meet anne
she often shops from
www.shoppingcart.com
she has her information like email id
address and credit card details saved on
the website to enable a faster and
hassle-free shopping experience the
required information is stored in a
server
one day anne received an email which
stated her eligibility for a special
discount voucher from shoppingcart.com
in order to receive the coupon code she
was asked to fill in her shopping
cart.com account credentials
this didn't seem fishy to her at the
time as she thought it was just an
account verification step
little did she realize the danger she
would be facing
she was knocked off her feet when a
substantial amount of money was wiped
off her account
how do you think this happened
well yes the email she received was fake
anne's shoppingcart.com account
witnessed unauthorized access from a
third party this type of attack is known
as a cyber attack and the person who
carries it out is called a hacker
could anna prevented this attack
indeed she could have
with the help of cyber security
cyber security involves techniques that
help in securing various digital
components networks data and computer
systems from unauthorized digital access
there are multiple ways to implement
cyber security depending on the kind of
network you are connected to and the
type of cyber attacks you are prone to
so let's take a look at the various
cyber attacks that anne could have been
exposed to
one of the most common types of cyber
attacks is a malware attack like trojan
adware and spyware to name a few
had ann downloaded any suspicious
attachments online her system could have
gotten corrupted by certain malicious
viruses embedded within the attachments
next is a phishing attack the type of
cyber attack which ann experienced
here the hacker usually sends fraudulent
emails which appear to be coming from a
legitimate source
this is done to install malware or to
steal sensitive data like credit card
information and login credentials
another type of attack is the man in the
middle attack
here the hacker gains access to the
information path between ann's device
and the website's server the hacker's
computer takes over anne's ip address by
doing so the communication line between
ann and the website is secretly
intercepted
this commonly happens with unsecured
wi-fi networks and also through malware
password attack is one of the easiest
ways to hack a system
here and's password could have been
cracked by using either common passwords
or trying all possible alphabetical
combinations
to prevent future cyber attacks and
sought to implement a few cyber security
practices
first she installed a firewall as the
name suggests it is a virtual wall
between ann's computer and the internet
firewalls filter the incoming and
outgoing traffic from your device to
safeguard your network and they can
either be software applications or
hardware reinforcements
secondly and implemented honeypots just
like how flowers attract bees dummy
computer systems called honeypots are
used to attract attackers
these systems are made to look
vulnerable in order to deceive attackers
and this in turn defends the real system
in addition to these she also decided to
use unique alphanumeric passwords
antivirus software and started avoiding
mails from unknown senders
that was ann's story
cyber attacks are not just confined to
individuals but also to public and
private organizations
the cyber attacks carried out in such
places are more deadly and they result
in colossal losses
motives of such attacks are many
starting from tampering with crucial
data to monetary gains
let's have a look at a few of the cyber
attacks that companies are subjected to
various public sector organizations and
large corporations face the advanced
persistent threat apt
in this form of attack hackers gain
access to networks for a prolonged
period in order to continuously gain
confidential information
companies also witness the denial of
service attack where networks are
flooded with traffic which in turn
leaves legitimate service requests
unattended a variant of this is the
distributed denial of service ddos
attack when multiple systems are used to
launch the attack
when a hacker manipulates a standard sql
query in a database driven website it is
known as a sql injection attack
by doing so hackers can view edit and
delete tables from databases
amidst a plethora of cyber attacks it is
indeed a challenge for organizations
with several networks and servers to
ensure complete security this is not an
easy task and to help with this cyber
security professionals are hired to work
on identifying cyber threats and
securing a company's network
there are multiple job roles in the
field of cyber security if hacking
fascinates you then the role of an
ethical hacker is something to be
explored
such professionals try to exp a
network's vulnerabilities just like how
a hacker would do
but only to identify those
vulnerabilities and resolve them for
protection against an actual cyber
attack
but if you are looking to design robust
security structures then the role of a
security architect is more apt
a chief information security officer
ciso plays a crucial role in enterprise
security and is entrusted with the
overall safety of the information in an
organization
so here's a question for you identify
the type of cyber attack where the
hacker system takes over the client's ip
address
a ddos attack
b
man in the middle attack
c phishing attack
d
password attack
give it a thought and leave your answers
in the comments section below three
lucky winners will receive amazon gift
vouchers
with the increase in the production of
global digital data it is anticipated
that cyber attacks will quadruple in the
near future
organizations are going to need cyber
security professionals who can prevent
these attacks
a career in the field of cyber security
is lucrative and a very smart decision
for professionals now
so what are you waiting for
get certified with simplylearn and
become a cyber security expert in this
video we bring you the top 10 computer
hacks of all time let's see what we have
at number 10.
