques adopted by malicious hackers to improve security and protect the system from attacks by malicious users with the permission of an authorized entity.

The most popular ethical hacking tools are listed below:

• John the Ripper
• Metasploit
• Nmap
• Acunetix
• Wireshark
• SQLMap
• OpenVAS
• IronWASP
• Nikto
• Netsparker

There are mainly five stages in hacking:

1. Reconnaissance: This is the primary phase of hacking, also known as the footprinting or information gathering phase, where the hacker collects as much information as possible about the target. It involves host, network, DNS records, and more.
2. Scanning: It takes the data discovered during reconnaissance and uses it to examine the network. 
3. Gaining access: The phase where attackers enter into a system/network using various tools and techniques.
4. Maintaining access: Once hackers gain access, they want to maintain access for future exploitation and attacks. This can be done using trojans, rootkits, and other malicious files.
5. Covering tracks: Once the hackers are able to gain and maintain access, they cover tracks to avoid detection. It involves modifying/deleting/corrupting the value of logs, removing all traces of work, uninstalling applications, deleting folders, and more. 

A firewall is a network security system that allows or blocks network traffic as per predetermined security rules. These are placed on the boundary of trusted and untrusted networks.

Hashing is used to validate the integrity of the content, while encryption ensures data confidentiality and security. Encryption is a two-way function that includes encryption and decryption, while hashing is a one-way function that changes a plain text to a unique digest that is irreversible.

IP address: For every device, an IP address is assigned. The IP address is a number allocated to a connection of a network.

MAC address: A MAC address is a unique serial number assigned to every network interface on every device.  

The major difference is MAC address uniquely identifies a device that wants to take part in a network while the IP address uniquely defines a connection of a network with an interface of a device.

Virus: It is a type of malware that spreads by embedding a copy of itself and becomes a part of other programs. Viruses spread from one computer to another while sharing the software or document they are attached to using a network, file sharing, disk, or infected email attachments. 

Worm: These are similar to viruses and cause the same type of damage. They replicate functional copies of themselves and do not require a host program or human help to propagate. Advanced worms leverage encryption, ransomware, and wipers to harm their targets.

Keystroke logging is also known as keylogging or keyboard capturing. It is a type of surveillance software that records every keystroke made on the keyboard. Every action made on the keyboard is monitored, and data is retrieved by operating through the logging program. 

Cowpatty is the implementation of the offline dictionary attack against WPA/WPA2 networks using PSK-based authentication.

E.g. WPA-Personal

Most of the enterprises employ PSK-based authentication for WPA/WPA2 networks.

Exploitation is a part of programmed software or script that allows hackers to gain control over the targeted system/network and exploit its vulnerabilities. Most hackers use scanners like OpenVAS, Nessus, etc., to find these vulnerabilities.

Phishing is an attempt to steal sensitive information such as user data, credit card numbers, etc. These attacks occur mostly while using personal email accounts or social networking sites, online transactions, and more.