Documente Academic
Documente Profesional
Documente Cultură
A. Basic Networking
1. What is Computer Networking?
It is the process of creating and using wired or wireless networks for exchanging information, ideas, files and other
electronic communication.
3. What is VPN?
VPN means Virtual Private Network, a technology that allows a secure tunnel to be created across a network such as
the Internet. For example, VPNs allow you to establish a secure dial-up connection to a remote server.
Ethernet is popular because it strikes a good balance between speed, cost and ease of installation. These benefits,
combined with wide acceptance in the computer marketplace and the ability to support virtually all popular network
protocols, make Ethernet an ideal networking technology for most computer users today.
6. CSMA/CD
Carrier Sense Multiple Access with Collision Detection (CSMA/CD) is the LAN access method used in Ethernet. When
a device wants to gain access to the network, it checks to see if the network is free. If the network is not free, the
device waits a random amount of time before retrying. If the network is free and two devices access the line at
exactly the same time, their signals collide. When the collision is detected, they both back off and wait a random
amount of time before retrying. Only switches and routers can affectively prevent a transmission from propagating
throughout the entire network!
18. What is the difference between static IP addressing and dynamic IP addressing?
Static IP addresses are reserved and they don't change over time while dynamic IP addresses can be changed each
time you connect to the internet. Static IP addresses are given manually while dynamic IP addresses are provided by
DHCP server.
20. What is the difference between Unicast, Multicast, Broadcast, and Anycast?
Unicast: It is the exchange of messages between a single source and a single destination. In Unicast, while sending
packets from a sender, it contains data address of the receiver so that it can go there directly.
Broadcast: It is the exchange of messages between one sender to possible multiple receivers. It works only on a local
network. Broadcasting of data can’t be done on the public internet due to a massive amount of unrelated and
unnecessary data.
Multicast: It is the exchange of messages between one sender and multiple receivers. In multicast, the network
settings determine your receiving clients and sort of broadcasting.
Anycast: It is the exchange of messages between one host to another host. It uses TCP and UDP protocol. Copy of
each data packet goes to every host that requests it.
37. What are the different types of passwords that you can use in Cisco routers?
Different types of passwords that are used in Cisco routers are enabled, enable secret, auxiliary (AUX), console and
virtual terminal (VTY).
40. What are the different types of cables that are used in routing?
Three different types of cables that are used include:
Straight cable – (switch-router)
Cross cable – (PC-PC, switch-switch)
Rollover cable – (Console port to computer)
48. Explain the difference between Collision Domain and Broadcast Domain.
In the Broadcast Domain, all the juncture can reach each other by broadcast at the data link layer and every device is
ready to receive their respective data. It can bind to the same LAN segments or the other LAN segment. Broadcast
Domain uses local network for broadcasting the data packets to the receiver. While broadcasting, massive data are
broadcasted, hence the speed of receiving the data is less and it also takes more time to receive the data of their
address.
In the Collision Domain, data collision occurs more due to sending of more frames simultaneously. If more than two
frames are sent simultaneously then the data will collide with each other in between and the information gets lost
due to an occurrence of a collision and the devices will not accept the data and due to this, the communication
between the sender and receiver side will collide. Hence, the sender has to send the data again and like this, it will
take more time to receive the data at the receiver's side.
62. Explain the basic difference between TCP/IP and OSI model.
OSI and TCP/IP protocol are different by their layers. In OSI model, there are 7 layers whereas in TCP/IP there are 4
layers.
63. What is the difference between ‘bit rate’ and ‘baud rate’?
A bit rate is defined as the total number of bits transmitted in one second whereas baud rate defines the number of
signal unit per second that is required to represent those bits.
Baud rate=bit rate / N,
where N = no. of bits represented by each signal shift.
