Interview Questions and Answers

Based on the hacker’s motive and legality of actions, they are divided into three types:

• Black Hat: These hackers are responsible to create malware; they gain unauthorized access to a system or network and harm its operations and steal sensitive information. 
• White Hat: These hackers are also known as ethical hackers; they’re often employed by companies or government agencies to find out the vulnerabilities. They never intend to harm the system instead find out the weaknesses in the network/system as part of penetration testing and vulnerability assessments.
• Grey Hat: These hackers are a blend of both white hat and black hat hackers; they find out the vulnerabilities in a system without the owner’s permission or knowledge. Their intention is to bring the weaknesses in the system to the owner's attention and demand some compensation or incentive from the owner.

Apart from the above well-known hackers, there are miscellaneous hackers based on what they hack and how they do it:

• Hacktivist: The person who utilizes technology for announcing social, religious, or political messages. Mostly hacktivism includes website defacement or denial-of-service attacks.  
• Script Kiddie: The one who enters into the computer system using the automation tools written by others and has less knowledge of the underlying concept, hence the term kiddie. 
• Elite Hackers: This is a social message among hackers that describes the most skilled ones. Recently identified exploits will circulate among these hackers.
• Neophyte: They are also known as green hat hacker or newbie who has no knowledge about the workings of technology and hacking.
• Blue Hat: The one who is outside of computer security consulting firms try to attempt a bug test to a system before its launch to find out the weaknesses and close the gaps. 
• Red hat: They are a blend of both black hat and white hat hackers, usually employed by top security agencies, government agencies, etc., that fall under the category of sensitive information.

Based on the category of being hacked, hacking is divided into different types as follows:

1. Website hacking: It refers to unauthorized access over a web server and its associated software such as databases and interfaces, and making changes to the information.
2. Network hacking: It refers to collecting data about a network using tools like Telnet, ping, etc., with the intent to harm the network and hamper its operations.
3. Email hacking: It refers to unauthorized access to the email account and utilizing it without the owner’s permission.
4. Password hacking: It refers to the process of recovering secret passwords from data that has been stored in the computer system.
5. Computer hacking: It refers to unauthorized access to the computer and stealing the data such as computer passwords and ID by employing hacking techniques.

Advantages:

• It helps to fight against cyber terrorism and national security breaches.
• It helps to take preventive actions against hackers.
• Detects the weaknesses and closes the gaps in a system or a network.
• Prevents gaining access from malicious hackers.
• Provides security to banking and financial settlements.

Disadvantages:

• Might use the data against malicious hacking activities.
• May corrupt the files of an organization.
• Possibility to steal sensitive information on the computer system.

A Trojan is a type of malware that is often developed by hackers or attackers to gain access to target systems. Users are manipulated by some attractive social media ads and then directed towards malicious sites into loading and performing Trojans on their systems.

Types of Trojans:

1. Trojan-Downloader: It is a type of virus that downloads and installs other malware.
2. Ransomware: It is a type of Trojan that can encrypt the data on your computer/device. 
3. Trojan-Droppers: These are complex programs used by cybercriminals to install malware. Most antivirus programs do not identify droppers as malicious, and hence it is used to install viruses.
4. Trojan-Rootkits: It prevents the detection of malware and malicious activities on the computer. 
5. Trojan-Banker: These steal user account-related information such as card payments and online banking.
6. Trojan-Backdoor: It is the most popular type of Trojan, that creates a backdoor for attackers to access the computer later on from remote using a remote access tool (RAT). This Trojan provides complete control over the computer.

Enumeration is the primary phase of ethical hacking that is information gathering. In this phase, the attacker builds an active connection with the victim and tries to gain as much information as possible to find out the weaknesses or vulnerabilities in the system, and tries to exploit the system further.

Enumeration collects information about:

• Network shares
• Passwords policies lists
• IP tables
• SNMP data, if they are not secured properly
• Usernames of different systems

The different enumerations available in ethical hacking are listed below:

• DNS enumeration
• NTP enumeration
• SNMP enumeration
• Linux/Windows enumeration
• SMB enumeration

Defacement is an attack in which the hacker changes the visual appearance of a web page or website. The attacker replaces the firm’s site with an alternate page or sometimes opposite to the text of the website.

Management Information Base (MIB) is a virtual database of network objects. It contains all the formal descriptions of the network objects being monitored by a network management system. The MIB database of objects is used as a reference to a complete collection of management information on an entity like a computer network.

MAC flooding is an attacking method that is used to compromise the security of the network switches. These switches maintain a table structure called a MAC table that consists of each MAC address of the host computer on the networks which are connected to the ports of the switch.

To prevent MAC flooding, use the following methods:

• Authentication with the AAA server
• Port security
• Implement IEEE 802.1x suites
• Employ security measures to prevent IP spoofing or ARP spoofing