from april 27 2007 estonia the european
country faced a series of cyber attacks
that lasted for weeks
this happened when the estonian
government decided to move the bronze
soldier from talon center to a less
prominent military cemetery located on
the city's outskirts
unprecedented levels of internet traffic
took down estonian banks online services
media outlets broadcasters and
government bodies
botnets sent massive waves of spam and
vast amounts of automated online
requests
according to researchers the public
faced ddos attacks there were conflicts
to edit the english language version of
the bronze soldiers wikipedia page as
well
although there is no confirmation russia
is believed to be behind these cyber
attacks that largely crippled the
estonian society
let's now move on to the next attack on
december 23 2015 several parts of
ukraine witnessed a power outage and
this was not a typical blackout it was
indeed the result of a cyber attack
information systems of three energy
distribution companies in ukraine were
compromised it is the first known
victorious cyber attack on a power grid
it is said that here hackers sent out
phishing emails to the power companies
30 substations were switched off and
about 230 000 people were left in the
dark for about one to six hours u.s
investigators believed that russia-based
hackers were responsible for this
experts have warned that other countries
could also be vulnerable to such attacks
let's see what we have at number eight
in the year 1999 a cyber attack caused a
21 day shutdown of nasa computers
unbelievable isn't it the hacker was
none other than the then 15 year old
jonathan james he first penetrated u.s
department of defense division's
computers and installed a back door on
its servers
this allowed him to intercept more than
a thousand government emails including
the ones containing user names and
passwords
this helped james steal a piece of nasa
software and crack the nasa computers
that support the international space
station which cost the space exploration
agencies 41 000 dollars as systems were
shut down for three weeks
he was the first person to carry out a
computer hack against the american space
agency
let's now move on to the next attack
in late november 2014 there was a leak
of confidential data from the film
studio of sony pictures
information about sony pictures
employees their emails copies of the
then unreleased sony films future
propositions and other crucial data were
leaked
this cyber attack was carried out by a
hacker group named guardians of peace so
what did the hackers want
well they demanded that sony withdraw
its then upcoming movie the interview
this movie was a comedy story line to
assassinate the north korean leader kim
jong-un sony then decided to cancel the
film's theatrical release due to the
threats at cinema screening the movie it
is indeed hard to trace the roots of a
cyber attack in this case after
evaluation the u.s intelligence
officials arrived at the theory that the
attack was in a way related to the
government of north korea
however north korea had denied the same
moving on to our number six
in december 2006 tjx the u.s retailer
company identified that 45.6 million
debit and credit card details were
stolen
this happened from one of its systems
over 18 months by an unknown number of
intruders it was one of the first
largest ever cyber attacks involving the
loss of personal data
as a result banks in the affected
regions had to reissue and block
thousands of payment cards a group of
hackers did this albert gonzalez being
the mastermind the group was from miami
the place where the tjx heist was
believed to have originated
reports said that the tjx data breach
occurred because of weak web encryption
at two of its marshall stores in miami
next moving on to our top five let us
see what we have at number five
the year 2010 witnessed the discovery of
the deadly computer worm stuxnet
this malware's motive was unlike any
other usual cyber attacks it aimed at
destructing the equipment the computers
controlled
stuxnet came with the deadly purpose of
damaging iran's nuclear infrastructure
it infected more than 200 000 computers
including 14 industrial sites and a
uranium enrichment plant in iran
stuxnet initially spread via microsoft
windows and targeted siemens industrial
control systems
although it was discovered only in 2010
it is believed to have been silently
sabotaging iran's nuclear facilities
it was one of the first discovered
malware that was capable of hampering
hardware systems it largely damaged the
centrifuge of the iranian reactors this
is believed to be a cyber weapon created
by the u.s and the israeli intelligence
although there is no documented evidence
or acceptance by either of the countries
for the same
moving on to number four in the year
2014 home depot was the victim of one of
the deadliest cyber attacks 56 million
payment cards were compromised along
with 53 million customer email addresses
stolen
this security breach happened from april
to september 2014 criminals were
believed to have used a third-party
vendor's username and password to enter
the perimeter of home depot's network
the attackers were then able to deploy
custom built malware on its
self-checkout systems in the us and
canada moving on to our top three
as you might be aware the playstation
gaming system is one of sony's most
popular products unfortunately in april
2011 sony executives witnessed abnormal
activity on the playstation network this
resulted in the compromise of
approximately 77 million playstation
users accounts and prevented users of
playstation 3 and playstation portable
consoles from accessing the service
this forced sony to turn off the
playstation network on april 20th on may
4th sony confirmed that personally
identifiable information from each of
the 77 million accounts had been exposed
the outage lasted for 23 days sony
released almost daily announcements
concerning the system outage in the end
sony is believed to have invested
approximately 170 million dollars to
