Wednesday 23 September 2015

Freshers Ethical Hacking Interview Questions and Answers pdf

11) Explain what is DOS (Denial of service) attack? What are the common forms of DOS attack?
Denial of Service, is a malicious attack on network that is done by flooding the network with useless traffic.  Although, DOS does not cause any theft of information or security breach, it can cost the website owner a great deal of money and time.
    Buffer Overflow Attacks
    SYN Attack
    Teardrop Attack
    Smurf Attack
    Viruses

12) Explain what is SQL injection?
SQL is one of the technique used to steal data from organizations, it is a fault created in the application code.  SQL injection happens when you inject the content into a SQL query string and the result mode content into a SQL query string, and the result modifies the syntax of your query in ways you did not intend

13) What is password shadowing?
Password shadowing is a security system where the encrypted password field of /etc/password is replaced with a special token and the encrypted password is stored in a seperate file which is not readable by normal system users.

To defeat password shadowing on many systems, write a program that uses successive calls to getpwent() to obtain the password file.

Example:
#include <pwd.h>
main()
{
struct passwd *p;
while(p=getpwent())
printf("%s:%s:%d:%d:%s:%s:%sn", p->pw_name, p->pw_passwd,
p->pw_uid, p->pw_gid, p->pw_gecos, p->pw_dir, p->pw_shell);
}

14) What are the types of computer based social engineering attacks? Explain what is Phishing?
Computer based social engineering attacks are
    Phishing
    Baiting
    On-line scams
Phishing technique involves sending false e-mails, chats or website to impersonate real system with aim of stealing information from original website.

15) Explain what is Network Sniffing?
A network sniffer monitors data flowing over computer network links. By allowing you to capture and view the packet level data on your network, sniffer tool can help you to locate network problems. Sniffers can be used for both stealing information off a network and also for legitimate network management.

More Questions & Answers:-
Page1 Page2 Page3 Page4 Page5 Page6 Page7

No comments:

Post a Comment