65. Abbreviation
Security protocols
Nam Meaning Function
e
IPSec Internet ProtocolProvides authentication and encryption over the internet; works with IPv4 and
Security IPv6; used to secure VPN
L2TP Layer 2 Tunneling Supports non-TCP/IP protocols VPN over the internet; combines the best features
Protocol of PPTP and L2F
SSL Secure Sockets LayerUses a private key to encrypt data that is transferred over the SSL connection;
service independent and can secure different network applications
WEP Wired Equivalent Encrypts and protects data packets over radio frequencies; does not offer end-end
Privacy security
WPA WiFi Protected Offers improved data encryption and user authentication using the wireless
Access devices MAC address; uses TKIP encryption
AES Advanced Encryption A cryptographic cipher that uses Rijndael algorithm
Standard
Routing protocols
Nam Meaning Function
e
RIP Routing Information Finds the quickest route between two computers; offers a maximum of 16
Protocol hops between routers before deciding that a packet is undeliverable
OSPF Open Shortest Path FirstA descendant of RIP that increases its speed and reliability; much used on the
internet; accepts 256 hops between routers
IGRP Interior Gateway A propriety protocol from Cisco that takes bandwidth, latency, reliability, and
Routing Protocol current traffic load into consideration
EGP Exterior Gateway A distance vector protocol that uses polling to retrieve routing information
Protocol
BGP Border Gateway Used to span autonomous systems in the internet; used at the edge of
Protocol networks; designed to supersede EGP
NLSP Netware Link Services A link state routing protocol that was designed to reduce wasted bandwidth
Protocol associated with RIP
RTMP Routing Table Used by Appletalk to ensure that all routers in the network have consistent
Maintenance Protocol routing information
2. What type of symmetric key algorithm using a streaming cipher to encrypt information?
A. RC4
B. Blowfish
C. SHA
D. MD5
Correct Answer – A
Explanation – RC$ uses streaming ciphers.
3. Which of the following is not a factor in securing the environment against an attack on security?
A. The education of the attacker
B. The system configuration
C. The network architecture
D. The business strategy of the company
E. The level of access provided to employees
Correct Answer – D
Explanation – All of the answers are factors supporting the exploitation or prevention of an attack. The
business strategy may provide the motivation for a potential attack, but by itself will not influence the
outcome.
8. Attempting to gain access to a network using an employee’s credentials is called the _____________
mode of ethical hacking.
A. Local networking
B. Social engineering
C. Physical entry
D. Remote networking
Correct Answer – A
Explanation – Local networking uses an employee’s credentials, or access rights, to gain access to the
network. Physical entry uses credentials to gain access to the physical IT infrastructure.
9. Which Federal Code applies the consequences of hacking activities that disrupt subway transit
systems?
A. Electronic Communications Interception of Oral Communications
B. 18 U.S.C. § 1029
C. Cyber Security Enhancement Act 2002
D. 18 U.S.C. § 1030
Correct Answer – C
Explanation – The Cyber Security Enhancement Act 2002 deals with life sentences for hackers who
recklessly endanger the lives of others, specifically transportation systems.
11. What is the proper command to perform an Nmap XMAS scan every 15seconds?
A. nmap -sX -sneaky
B. nmap -sX -paranoid
C. nmap -sX -aggressive
D. nmap -sX -polite
Correct Answer – A
Explanation – SX is used to identify a xmas scan, while sneaky performs scans 15 seconds apart.
12. What type of rootkit will patch, hook, or replace the version of system call in order to hide
information?
A. Library level rootkits
B. Kernel level rootkits
C. System level rootkits
D. Application level rootkits
Correct Answer – A
Explanation – Library leve rootkits is the correct answer. Kerel level focuses on replaceing specific code
while application level will concentrate on modifying the behavior of the application or replacing
application binaries. The type, system level, does not exist for rootkits.
14. What are some of the most common vulnerabilities that exist in a network or system?
A. Changing manufacturer, or recommended, settings of a newly installed application.
B. Additional unused features on commercial software packages.
C. Utilizing open source application code
D. Balancing security concerns with functionality and ease of use of a system.
Correct Answer – B
Explanation – Linux is an open source code and considered to have greater security than the commercial
Windows environment. Balancing security. Ease of use and functionality can open vulnerabilities that
already exist. Manufacturer settings, or default settings, may provide basic protection against hacking
threats, but need to change to provide advance support. The unused features of application code provide
an excellent opportunity to attack and cover the attack.
18. The first phase of hacking an IT system is compromise of which foundation of security?
A. Availability
B. Confidentiality
C. Integrity
D. Authentication
Correct Answer – B
Explanation – Reconnaissance is about gathering confidential information, such as usernames and
passwords.
