Documente Academic
Documente Profesional
Documente Cultură
SECURITY
LONG QUESTIONS:-
attack.
generally allows an attacker to view data that they are not normally able to
retrieve. This might include data belonging to other users, or any other data
that the application itself is able to access. In many cases, an attacker can
content or behavior.
server.
• Adware
Adware (short for advertising-supported software) is a type of
malware that automatically delivers advertisements. Common
examples of adware include pop-up ads on websites and
advertisements that are displayed by software.
• Bots
• Bug
• Ransomware
• Rootkit
• Spyware
• Trojan horse
• File Virus
This type of virus infects the system by appending itself to the end of a
file. It changes the start of a program so that the control jumps to its
code. After the execution of its code, the control returns back to the
main program.
• Boot sector Virus
It infects the boot sector of the system, executing every time system
is booted and before operating system is loaded. It infects other
bootable media like floppy disks.
• Macro Virus
Unlike most virus which are written in low-level language(like C or
assembly language), these are written in high-level language like
Visual Basic. These viruses are triggered when a program capable of
executing a macro is run
• Polymorphic Virus
A virus signature is a pattern that can identify a virus(a series of
bytes that make up virus code). So in order to avoid detection by
antivirus a polymorphic virus changes each time it is installed..
• Encrypted Virus
In order to avoid detection by antivirus, this type of virus exists in
encrypted form. It carries a decryption algorithm along with it. So the
virus first decrypts and then executes.
• Stealth Virus
It is a very tricky virus as it changes the code that can be used to
detect it. Hence, the detection of virus becomes very difficult
• Tunneling Virus
This virus attempts to bypass detection by antivirus scanner by
installing itself in the interrupt handler chain. Interception programs,
which remain in the background of an operating system and catch
viruses, become disabled during the course of a tunneling virus.
Multipartite Virus
This type of virus is able to infect multiple parts of a system including
boot sector,memory and files. This makes it difficult to detect and
contain.
• Armored Virus
An armored virus is coded to make it difficult for antivirus to unravel
and understand. It uses a variety of techniques to do so like fooling
antivirus to believe that it lies somewhere else than its real location or
using compression to complicate its code.
• What is social engineering? What are the different way to perform social
engineering?
• Phishing
• Spear Phishing
• Vishing
• Pretexting
There are various types of access control methologies. Some of them are:-
MAC and allows businesses to decide who has access to which areas.
Think of this as a bit like the official guest list for a party: The people on
the list have access to the party, but they can’t bring a friend and might
not have access to every room at the event. Unlike with MAC systems,
criteria. Here, a user might have access to his or her personal email,
but not to a business’s private files on the same server. This allows
unique needs.
unique needs but must abide by certain rules (think of elevators that
lock out employees after hours, regardless of whether they have
keycards).
• Nmap
• Tracert
or traceroute command.
• Ping
nmap
Scan a host
www.testhostname.com
Detect OS and
nmap -A 192.168.1.1
Services
Standard service
nmap -sV 192.168.1.1
detection
7. Write down short notes on a. File integrity check
b. VPN
There are two basic VPN types which are explained below.
5. OpenVPN:
OpenVPN is an open source VPN that is useful for creating Point-to-Point and
Site-to-Site connections. It uses a custom security protocol based on SSL
and TLS protocol.
process, the extra data overflows. It causes some of that data to leak
out into other buffers, which can corrupt or overwrite whatever data
Example
• Technology weakness
• Policy weakness
• Configuration weakness
Technology weakness
Every technology has some known or unknown inherent
weaknesses, or vulnerabilities that can be exploited by a sufficiently
motivated troublemaker. Some weaknesses are publicized widely in
the media because they’re associated with a well-known product. Don’t
fall into the faulty logic that because you don’t hear about the other
products, they must be secure.
Policy weakness
Policy weakness is a catchall phrase for company policies, or a lack of
policies, that inadvertently lead to security threats to the network
system..
The following examples are some of the policy issues that can
negatively impact a businesses computer system:
Configuration weakness
Many network devices have default settings that emphasize performance
or ease of installation without regard for security issues. Installation
without adequate attention to correcting these settings could create
serious potential problems. Some common configuration issues include
the following:
• Ineffective access control lists failing to block intended traffic
• Default, missing, or old passwords
• Unneeded ports or services left active
• User IDs and passwords exchanged in clear text
• Weak or unprotected remote access through the Internet or dial-up
services
10. Write short notes on Industry standard frame works and reference
architecture.
11. Explain Single Sign On (SSO) issues and how to overcome them?
permits a user to use one set of login credentials (e.g., name and
information to be shared
ticket-granting ticket (TGT) is issued. The TGT fetches service tickets for
other applications the user wishes to access, without asking the user to
re-enter credentials.
• Smart-card-based SSO will ask an end user to use a card holding the sign-
in credentials. Once first used, a user will not have to re-enter usernames
Databases, tablespaces, and datafiles are closely related, but they have
important differences:
Oracle-Managed Files
Oracle-managed files eliminate the need for you, the DBA, to directly manage
• Tablespaces
• Control files
Each Oracle database has a list of user names. To access a database, a user
must use a database application and attempt a connection with a valid user
name of the database. Each user name has an associated password to
prevent unauthorized use.
