CEH Interview Prep Question

1. What is Ethical Hacking?

Answer: Ethical hacking is the practice of deliberately probing and testing a computer system or network to identify security vulnerabilities that could be exploited by malicious hackers. Ethical hackers use the same methods and tools as malicious hackers but do so with permission and for the purpose of improving security.

2. What is the difference between black hat, white hat, and grey hat hackers?

Answer: Black hat hackers engage in illegal activities for personal gain. White hat hackers are ethical hackers who perform security testing with permission. Grey hat hackers operate between the ethical boundaries, sometimes violating laws or typical ethical standards, but not with malicious intent.

3. What is the purpose of penetration testing?

Answer: Penetration testing aims to identify security weaknesses in a system by simulating attacks from malicious outsiders (external testing) or insiders (internal testing). The goal is to identify vulnerabilities before they can be exploited by real attackers.

4. What are the five phases of hacking?

Answer: The five phases are:

1. Reconnaissance: Gathering information about the target.
2. Scanning: Identifying open ports and services.
3. Gaining Access: Exploiting vulnerabilities to enter the system.
4. Maintaining Access: Ensuring continued access to the system.
5. Covering Tracks: Removing evidence of the attack.

5. What is footprinting?

Answer: Footprinting is the process of collecting as much information as possible about a target network or system. It is the first step in the hacking process and involves passive and active information-gathering techniques.

6. What is a Denial of Service (DoS) attack?

Answer: A DoS attack is an attempt to make a machine or network resource unavailable to its intended users by overwhelming it with a flood of illegitimate requests, causing the system to crash or become extremely slow.

7. What is SQL Injection?

Answer: SQL Injection is a type of attack where the attacker inserts malicious SQL code into a query input field for execution. This can allow attackers to retrieve, alter, or delete database data.

8. What tools are commonly used for network scanning?

Answer: Common tools include Nmap, Nessus, OpenVAS, and Angry IP Scanner.

9. What is the purpose of the Metasploit Framework?

Answer: Metasploit is an open-source penetration testing platform that helps security professionals identify, exploit, and validate vulnerabilities. It provides tools to perform and manage security assessments.

10. Explain what a zero-day vulnerability is.

Answer: A zero-day vulnerability is a flaw in software or hardware that is unknown to the party responsible for fixing the flaw (usually the software vendor). It is called "zero-day" because the vendor has zero days to fix it before it can be potentially exploited.

11. What is the difference between symmetric and asymmetric encryption?

Answer: Symmetric encryption uses the same key for both encryption and decryption. Asymmetric encryption uses a pair of keys—a public key for encryption and a private key for decryption.

12. What is a firewall, and how does it work?

Answer: A firewall is a network security device that monitors and filters incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between a trusted internal network and untrusted external networks.

13. What is social engineering?

Answer: Social engineering is the manipulation of individuals into performing actions or divulging confidential information, typically through deception, to gain unauthorized access to systems or data.

14. What is a phishing attack?

Answer: Phishing is a type of social engineering attack where an attacker sends fraudulent communications (usually emails) that appear to come from a reputable source to trick individuals into revealing sensitive information.

15. What is a vulnerability assessment?

Answer: A vulnerability assessment is the process of identifying, quantifying, and prioritizing vulnerabilities in a system. It aims to provide a comprehensive evaluation of security weaknesses and suggest remedies.

16. Explain the concept of a honeypot.

Answer: A honeypot is a security mechanism set to detect, deflect, or study attempts at unauthorized use of information systems. It is a decoy system used to attract attackers and gather information about their tactics.

17. What is the OWASP Top Ten?

Answer: The OWASP Top Ten is a standard awareness document for web application security. It represents a broad consensus about the most critical security risks to web applications.

18. What is a buffer overflow, and how can it be prevented?

Answer: A buffer overflow occurs when more data is written to a buffer than it can hold, causing data to overflow into adjacent memory. It can be prevented by using bounds checking, proper memory management, and programming languages that automatically handle memory.