improve the network security to
investigate the attack and to cover the
expenses of caring for the consumers
that had been affected
let's now move on to the next attack at
number two in may 2017 one of the most
dangerous cyber attacks took place
it was known as the wannacry ransomware
attack caused by the wannacry crypto
worm the victims were the users that
used the unsupported version of
microsoft windows and those who hadn't
installed the new security update
this did not take place through phishing
like other attacks but through an
exposed vulnerable smb port
the attack originated in asia and then
eventually spread across the globe in a
day more than 200 000 computers were
infected across 150 countries
the wanacry cryptoworm locked the users
out of the targeted systems and
encrypted their data the users were
asked for a ransom of 300 to 600 which
had to be paid via bitcoin in exchange
for their data
this attack took a toll on both private
and government organizations it resulted
in damages from hundreds of millions to
billions of dollars
in a matter of few days the emergency
patches released by microsoft halted the
attack also the discovery of a kill
switch prevented the infected computers
from spreading the crypto worm security
experts and a few countries believed
that north korea was behind this attack
and finally let's see what we have at
number one
more than two decades ago in march 1999
the melissa virus a mass mailing macro
virus was released
it targeted microsoft word and outlook
based systems and created considerable
network traffic
melissa virus infected computers via
emails the email would look like an
important message well yes it was fake
if the recipient opens the attachments
in the mail and downloads the document
and then opens it with microsoft word a
virus was released on their computers
this would then mass mail itself to the
first 50 people in the victims contact
list and then disable multiple safeguard
features on microsoft word and microsoft
outlook this began spreading like a
wildfire across the internet david l
smith released the virus
the virus caused nearly 80 million worth
of damages it did not steal data or
money however it caused a havoc almost 1
million email accounts were disrupted
worldwide agencies were overloaded and
some had to be shut down entirely and
internet traffic in some locations were
slowed down
so with that we come to the end of this
video on the top 10 computer hacks of
all time do you agree with our list if
you're aware of any other great
interesting computer hacks in history do
let us know in the comment section below
in an office one day quinn who is
following his daily routine working on
his computer trying to crunch the
numbers work his data through but in the
background without his knowledge there
is a hacker who is trying to access the
confidential files located on queen's
computer through a vulnerability the
hacker is able to access those files and
he or she then transfers those files
back to the hacker's computer
so what can happen due to this legal
ramifications to the business loss of
company secrets leakage of information
uh maybe industrial espionage which
basically means a competitor is trying
to analyze a company a company's secrets
and trying to gain access to their data
or they could hold the company for
ransom and ask them for money or sell it
to criminals who can further dilute the
information or misuse that information
for the criminal activities anything is
possible so it's a very bad scenario if
a hacker gets access to the company
secrets so let's begin with the first
one what is cyber security cyber
security by itself is a process a design
and architecture created to protect
networks and devices from attacks damage
or unauthorized access
so the advantages of cyber security are
that you want to protect your business
like in the previous example we just
talked about an individual and his files
being accessed what if company server
got compromised or their web
applications got compromised and the
databases leaked out so we want to
protect our businesses from hackers
which will result in increased
productivity because people would then
be in a very controlled environment
concentrating more on their work than
worrying about cyber criminals it would
inspire customer confidence uh where if
i as an organization i'm going to audit
myself i'm going to ensure that i'm
complying to certain regulations my
clients would feel more confident about
sharing their information with me as an
organization it will help me making my
applications and websites more stable
protect them from external threats and
would also protect my customers or
clients from cyber attacks because i
would be holding some amount of data for
my customers and clients as well so i
have to think about not only my
organization the data that my
organization owns but what i held or
what i hold for my customers and clients
as well so essentially what we want to
achieve out of here is a design which we
want to implement in a manner which will
allow all these factors to function in a
standardized manner so why do we want
this and what would be the advantages of
implementing cyber security now first
and foremost what is cyber security
there are three main pillars of cyber
security that we deal with since the
inception of computers and they're known
as the confidentiality integrity and
availability triad also known as cia not
to be confused with the american
intelligence agency but here we're
looking at three different pillars where
we want our data to remain confidential
the integrity of the data to be intact
and the data to be made available at all
points in time so let's talk about these
three aspects the principle of
confidentiality asserts that the
information and functions can be
accessed only by authorized parties so
for example even if you password protect
your file what is it that you're trying
to do you're trying to prevent other
users accessing your data and peeping
into your files so that your data
remains confidential it is only shared
