TOP Ethical Hacking Interview Questions and Answers
Who is a hacker?
Intelligent individuals with excellent computer skills, with the ability to create and explore into the computer’s software and hardware.
What is Ethical Hacking?
Ethical Hacking is when a person is allowed to hacks the system with the permission of the product owner to find weakness in a system and later fix them.
What are the types of hacking stages ?
- Gaining Access
- Escalating Privileges
- Executing Applications
- Hiding Files
- Covering Tracks
What is the difference between IP address and Mac address?
IP address: To every device IP address is assigned, so that device can be located on the network. In other words IP address is like your postal address, where anyone who knows your postal address can send you a letter.
MAC (Machine Access Control) address: A MAC address is a unique serial number assigned to every network interface on every device. Mac address is like your physical mail box, only your postal carrier (network router) can identify it and you can change it by getting a new mailbox (network card) at any time and slapping your name (IP address) on it.
List out some of the common tools used by Ethical hackers?
- Meta Sploit
- Wire Shark
- John The Ripper
What are the types of ethical hackers?
The types of ethical hackers are:-
- Grey Box hackers or Cyberwarrior
- Black Box penetration Testers
- White Box penetration Testers
- Certified Ethical hacker
What is footprinting?
Footprinting refers to uncovering and collecting as much information as possible about a target network.
What is footprinting in ethical hacking? What is the techniques used for footprinting?
Footprinting refers accumulating and uncovering as much as information about the target network before gaining access into any network. The approach adopted by hackers before hacking
Open Source Footprinting: It will look for the contact information of administrators that will be used in guessing the password in Social engineering
Network Enumeration: The hacker tries to identify the domain names and the network blocks of the target network
Scanning: Once the network is known, the second step is to spy the active IP addresses on the network. For identifying active IP addresses (ICMP) Internet Control Message Protocol is an active IP addresses
Stack Fingerprinting: Once the hosts and port have been mapped by scanning the network, the final footprinting step can be performed. This is called Stack fingerprinting.
What is Brute Force Hack?
How do I crack Unix passwords?
Contrary to popular belief, Unix passwords cannot be decrypted. Unix passwords are encrypted with a one way function. The login program encrypts the text you enter at the “password:” prompt and compares that encrypted string against the encrypted form of your password.
Password cracking software uses wordlists. Each word in the wordlist is encrypted with each of the 2600 possible salt values and the results are compared to the encrypted form of the target password.
The best cracking program for Unix passwords is currently Crack by Alec Muffett. For PC-DOS, the best package to use is currently CrackerJack.
What is DOS (Denial of service) attack? What are the common forms of DOS attack?
Denial of Service, is a malicious attack on network that is done by flooding the network with useless traffic. Although, DOS does not cause any theft of information or security breach, it can cost the website owner a great deal of money and time.
Buffer Overflow Attacks
What is SQL injection?
SQL is one of the technique used to steal data from organizations, it is a fault created in the application code. SQL injection happens when you inject the content into a SQL query string and the result mode content into a SQL query string, and the result modifies the syntax of your query in ways you did not intend