Darul Ansar Centre for Applied Learning Interview Questions and Answers

Key man problem in cybersecurity refers to the risk of a single person having too much access or knowledge, making them a single point of failure.

• Key man problem arises when a single person has access to critical systems or information

• If that person leaves or is unavailable, it can cause significant disruption or security breaches

• This can be mitigated by implementing proper access controls and knowledge sharing among team members

• Examples include a system administrator with fu...read more

Service-oriented solutions focus on continuous monitoring and response, while product-oriented solutions rely on implementing security measures through hardware and software.

• Service-oriented solutions involve ongoing monitoring of systems and networks to detect and respond to threats in real-time.

• Examples of service-oriented solutions include managed security services, threat intelligence platforms, and security information and event management (SIEM) systems.

• Product-oriented...read more

Cyber attack kill chain is a framework that describes the stages of a successful cyber attack.

• The kill chain consists of several stages including reconnaissance, weaponization, delivery, exploitation, installation, command and control, and actions on objectives.

• Each stage represents a step in the attacker's process and can be used to identify and prevent attacks.

• For example, in the reconnaissance stage, attackers gather information about their target, such as vulnerabilities ...read more

Cross site scripting is a type of security vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users.

• Cross site scripting (XSS) occurs when an attacker injects malicious scripts into web pages viewed by other users.

• Lateral movement in an attack scenario involves an attacker moving horizontally across a network to gain access to different systems.

• Attackers can use lateral movement techniques such as pass-the-hash, pass-the-ticket, and...read more

Mitre attack is a framework for identifying and categorizing common attack techniques used by adversaries.

• Mitre attack provides a standardized way of describing and communicating about cyber threats.

• It includes a list of tactics and techniques used by attackers, as well as examples of real-world attacks.

• The framework is used by security professionals to assess their organization's security posture and identify areas for improvement.

• Mitre attack is constantly updated to reflec...read more