with people who know the password
integrity this is where the
trustworthiness of that data comes into
the picture where if the data is going
to be changed for example you have a
spreadsheet which has a lot of
information about users and their login
activities and whatnot and you want to
ensure that that data is not modified by
any unauthorized user so you're going to
verify that the information is correct
and is not
modified by anybody who's unauthorized
the availability part ensures that this
data is made available to all authorized
users when and where they want it right
the principles of availability assert
that in systems functions and data must
be available on demand according to
agreed upon parameters based on levels
of service now this is where your
service level agreement should come in
for example when we log on to gmail we
always assume that gmail is going to
work and it's going to be available
online at no point in time or very few
times has it ever occurred that you've
gone on to the internet typing gmail.com
and the website is not available in fact
if the website doesn't open we figure
out the internet is not working right
but gmail as a service is always made
available now when we talk about threats
to cia the confidentiality integrity and
availability we talk about them in two
different parameters cyber crime and
hacking so what is cyber crime cyber
crime is any criminal activity or any
unauthorized activity that would involve
the usage of any computing device which
would result as a security incident at
the victim's end most cyber crimes are
carried out in order to profit from them
criminals would try to
do phishing attacks to steal your money
out of your bank accounts or who try to
con you into giving out your credentials
thus compromising your email accounts or
your social media accounts and try to
gain access to your identity cyber
crimes are generally carried out against
computers or devices directly to damage
or disable them spread malware secret
and steal secret information etc so this
talks about the motivation part of cyber
crimes what would be the motivational
aspect for a person to conduct such an
activity right so basically to cause
damage like wannacry happened in 2017
the perpetrators those those used
wannacry probably gained a lot in the
ransom that they demanded for that data
to be decrypted but it also cost the
world a lot of money in profits that
were lost so let's talk about types of
cyber crime the first type is a computer
assisted crime where the computers are
used as tools to assist a particular
crime for example frauds or online bank
hijacking
where hackers hack into a bank and
digitally steal money from a bank now
this could have happened without the
help of computers as well but here
computer assisted the crime and helps it
would fall under the computer-assisted
crime section the second part is where
the computer itself was a target of a
crime for example a denial of service
attack or viruses which rendered the
computer useless or sniffing of data
packets on the network thus compromising
passwords and other confidential
information the third is a computer
which is incidental to the crime so here
the computer was used as a temporary
measure to store some data such as child
pornography or some other some other
data which made the computer incidental
to the crime all right let's look at a
business scenario for cyber security
there is a quiz at the end so please
listen up and pay attention there's this
company called stock industries and one
day most of the employees have started
reporting that their systems have either
crashed or have started hanging so the
id security team comes in does the
investigation tries to find out what
exactly went wrong and they have
identified that an employee has clicked
on a suspicious link now these links
could either be received as an email or
via an email through social media like
facebook or somebody sending out a skype
chat and attachments within skype now
once a user clicks on these links these
links are designed to redirect the
connection that the computer is going to
make to a malicious server hosted by the
hacker and it supposedly downloads a
malicious file or some scripts and
executes them on the victim's machine
once executed the scripts or the content
within these files maybe the content
could be a virus or a trojan these will
start executing themselves and start
infecting machines and start basically
behaving the way they have been
programmed to behave in this scenario a
lot of users started reporting that
their machine started crashing or the
systems hanged now the security team
scanned all the systems and blocked
facebook and skype on all machines until
further orders now this is a preventive
mechanism where you're going to prevent
possible attacks of future attacks from
coming in so the reaction of the
security team here is to block those
sites from where the attack may have
happened the question to you at this
point in time is what type of computer
crime is being referred to in this
scenario is it a computer assisted crime
computer as a target crime a computer
incidental to the crimes so please post
your answers in the comment sections
below and we'll respond back to you
about your answers now let's go a little
bit further and see what would motivate
people for committing such cyber crimes
right the first and foremost motive is
disrupting business continuity others
would be
looking at data theft or information
theft and manipulating that data to gain
from that data so if i'm able to access
your computer and steal some data that
has some value to you and sell it or
make it public you would be at a
financial loss because that data no
longer has any value creating fear and
cures by disrupting critical
infrastructure for example a company's
infrastructure crashes the services are
no longer being offered by that
organization and people start panicking
uh start fearing an attack by cyber
criminals and it leads to chaos
financial loss to the target which is
