Cyber Security Engineer

Cyber Security Engineer Interview Questions and Answers for Freshers

Updated 25 Jun 2024
search-icon

Q1. What is private and public IP address

Ans.

Private IP addresses are used within a local network, while public IP addresses are used to identify a network on the internet.

  • Private IP addresses are not unique on the internet and are used within a local network to identify devices.

  • Public IP addresses are unique on the internet and are used to identify a network on the internet.

  • Private IP addresses are in the range of 10.0.0.0 to 10.255.255.255, 172.16.0.0 to 172.31.255.255, and 192.168.0.0 to 192.168.255.255.

  • Public IP add...read more

Q2. How many hosts in class C IP address

Ans.

There are 256 hosts in a class C IP address.

  • Class C IP addresses have a subnet mask of 255.255.255.0

  • The first three octets are used for network identification

  • The last octet is used for host identification

  • The range of IP addresses in a class C network is from 192.0.0.0 to 223.255.255.255

  • Each octet has 8 bits, so the last octet can have 2^8 (256) possible values

Q3. What is the most recent vulnerability

Ans.

The most recent vulnerability is the PrintNightmare vulnerability in Windows Print Spooler service.

  • The vulnerability allows attackers to remotely execute code with system-level privileges.

  • It affects all versions of Windows and has a CVSS score of 8.8.

  • Microsoft has released patches for the vulnerability, but some experts suggest disabling the Print Spooler service as a temporary fix.

Q4. What is sql injection

Ans.

SQL injection is a type of cyber attack where malicious SQL statements are inserted into an entry field to manipulate a database.

  • Allows attackers to access sensitive data or execute unauthorized actions

  • Occurs when user input is not properly sanitized

  • Can be prevented by using parameterized queries and input validation

  • Example: Entering ' OR 1=1;--' into a login form to bypass authentication

Are these interview questions helpful?

Q5. Give some example of vulnerable ports

Ans.

Vulnerable ports are those that are commonly targeted by attackers to gain unauthorized access to a system.

  • Port 21 (FTP)

  • Port 23 (Telnet)

  • Port 25 (SMTP)

  • Port 80 (HTTP)

  • Port 443 (HTTPS)

  • Port 3389 (Remote Desktop Protocol)

Q6. what is kerberos protocol?

Ans.

Kerberos protocol is a network authentication protocol that allows individuals communicating over a non-secure network to prove their identity to one another in a secure manner.

  • Developed by MIT in the 1980s

  • Uses symmetric key cryptography

  • Involves a Key Distribution Center (KDC)

  • Prevents eavesdropping and replay attacks

Share interview questions and help millions of jobseekers 🌟

man-with-laptop

Q7. What is cyber security

Ans.

Cyber security refers to the practice of protecting computer systems, networks, and sensitive information from unauthorized access, theft, or damage.

  • It involves implementing security measures to prevent cyber attacks

  • It includes protecting against viruses, malware, and other malicious software

  • It also involves educating users on safe online practices

  • Examples of cyber security measures include firewalls, encryption, and multi-factor authentication

Q8. OWASP Top 10 and their definition

Ans.

OWASP Top 10 is a list of the most critical web application security risks.

  • Injection

  • Broken Authentication and Session Management

  • Cross-Site Scripting (XSS)

  • Broken Access Control

  • Security Misconfiguration

  • Insecure Cryptographic Storage

  • Insufficient Transport Layer Protection

  • Unvalidated and Unsanitized Input

  • Insufficient Logging and Monitoring

  • Using Components with Known Vulnerabilities

Cyber Security Engineer Jobs

Cyber Security Engineer 2-7 years
GE India Industrial Private Limited
4.2
Noida
Cyber Security Engineer/Lead-Automotive(5+ Yrs) 5-10 years
Tata Elxsi
3.8
Chennai
Cyber Security Engineer I - Automation 4-8 years
General Mills, Inc.
4.2
Mumbai

Q9. how TLS work ?

Ans.

TLS (Transport Layer Security) is a protocol that ensures privacy and data integrity between communicating applications.

  • TLS encrypts data to ensure confidentiality during transmission.

  • It uses cryptographic algorithms to authenticate the parties involved in the communication.

  • TLS also provides mechanisms for data integrity to prevent tampering.

  • Handshake process involves negotiation of encryption algorithms and exchange of keys.

  • Common examples of TLS implementations include HTTP...read more

Q10. explain three way hand-shake

Ans.

Three-way handshake is a method used in TCP/IP network to establish a connection between a client and a server.

  • Client sends a SYN (synchronize) packet to the server to initiate a connection

  • Server responds with a SYN-ACK (synchronize-acknowledgment) packet to acknowledge the request

  • Client sends an ACK (acknowledgment) packet back to the server to confirm the connection

Interview Tips & Stories
Ace your next interview with expert advice and inspiring stories

Interview experiences of popular companies

3.7
 • 5.6k Interviews
3.6
 • 284 Interviews
3.9
 • 157 Interviews
3.5
 • 138 Interviews
3.6
 • 45 Interviews
3.8
 • 38 Interviews
2.7
 • 2 Interviews
View all

Calculate your in-hand salary

Confused about how your in-hand salary is calculated? Enter your annual salary (CTC) and get your in-hand salary

Cyber Security Engineer Interview Questions
Share an Interview
Stay ahead in your career. Get AmbitionBox app
qr-code
Helping over 1 Crore job seekers every month in choosing their right fit company
65 L+

Reviews

4 L+

Interviews

4 Cr+

Salaries

1 Cr+

Users/Month

Contribute to help millions

Made with ❤️ in India. Trademarks belong to their respective owners. All rights reserved © 2024 Info Edge (India) Ltd.

Follow us
  • Youtube
  • Instagram
  • LinkedIn
  • Facebook
  • Twitter