Most asked top Interview Questions and Answers | Online Test | Mock Test
Prepare Interview
Ask Question

Mock Exams

Make Homepage

Bookmark this page

Subscribe Email Address

Ethical Hacking Interview Questions and Answers

Ques 26. How to prevent ARP poisoning?

ARP poisoning can be prevented by the following methods:

Packet filters:

These help in reducing the chances of attacks being successful. These filters analyses each packet that has been sent over a network and filter out and blocks malicious packets that are suspicious.

Encryption:

Protocols such as SSH and HTTPS will also help you to reduce ARP poisoning attacks.

VPNs:

These are not suitable for larger organizations as each VPN connection needs to be placed between each computer and each server. If it is only a single person trying to attack using public wifi, then VPN will encrypt all the data that has been transmitted between the exit server and the client.

Static ARP entries:

This is suitable for smaller networks. This ARP is added for every machine on a network into a single individual computer.

Is it helpful? Add Comment View Comments
 

Ques 27. What is DNS Cache Poisoning?

DNS cache poisoning is a technique that exploits vulnerabilities in the DNS (domain name system) to divert internet traffic away from legitimate servers and towards false ones. It is also known as DNS spoofing.

Is it helpful? Add Comment View Comments
 

Ques 28. What is SQL injection and how to prevent it?

SQL injection is a type of injection attack that executes malicious SQL statements and controls the database server behind a web application.

These attacks mostly take place on the web pages developed using different web technologies.

These attacks can be made with the following intentions:

  • To execute the different queries that are not allowed on the application.
  • To change the content of the database
  • To dump the entire database of the system.

The only way to prevent the SQL injection attack is input validation and parameterized queries including prepared statements. The application code should never use the input directly.

Is it helpful? Add Comment View Comments
 

Ques 29. What is Cross-Site scripting and how can you fix it?

Cross-Site Scripting (XSS) is also referred to as a client-side code injection attack. In this, the attacker intends to execute malicious scripts on the victim’s web browser by including malicious code in a legitimate page or web application.

The actual attack occurs when the victim visits the page and executes malicious code, and this web application actually becomes a vehicle to deliver the malicious script to the user’s browser. Forums, web pages, and message boards that allow comments support cross-site scripting attacks.

To fix these attacks, apply context-dependent output encoding

Is it helpful? Add Comment View Comments
 

Ques 30. What is a DDoS attack and how does it work?

DDoS (Distributed Denial of Service) attack is a type of DoS attack, where several compromised systems are often infected with a trojan and are used to target a single system causing a DoS (Denial of Service) attack.

Here is how DDoS work:

It is an attempt to make a webpage or online service inaccessible by overloading it with huge floods of traffic from various sources.

Is it helpful? Add Comment View Comments
 

Most helpful rated by users:

©2025 WithoutBook