19. What is Cross-Site Scripting (XSS)?

Answer: XSS is a type of injection attack where an attacker injects malicious scripts into content from otherwise trusted websites. These scripts can then be executed in the victim’s browser, leading to compromised user sessions, defaced websites, and the spread of malware.

20. What is an Intrusion Detection System (IDS)?

Answer: An IDS is a device or software application that monitors network or system activities for malicious activities or policy violations. Any detected activity or violation is typically reported to an administrator or collected centrally using a security information and event management system.

21. What are some common hashing algorithms?

Answer: Common hashing algorithms include MD5, SHA-1, SHA-256, and SHA-3.

22. Explain the concept of a VPN.

Answer: A Virtual Private Network (VPN) extends a private network across a public network, allowing users to send and receive data as if their computing devices were directly connected to the private network. It provides security through encryption and other security mechanisms.

23. What is the principle of least privilege?

Answer: The principle of least privilege states that users and systems should only have the minimum level of access necessary to perform their functions. This reduces the risk of unauthorized access and limits potential damage from security breaches.

24. What are the differences between IDS and IPS?

Answer: An Intrusion Detection System (IDS) monitors and alerts on suspicious activities, whereas an Intrusion Prevention System (IPS) can take action to block or prevent detected threats.

25. What is two-factor authentication (2FA)?

Answer: Two-factor authentication (2FA) is a security process in which the user provides two different authentication factors to verify themselves. This typically includes something the user knows (password) and something the user has (a mobile device or security token).

26. What is ARP Spoofing?

Answer: ARP Spoofing is a type of attack in which an attacker sends falsified ARP (Address Resolution Protocol) messages over a local area network to link their MAC address with the IP address of another host, often to intercept, modify, or block communication.

27. What are the types of scans in Nmap?

Answer: The types of scans include SYN Scan, TCP Connect Scan, ACK Scan, Window Scan, FIN Scan, Xmas Scan, and Null Scan, among others.

28. What is WPA3, and how does it differ from WPA2?

Answer: WPA3 is the latest Wi-Fi security protocol that provides stronger encryption, enhanced authentication, and better protection against brute-force attacks compared to WPA2.

29. What is DNS Spoofing?

Answer: DNS Spoofing is an attack where false DNS information is introduced into a DNS resolver’s cache, causing the name server to return an incorrect IP address, diverting traffic to malicious sites.

30. What is steganography?

Answer: Steganography is the practice of hiding messages or information within other non-secret text or data. It is often used to conceal communication by embedding it within images, audio files, or other formats.

31. What are the main types of malware?

Answer: The main types of malware include viruses, worms, trojans, ransomware, spyware, adware, and rootkits.

32. What is a Trojan Horse?

Answer: A Trojan Horse is a type of malware disguised as legitimate software. Once installed, it can give attackers unauthorized access to the user's system.

33. What is a Rootkit?

Answer: A rootkit is a type of malware designed to gain unauthorized root or administrative access to a system and hide its presence and the presence of other malicious software.

34. What is a Botnet?

Answer: A botnet is a network of compromised computers, often referred to as "bots" or "zombies," controlled by an attacker. Botnets are commonly used for distributed denial-of-service (DDoS) attacks, spamming, and other malicious activities.

35. What is Phishing?

Answer: Phishing is a cyber-attack where attackers disguise themselves as trustworthy entities to steal sensitive information such as login credentials, credit card numbers, and other personal data.

36. What is a Man-in-the-Middle (MITM) attack?

Answer: An MITM attack is a type of attack where the attacker secretly intercepts and possibly alters the communication between two parties who believe they are directly communicating with each other.

37. What is Keylogging?

Answer: Keylogging is the action of recording the keys struck on a keyboard, typically covertly, so that the person using the keyboard is unaware their actions are being monitored. It is often used to steal passwords and other sensitive information.

?