Cyber Security Engineer
Cyber Security Engineer Interview Questions and Answers for Freshers
Q1. What is private and public IP address
Private IP addresses are used within a local network, while public IP addresses are used to identify a network on the internet.
Private IP addresses are not unique on the internet and are used within a local network to identify devices.
Public IP addresses are unique on the internet and are used to identify a network on the internet.
Private IP addresses are in the range of 10.0.0.0 to 10.255.255.255, 172.16.0.0 to 172.31.255.255, and 192.168.0.0 to 192.168.255.255.
Public IP add...read more
Q2. How many hosts in class C IP address
There are 256 hosts in a class C IP address.
Class C IP addresses have a subnet mask of 255.255.255.0
The first three octets are used for network identification
The last octet is used for host identification
The range of IP addresses in a class C network is from 192.0.0.0 to 223.255.255.255
Each octet has 8 bits, so the last octet can have 2^8 (256) possible values
Q3. What is the most recent vulnerability
The most recent vulnerability is the PrintNightmare vulnerability in Windows Print Spooler service.
The vulnerability allows attackers to remotely execute code with system-level privileges.
It affects all versions of Windows and has a CVSS score of 8.8.
Microsoft has released patches for the vulnerability, but some experts suggest disabling the Print Spooler service as a temporary fix.
Q4. What is sql injection
SQL injection is a type of cyber attack where malicious SQL statements are inserted into an entry field to manipulate a database.
Allows attackers to access sensitive data or execute unauthorized actions
Occurs when user input is not properly sanitized
Can be prevented by using parameterized queries and input validation
Example: Entering ' OR 1=1;--' into a login form to bypass authentication
Q5. Give some example of vulnerable ports
Vulnerable ports are those that are commonly targeted by attackers to gain unauthorized access to a system.
Port 21 (FTP)
Port 23 (Telnet)
Port 25 (SMTP)
Port 80 (HTTP)
Port 443 (HTTPS)
Port 3389 (Remote Desktop Protocol)
Q6. what is kerberos protocol?
Kerberos protocol is a network authentication protocol that allows individuals communicating over a non-secure network to prove their identity to one another in a secure manner.
Developed by MIT in the 1980s
Uses symmetric key cryptography
Involves a Key Distribution Center (KDC)
Prevents eavesdropping and replay attacks
Share interview questions and help millions of jobseekers 🌟
Q7. What is cyber security
Cyber security refers to the practice of protecting computer systems, networks, and sensitive information from unauthorized access, theft, or damage.
It involves implementing security measures to prevent cyber attacks
It includes protecting against viruses, malware, and other malicious software
It also involves educating users on safe online practices
Examples of cyber security measures include firewalls, encryption, and multi-factor authentication
Q8. OWASP Top 10 and their definition
OWASP Top 10 is a list of the most critical web application security risks.
Injection
Broken Authentication and Session Management
Cross-Site Scripting (XSS)
Broken Access Control
Security Misconfiguration
Insecure Cryptographic Storage
Insufficient Transport Layer Protection
Unvalidated and Unsanitized Input
Insufficient Logging and Monitoring
Using Components with Known Vulnerabilities
Cyber Security Engineer Jobs
Q9. how TLS work ?
TLS (Transport Layer Security) is a protocol that ensures privacy and data integrity between communicating applications.
TLS encrypts data to ensure confidentiality during transmission.
It uses cryptographic algorithms to authenticate the parties involved in the communication.
TLS also provides mechanisms for data integrity to prevent tampering.
Handshake process involves negotiation of encryption algorithms and exchange of keys.
Common examples of TLS implementations include HTTP...read more
Q10. explain three way hand-shake
Three-way handshake is a method used in TCP/IP network to establish a connection between a client and a server.
Client sends a SYN (synchronize) packet to the server to initiate a connection
Server responds with a SYN-ACK (synchronize-acknowledgment) packet to acknowledge the request
Client sends an ACK (acknowledgment) packet back to the server to confirm the connection
Interview Questions of Similar Designations
Interview experiences of popular companies
Calculate your in-hand salary
Confused about how your in-hand salary is calculated? Enter your annual salary (CTC) and get your in-hand salary
Reviews
Interviews
Salaries
Users/Month