2,167 total views, 12 views today
- What do you have on your home network?
Nothing shows you how to halt and fix things more than a test environment, and for most people that means their home network. Whether it’s a Windows laptop with a wireless generic router and a phone all the way up to 14 Linux Workstations, an Active Directory Domain Controller, a dedicated Firewall appliance and a net-attached toaster – as long as you are learning and fiddling with it, that’s what matters.
- Why would you want to use SSH from a Windows pc?
SSH is a secure connection used on different systems and dedicated appliances. Routers, Switches, SFTP servers and unsecure programs being tunneled through this port all can be used to help harden a connection against snooping. Despite the fact that most times when you hear about somebody ‘SSHing’ into a box it involves Linux, the SSH protocol itself (Cyber Security) is actually implemented on various systems – though not by default on most Windows systems. Programs like PuTTY, Filezilla and others have Windows ports available, which enables Windows users the same ease-of-use connectivity to these devices as do Linux users.
- What’s the difference between Symmetric and Asymmetric encryption?
|Symmetric encryption||Asymmetric encryption|
|It uses the same key for encryption and decryption||It uses different keys for encryption and decryption|
|Symmetric encryption is generally much faster||Asymmetric encryption is generally slower|
|It is very difficult to implement most times due to the fact that you would have to transfer the key over an unencrypted channel.||Asymmetric connection will be established first and then send creates the Symmetric connection.|
- What is SSL and why is it not enough when it comes to encryption?
SSL stands for Secure Sockets Layer is identity verification and is designed to be able to prove that the person you are talking to on the other end is who they say they are. SSL and TLS are both used almost everyone online, but the problem is that it is a huge target and is mainly attacked via its implementation and its known approach. As a result, SSL can be stripped in certain circumstances, so additional protections for data-in-transit and data-at-rest are very good ideas.
- How would you find out what a POST code means?
POST is one of the best tools available to boot a system. Generally through the use of either display LEDs in more modern systems, or traditionally through audio tones, these specific codes can let u you know what the system doesn’t like about its present setup. Because of how rare these events can be, unless you are on a tech bench day in and day out, reference materials such as the Motherboard manual and your search engine of choice can be marvelous assets.
- What is XSS?
- How would you login to Active Directory from a Linux or Mac box?
While it may sound strange, it is possible to access Active Directory from a non-Windows system. Active Directory uses an operation of the SMB protocol, which can be accessed from a Linux or Mac system by using the Samba program. Depending on the version, this can enables for share access, printing, and even Active Directory membership.
- What are salted hashes?
Salt at its most basic level is random data. When a well-protected password system receives a new password, it will create a hashed value for that password, create a new random salt value, and then store that combined value in its database. This helps defend against dictionary attacks and known hash attacks. For example, if a user uses the same password on two different systems, if they used the same hashing algorithm, they could end up with the same hash value.
- How would you judge if a remote server is running IIS or Apache?
Error messages often giveaway what the server is running, and several times if the website administrator has not set up custom error pages for every website, it can give it away as simply as just entering a known bad address. Other times, just using telnet can be enough to see how it responds. Never underestimate the amount of information that can be gained by not getting the right answer but by asking the right questions.
- What is data protection in transit vs data protection at rest?
Data protection at rest: When data is protected while it is just sitting there in its database or on its hard drive.
Data protection at transit: When it is going from server to client it is in-transit.
Various servers do one or the other- protected SQL databases, VPN connections, etc., however there are not many that do both primarily because of the extra drain on resources. It is still a good practice to do both however, even if it does take a bit longer.
- On a Windows network, why is it easier to break into a local account than an AD account?
Windows local accounts have a great deal of baggage tied to them, running back a long way to keep compatibility for user accounts. If you are a user of passwords more than 13 characters, you may have seen the message referring to this fact. However, Active Directory accounts have a great deal of security tied onto them, not the least of which is that the system actually doing the authenticating is not the one you are usually sitting at when you are a regular user. Breaking into a Windows system if you have physical access is really not that difficult at all, as there are quite a few dedicated utilities for just such a purpose, however that is beyond the scope of what we’ll be getting into here.
- What is the CIA triangle?
CAI stands for Confidentiality Integrity Availability. As close to a ‘code’ for Information Security as it is possible to get, it is the boiled down essence of InfoSec. Confidentiality- keeping data secure. Integrity- keeping data intact. Availability- keeping data accessible.
- What is the difference between an HIDS and a NIDS?
Both acronyms are Intrusion Detection Systems:
|Stands for Host Intrusion Detection System||Stands for Network Intrusion Detection System|
|An HIDS runs as a background utility in the same as an anti-virus program for instance,
|Network Intrusion Detection System sniffs packets as they go across the network looking for things that aren’t quite ordinary.|
Both systems have two basic variants: signature based and anomaly based. Signature based is very much like an anti-virus system, looking for known values of known ‘bad things’, while anomaly looks more for network traffic that doesn’t fit the usual pattern of the network.
- What is the difference between vulnerability and an exploit?
A lot of people would say that they are the same thing, and in a sense they would be right. However, one is a potential problem while the other is an active problem. Think of it like this: You have a shed with a broken lock where it won’t latch properly. In some areas such as major cities, that would be a major problem that needs to be resolved immediately, while in others like rural areas its more of a nuisance that can be fixed when you get around to it. In both scenarios it would be vulnerability, while the major cities shed would be an example of an exploit – there are people in the area, actively exploiting a known problem.
- What’s better, a red team or a blue team?
- In penetration testing scenarios, a red team is trying to break in while a blue team is defending.
- Red Teams typically are considered the ‘cooler’ of the two, while the Blue Team is usually the more difficult.
- The usual rules apply like in any defense game: the Blue Team has to be good every time, while the Red Team only has to be good once.
That’s not entirely accurate given the complexities at work in most scenarios, but its close enough to explain the idea.
- How would you lock down a mobile device?
The baseline for these though would be three key elements:
- An anti-malware application
- A remote wipe utility
- Full-disk encryption
Almost all modern mobile devices regardless of manufacturer have anti-malware and remote wipe available for them, and very few systems now do not come with full-disk encryption available as an option directly within the OS.
- What is the difference between closed-source and open-source? Which is better?
|Closed-source is a typical commercially developed program. You receive an executable file which runs and does its job without the ability to look far under the hood.
|Open-source however provides the source code to be able to inspect everything it does, as well as be able to make changes yourself and recompile the code.
|Closed-source advocates claim that open-source causes issues because everybody can see exactly how it works and exploit weaknesses in the program.||Open-source counter saying that because closed-source programs don’t provide ways to fully check them out, it is difficult to find and troubleshoot issues in the programs beyond a certain level.|
- What is your opinion on hacktivist groups such as Anonymous?
This is an especially loaded question. Like any major group without a central leader, they seem to be mostly chaotic, at times seeming like a force for good, while at others causing havoc for innocents. Choose your words very carefully here, as it could be a dealbreaker.
- What are the three ways to authenticate a person?
Something they know (encrypted password), something they have (access token), and something they are (biometrics). Two factors authentication often times uses a password and key token setup, although in some cases this can be a pre-generated PIN and biometric (thumbprint, etc.). Read More …