ESE Question Bank

Cyber Security

1. What are the importance and challenges of cyber security?

Protecting the user data

Preventing CyberAttack

Removing virus

Preserving Privacy and Trust

Business Continuity

Ransomeware

Blockchain

IOT

AI

Serverless Functions

2. Possible cyber threats

Malware

Emotet

MITM

Phishing

DOS

SQL Injection

Password Attacks

4. CIA Triad

Confidentiality
Integral

Availability

5. Cyberspace

write the defination of internet basically - that would be cyberspace

yap about TCP and how it works

6. What is cyber terrorism?

TSTWA

7. What is Vulnerability scanning?

Proactive Security Assesment

Targeted Identification

Database Comparison

Risk Prioritisation

Ongoing Maintenance

8. Explain Banner / Version check

Banner is a text showed by the host which displays information about the type and the version and
other information about the software running on the system

if displayed to cybercriminals = bad

purpose

identify

vulnerability

compatibility
ways

banner grabbing

ports and protocols: HTTPS/SMTP/FTP

Tools: Nmap, Web Scanner: Nikto and Burp, Specialised tools: Netcat, BannerGrab, Telnet

9. What is OpenVas?

Overview :

Open Vulnerability Assessment System (OpenVAS) is free software that provides various services and
tools for vulnerability assessment

A vulnerability assessment tool works in the following way as follows.

Classifies the system resources.

Allocates the enumerable values to the classified resources.

Detects the possible threats (vulnerabilities) in each resource.

Eliminates the vulnerabilities on a priority basis.

Categories of Open VAS architecture :

Open VAS architecture has the following categories as follows.

Clients –

Open VAS CLI and Green-bone Security Assistant (GSA) are interfaces available for clients.|

Services –

Open VAS Scanner and Open VAS Manager are services that actually perform the tasks of scanning
the host machine on the network for Network Vulnerability Tests (NVTs).

Data –

NVTs results and configs are data used in the process of scanning the host machine.
11. DataPipe, FPipe

DataPipe – unix based, only for tcp ports, it is not an endpoint and it is more llike a channel, takes
you from one port to another , it is protocal ignorant, works all protocals, also takes care if it is plaion
text or SSH encrypted

S ./datapipe localhost localport remotehost remoteport

FPipe - windows based, both tcp and udp ports , and it does not need dlls and can the file can be
shared dynamically, it has more support and features increasing its capability , provided by McAfee

Syntax: C:\> fpipe -l 9080 -r 80 www.google.com

-l The listening port number.

-r The remote port number (the port to which traffic is redirected).

12. Network sniffers

It is used to monitor the flow of the data packets flowing in to the network

Purpose: work as a packet analyser

Functionality: They intercept packets and read them to know if they are malicious or not and also
control traffic.

Use Cases: Network troubleshooting and traffic analysis, detect unauthorised traffic

Examples: Wireshark, tcpdump, Microsoft Network Monitor

13. TCP Dump and WinDump

Packet Sniffing Tools for Network Analysis and Troubleshooting

TCP - unix and macos

Purpose: sniffing packets and analyzing them, inspect all the shit and also filter traffic

Features: wide range of options and filters for specifying packet capture criteria, such as
source/destination IP addresses, ports, protocols

Usage:Network administers, securitt professionals and system analysts

WINDUMP – DUHHH! Windows

Purpose: same as tcpdum

Features: same

Usage: same
14. Ettercap

Open source Security tool for:

sniffing, network analysis, and man-in-the-middle (MITM) attacks and HACKING as well

Core features

ARP Spoofing

Packet sniffing

MITM

SSL Stripping

Password

Plugin Data

Protocol support :

15. Snort

16. Firewall

17. Virtual private network

18. Web App tools

19. Cyber security standards

20. Cyber forensics

21. Investigations of different types of attacks

Krishna is secretly a spicy taco