23. Which of the following will allow footprinting to be conducted without detection?
A. PingSweep
B. Traceroute
C. War Dialers
D. ARIN
Correct Answer – D
Explanation – ARIN is a publicly accessible database, which has information that could be valuable. Because
it is public, any attempt to obtain information in the database would go undetected.
24. Performing hacking activities with the intent on gaining visibility for an unfair situation is called
________.
A. Cracking
B. Analysis
C. Hacktivism
D. Exploitation
Correct Answer – C
Explanation – Hacktivism is the act of malicious hacking for a cause or purpose.
30. Which Nmap scan is does not completely open a TCP connection?
A. SYN stealth scan
B. TCP connect
C. XMAS tree scan
D. ACK scan
Correct Answer – A
Explanation – Also known as a “half-open scanning,” SYN stealth scan will not complete a full TCP
connection.
38. What is the best statement for taking advantage of a weakness in the security of an IT system?
A. Threat
B. Attack
C. Exploit
D. Vulnerability
Correct Answer – C
Explanation – A weakness in security is exploited. An attack does the exploitation. A weakness is
vulnerability. A threat is a potential vulnerability.
40. Having individuals provide personal information to obtain a free offer provided through the Internet
is considered what type of social engineering?
A. Web-based
B. Human-based
C. User-based
D. Computer-based
Correct Answer – D
Explanation – Whether using email, a fake website, or popup to entice the used, obtaining information
from an individual over the Internet is a computer-based type of social engineering
C. Ethical Hacking
Q1. What are the types of hackers?
Black Hat: These hackers are responsible to create malware; they gain unauthorized access in a
system or network and harm its operations and steal sensitive information.
White Hat: These hackers are also known as ethical hackers; they’re often employed by companies
or government agencies to find out the vulnerabilities. They never intend to harm the system
instead find out the weaknesses in the network/system as part of penetration testing and
vulnerability assessments.
Grey Hat: These hackers are a blend of both white hat and black hat hackers; they find out the
vulnerabilities in a system without the owner’s permission or knowledge. Their intention is to bring
the weaknesses in the system to the owner's attention and demand some compensation or
incentive from the owner.
Apart from the above well-known hackers, there are miscellaneous hackers based on what they hack
and how they do it:
Hacktivist: The person who utilizes technology for announcing social, religious, or political message.
Mostly hacktivism includes website defacement or denial-of-service attacks.
Script Kiddie: The one who enters into the computer system using the automation tools written by
others and have less knowledge of the underlying concept, hence the term kiddie.
Elite Hackers: This is a social message among hackers that describes the most skilled ones. Recently
identified exploits will circulate among these hackers.
Neophyte: They are also known as green hat hacker or newbie who has no knowledge about the
workings of technology and hacking.
Blue Hat: The one who is outside of computer security consulting firms tries to attempt a bug-test
to a system before its launch to find out the weaknesses and close the gaps.
Red hat: They are a blend of both black hat and white hat hackers, usually employed by top security
agencies, government agencies, etc., that fall under the category of sensitive information.
Q15. What is Cross-Site scripting and how can you fix it?
Ans. Cross-Site Scripting (XSS) is also referred to as a client-side code injection attack. In this, the attacker
intends to execute malicious scripts on the victim’s web browser by including malicious code in a legitimate
page or web application. The actual attack occurs when the victim visits the page and executes malicious
code, and this web application actually becomes a vehicle to deliver the malicious script to the user’s
browser. Forums, web pages, and message boards that allow comments support cross-site scripting
attacks.
It is an attempt to make a webpage or online service inaccessible by overloading it with huge floods of
traffic from various sources.
The attacker first collects the victim’s information like security protocols required to proceed with the
attack, and gains the victim's trust and breaks security practices, such as granting access to critical
resources or stealing sensitive information.
Different types of social engineering attacks include:
Phishing
Vishing
Pretexting
Quid pro quo
Tailgating
Spear phishing
Baiting
Rogue DHCP servers are primarily used by hackers for the purpose of network attacks such as Sniffing,
Reconnaissance, and Man in the Middle attacks.
In case you have attended any ethical hacking interview in the recent past and unable to find out the best
answers for it, do mention those interview questions in the comments section below and we’ll answer
them ASAP.