Ethical Hacking Interview Questions and Answers

Ques 1. What is hacking?

Hacking refers to unauthorized intrusion in a system or a network. The person involved in this process is called a hacker. They use the computer to commit non-malicious activities such as privacy invasion, stealing personal/corporate data, and more.

Ques 2. What is ethical hacking?

Ethical hacking is also known as penetration testing or intrusion testing where the person systematically attempts to penetrate/intrude into a computer system, application, network, or some other computing resources on behalf of its owner and finds out threats and vulnerabilities that a malicious hacker could potentially exploit.

The main objective of ethical hacking is to improve the security of the system or network and fix the vulnerabilities found during the testing. Ethical hackers employ the same tools and techniques adopted by malicious hackers to improve security and protect the system from attacks by malicious users with the permission of an authorized entity.

Ques 3. What are the types of hackers?

Based on the hacker’s motive and legality of actions, they are divided into three types:

• Black Hat: These hackers are responsible to create malware; they gain unauthorized access to a system or network and harm its operations and steal sensitive information. 
• White Hat: These hackers are also known as ethical hackers; they’re often employed by companies or government agencies to find out the vulnerabilities. They never intend to harm the system instead find out the weaknesses in the network/system as part of penetration testing and vulnerability assessments.
• Grey Hat: These hackers are a blend of both white hat and black hat hackers; they find out the vulnerabilities in a system without the owner’s permission or knowledge. Their intention is to bring the weaknesses in the system to the owner's attention and demand some compensation or incentive from the owner.

Apart from the above well-known hackers, there are miscellaneous hackers based on what they hack and how they do it:

• Hacktivist: The person who utilizes technology for announcing social, religious, or political messages. Mostly hacktivism includes website defacement or denial-of-service attacks.  
• Script Kiddie: The one who enters into the computer system using the automation tools written by others and has less knowledge of the underlying concept, hence the term kiddie. 
• Elite Hackers: This is a social message among hackers that describes the most skilled ones. Recently identified exploits will circulate among these hackers.
• Neophyte: They are also known as green hat hacker or newbie who has no knowledge about the workings of technology and hacking.
• Blue Hat: The one who is outside of computer security consulting firms try to attempt a bug test to a system before its launch to find out the weaknesses and close the gaps. 
• Red hat: They are a blend of both black hat and white hat hackers, usually employed by top security agencies, government agencies, etc., that fall under the category of sensitive information.

Ques 4. What are the different types of hacking?

Based on the category of being hacked, hacking is divided into different types as follows:

1. Website hacking: It refers to unauthorized access over a web server and its associated software such as databases and interfaces, and making changes to the information.
2. Network hacking: It refers to collecting data about a network using tools like Telnet, ping, etc., with the intent to harm the network and hamper its operations.
3. Email hacking: It refers to unauthorized access to the email account and utilizing it without the owner’s permission.
4. Password hacking: It refers to the process of recovering secret passwords from data that has been stored in the computer system.
5. Computer hacking: It refers to unauthorized access to the computer and stealing the data such as computer passwords and ID by employing hacking techniques.

Ques 5. What are the advantages and disadvantages of ethical hacking?

Advantages:

• It helps to fight against cyber terrorism and national security breaches.
• It helps to take preventive actions against hackers.
• Detects the weaknesses and closes the gaps in a system or a network.
• Prevents gaining access from malicious hackers.
• Provides security to banking and financial settlements.

Disadvantages:

• Might use the data against malicious hacking activities.
• May corrupt the files of an organization.
• Possibility to steal sensitive information on the computer system.