Ethical Hacking Interview question and answers
To oppose the malicious activities by ethical hackers, and the rise of IT security raised the need of ethical hackers. Recently, numerous organizations went through the cyber-attacks raised their growing need of having professional ethical hackers who can safeguard their networks. Ethical hacking is the term given to penetration testing and prevention. Your career is based on your hacking skills, but you use them to protect companies against malicious hackers. Before you decide to interview, here are some CEH interview questions and answer you might run into when interviewing for a job.
1) How are the ethical hackers different from non-ethical hackers?
As the name suggests, something legal is associated with it. In many organizations, today computers are hacked for the good purpose of the organization. In any organization, to hack a computer means vulnerability that loopholes in a computer found by them, that they build by firewall. Considering a very simple example here, the windows security an organization upgrade on the daily basis. It is a common practice, to hack and it is mostly observed prior to the release of new softwares to test its ability to with understand such attacks.
However, non ethical hacking is the serious issue. Because every user almost is facing this kind of problem. It means that when people, steal some one data just for their own personal gain. It includes mostly, credit card info, ID theft, and the make perfect sense to me.
2) What is LDAP ( Lightweight Directory Access Protocol ) ?
The Lightweight Directory Access protocol is a protocol used to access the directory listings within Active Directory or from the other directory services.
3) State the difference between IP address and MAC address?
IP address: To every device IP address is assigned, so that device can be located on the network. In other words IP address is like your postal address, where anyone who knows your postal address can send you a letter.
MAC (Machine Access Control) address: It is a unique arrangement of serial number assigned to every network interface on every device. Mac address is like your physical mail box, only your postal carrier (network router) can identify it and you can change it by getting a new mailbox (network card) at any time and slapping your name (IP address) on it.
4) What do you mean by brute force hack?
A brute force hack tries to “guess” a password and username using a dictionary. A brute force attack takes longer but it uses each value in the dictionary attack.
5) What is enumeration?
Enumeration is defined as the process of extracting user names, machine names, network resources, shares, and services from a system. Enumeration techniques are conducted in an Intranet Environment.
6) Explain in brief about the DoS attack?
A denial of service attack sends massive amounts of traffic to a website in an attempt to crash either the router or the web server. Hackers can use a syn attack, buffer overflow attack, smurf attack or even viruses.
7) Define network sniffing?
Network sniffing reads the data packets sent over a network between a user and the web server. Network sniffing can be combated using SSL or encryption when communication with a web server.
8) What is footprinting in ethical hacking? What is the techniques used for footprinting?
Footprinting refers accumulating and uncovering as much as information about the target network before gaining access into any network. The approach adopted by hackers before hacking
- Open Source Footprinting : It will look for the contact information of administrators that will be used in guessing the password in Social engineering
- Network Enumeration : The hacker tries to identify the domain names and the network blocks of the target network
- Scanning : Once the network is known, the second step is to spy the active IP addresses on the network. For identifying active IP addresses (ICMP) Internet Control Message Protocol is an active IP addresses
- Stack Fingerprinting : Once the hosts and port have been mapped by scanning the network, the final footprinting step can be performed. This is called Stack fingerprinting.
9) What is ARP spoofing?
ARP (Address Resolution Protocol) is a form of attack in which an attacker changes MAC ( Media Access Control) address and attacks an internet LAN by changing the target computer’s ARP cache with a forged ARP request and reply packets.
10) How can you prevent ARP spoofing or ARP poisoning?
ARP poisoning can be prevented by following methods
- Packet Filtering : Packet filters are capable for filtering out and blocking packets with conflicting source address information
- Avoid trust relationship : Organization should develop protocol that rely on trust relationship as little as possible
- Use ARP spoofing detection software : There are programs that inspects and certifies data before it is transmitted and blocks data that is spoofed
- Use cryptographic network protocols : By using secure communications protocols like TLS, SSH, HTTP secure prevents ARP spoofing attack by encrypting data prior to transmission and authenticating data when it is received.
11) Explain what is Burp Suite, what are the tools it consist of?
Burp suite is an integrated platform used for attacking web applications. It consists of all the Burp tools required for attacking an application. Burp Suite tool has same approach for attacking web applications like framework for handling HTTP request, upstream proxies, alerting, logging and so on.
The tools that Burp Suite has
12) What is CSRF and how can you prevent it?
CSRF or Cross site request forgery is an attack from a malicious website that will send a request to a web application that a user is already authenticated against from a different website. To prevent CSRF you can append unpredictable challenge token to each request and associate them with user’s session. It will ensure the developer that the request received is from a valid source.
13) Explain how can you stop the hacking of any website?
By adapting following method you can stop your website from getting hacked
- Sanitizing and Validating users parameters: By Sanitizing and Validating user parameters before submitting them to the database can reduce the chances of being attacked by SQL injection
- Using Firewall: Firewall can be used to drop traffic from suspicious IP address if attack is a simple DOS
- Encrypting the Cookies: Cookie or Session poisoning can be prevented by encrypting the content of the cookies, associating cookies with the client IP address and timing out the cookies after some time
- Validating and Verifying user input : This approach is ready to prevent form tempering by verifying and validating the user input before processing it
- Validating and Sanitizing headers : This techniques is useful against cross site scripting or XSS, this technique includes validating and sanitizing headers, parameters passed via the URL, form parameters and hidden values to reduce XSS attacks
14) Name any tool used for ethical hacking?
WireShark is a software penetration testing tool that lets you sniff network traffic and identify rogue packets for testing and security purposes.
15) What is pharming and defacement?
Pharming: In this technique the attacker compromises the DNS ( Domain Name System) servers or on the user computer so that traffic is directed to a malicious site
Defacement: In this technique the attacker replaces the organization website with a different page. It contains the hackers name, images and may even include messages and background music.
Hope CEH Cyber security interview question and answer find helfull to get you in cyber security jobs