Security Domain
Each user has a security domain—a set of properties that determine such
things as:
Privileges
Default Tablespace
Temporary Tablespace
Each user has a temporary tablespace. When a user runs a SQL statement
that requires the creation of temporary segments (such as the creation of an
index), the user's temporary tablespace is used. By directing all users'
temporary segments to a separate tablespace, the temporary tablespace can
reduce I/O contention among temporary segments and other types of
segments.
14. Why secure coding is important? List out few best secure coding
practices.
• Validate input. Validate input from all untrusted data sources. ...
• Practice defense in depth.
• THE SITUATION
• THE INVESTIGATION
16. What is Risk Assessment ? What are the chief components of risk
assessment?
• Identify hazards and risk factors that have the potential to cause harm
(hazard identification).
• Analyze and evaluate the risk associated with that hazard (risk
analysis, and risk evaluation).
Hazard identification and elimination and risk assessment and control" uses
the following terms:
(1) Risk analysis provides a basis for risk evaluation and decisions about risk
control.
(2) Information can include current and historical data, theoretical analysis,
informed opinions, and the concerns of stakeholders.
(3) Risk analysis includes risk estimation.
Risk evaluation – the process of comparing an estimated risk against given
risk criteria to determine the significance of the risk.
• Risk Components are:
• Firewall.
• IP address.
• Network map.
• Server configurations.
• URLs.
• VPN.
Sources –
• Social Media:
Most of the people has the tendency to release most of their
information online. Hackers use these sensitive information in a big
deal. They may create a fake account for looking real to be added
as friend or to follow someone’s account for grabbing their
information.
• JOB websites:
Organisations share some confidential data in many JOB websites
like monsterindia.com . For example, a company posted on a
website : “Job Opening for lighttpd 2.0 Server Administrator”. From
this information can be gathered that an organisation uses lighttpd
web server of version 2.0 .
• Google:
Search engines such as Google have the ability to perform more
powerful searches than one can think and one had gone through. It
can be used by hackers and attackers to do something that has
been termed Google hacking
• Social Engineering:
There are various techniques that fall in this category. A few of them are:
• Eavesdropping – Attacker tries to record personal
conversation of the target victim with someone that’s being
held over communication mediums like Telephone.
• Shoulder Surfing – In this technique Attacker tries to catch
the personal information like Email id, password, etc; of the
victim by looking over the victim’s shoulder while the same is
entering(typing/writing) his/her personal details for some
work.
• Archieve.org:
Archived version refers to the older version of the website which
existed in a time before and many features of the website has been
changed. archieve.org is a website that collects snapshots of all the
website at a regular interval of time.
• An Organization’s Website:
Its the best place to begin for an attacker. If an attacker wants to
look for open source information, which is information freely
provided to clients, customers, or the general public then simply the
best option is: “ORGANISATION’s WEBSITE”.
• Using Neo Trace:
NeoTrace is a powerful tool for getting path information. The
graphical display displays the route between you and the remote
site, including all intermediate nodes and their information.
NeoTrace is a well-known GUI route tracer program.
• Who is:
This is a website which serves a good purpose for Hackers. Through
this website information about the domain name, email-id, domain
owner etc; a website can be traced
Advantages:
• Footprinting allows Hackers to gather the basic security configurations
of a target machine along with network route and data flow.
• Once attacker finds the vulnerabilities he/she focuses towards a
specific area of the target machine.
• It allows the hacker to identify as to which attack is more handy to
hack the target system.
Counter Measures:
• Avoid posting confidential data in social media websites.
• Avoid accepting unwanted friend requests on social media platforms.
• Promotion of education on various hacking tricks.
• Usage of footprinting techniques for identifying and removing sensitive
information fromSS social media platforms.
• Proper configuration of web servers to avoid loss of information about
system configuration.
SHORT QUESTIONS:-
relays and possibly alters the communications between two parties who
believe that they are directly communicating with each other. Attackers
Write down the difference between black hat and white hat hacker.
A Black Hat Hacker is more specifically in line with media portrayals. They
are the hackers who break into systems, steal information, manipulate data,
and compromise security. As for motivations, they generally do this for either
These are hackers who are often employed by the government to protect
data against Black Hat Hacker. For example, a very common job for a White
Hat Hacker would be a penetration tester. A penetration tester is somebody
hired to break into someones system so they can outline the system’s flaws.
Write down the difference between black box and white box testing.
insufficient bounds checking. This can occur when copying data from
one buffer to another without first checking that the data fits within the
destination buffer
application or user.
protected resources.
The false rejection rate is the measure of the likelihood that the biometric
The false acceptance rate, or FAR, is the measure of the likelihood that the
attempts.
against viruses and other Internet malware. Starting from the network
(NIDS) operates
What do you mean by packet sniffer? Name two popular packet sniffer
tools.
• Wireshark
What is steganography ?
what extent.
• What is black box testing?
the testing process.
programming skills.
• What a packet sniffer will do ? Mention the two popular packet sniffer
tool names.
• Tcpdump
• Wireshark
ports. Administrators can use this to take inventory of the systems and
by simply querying the service port. Many services will respond with a
technology in use.
• Differentiate between TCP and UDP?
• TCP UDP
checking mechanisms. It is
data. checksums.
• Sequencing of data is a feature • There is no sequencing of
of Transmission Control data in UDP. If ordering is
receiver. layer.
• TCP is comparatively slower • UDP is faster, simpler and
harmful applications.
thwart an attack
20) What tablespace is with related to oracle database management
system?
system