very obvious if i do a denial of service
attack or if i make a service and a
variable from an organization what is
going to happen is since that that
service is not functioning the company
is not going to make any money out of it
and that's going to suffer a financial
loss achieving states military
objectives a one country spying on
another country trying to gather
information about their military
intelligence military activities or any
other activities that can harm the
original country demanding ransom
hackers can encrypt your data and then
demand a ransom from you in lieu of
decrypting the data again damaging
reputation of a target impersonating a
user on the social media platforms
making false statements thus damaging
the reputation of that person and
propagating religious or political
beliefs religious fanatics promoting
whatever cultures that they want to
promote trying to gain more followers
thus bringing more unrest to the world
any of these could become motives for
cyber crime in fact it could be just a
script kitty where people are trying to
learn about hacking and
they just start hacking for fun they
might not even have a motive for making
a profit out of it maybe it just thrills
them so that they are able to
showcase their skills and that's why
they do a cyber crime so which brings us
to the next topic where we talk about
types of hackers this will allow us to
identify what kind of attacks are also
possible on a particular organization as
far as motives are concerned so the
basic types let's start off with the
black hat hacker individuals with
extraordinary competing skills resorting
to malicious or destructive activities
these are your criminal hackers who try
to profit from their crimes and they
will have a malicious intent in trying
to hack a victim organization the grey
hats are individuals who work both
offensively and defensively what does
that mean they could work as black hat
hackers with malicious intent and try to
harm some organization while on the
other hand they would also try to work
as a security analyst and try to enhance
the security posture of an organization
for a remuneration third one which is
white hat which is what we want to be or
what we want to achieve ourselves as an
individual who professes the same skills
as a black hat hacker probably uses the
same tools has the same kind of
knowledge but the intent is different
they're going to use them for defensive
purposes uh there's no malicious intent
they act with author authorization from
the organization and they will try to
detect any flaws and try to plug out
those flaws so that black hat hackers
would not be able to misuse those flaws
to gain access suicide hackers now
individuals who aim to bring down
critical infrastructure for a cause and
are not worried about facing jail terms
or any other punishment so any people or
any organization or a group of people
for example anonymous or these kind of
organized hackers they have a political
cause or a social cause that they want
to promote and they do this by hacking
critical infrastructure of organizations
it down defacing their website now why
would these not be classified as
blackhead hackers the main difference
between blackhead hackers and suicide
hackers is that blackhead hackers will
try to hide their identity they will
always have a fake identity that they
will utilize and try to hide behind it
whereas suicide hackers will claim
responsibility for the attacks that they
have done and will post about it they
will not be worried about facing
repetitions for the attacks that they
have done the script kitty a script kid
is an unskilled hacker who compromises
systems by running scripts tools and
software's already developed and already
made available by real hackers so these
guys have very minimal technical
knowledge they have no idea how that
attack works they're just going to use
an automated tool click on a few buttons
and hope that the attack succeeds a
cyber terrorist individuals with wide
range of skills motivated by religious
or political beliefs to create fear by
large scale disruption of computer
networks we could talk about
organizations like isis who have a lot
of digital propaganda that they use
and target weak-minded people to join
their causes or people who spread
ransomware who
who terrorize organizations and hold
them to ransom and demand money from
them by encrypting their data
state-sponsored hackers individuals
employed by the government to penetrate
and gain top secret information and to
damage information systems to other
governments the best example would be
the cyber wars that are going on these
days most of the organizations most of
the countries nowadays would have a
secret cyber cell consisting of highly
skilled hackers who are interested with
the task of spying on the enemies and
trying to gather information by hacking
into their infrastructure now it is not
going to be a legit job it will always
be masked by a legit organization but
this is uh this does happen hacktivism
individuals who promote a political
agenda by hacking especially defacing or
disabling websites the difference
between suicide hackers and hacktivism
is suicide hackers have a social cause
that they want to promote hacktivists
would have a political agenda and
they're going to deface websites and
they're going to promote their agenda by
defacing such websites alright so let's
talk about some common attacks in cyber
security the most common attack ever
seen in today's world is a denial of
service attack so this is where the
hacker tries to consume the resources of
the victim server in such a way that
there are no resources available for
legitimate users to connect to the
server and conduct their business other
attacks that you'll face would be
malware attacks where there would be a
malicious software that would deliver a
trojan virus or a worm to the victim
thus infecting the victim's machine and
rendering it useless a man in the middle
attack where the hacker would put
himself in between your machine and the
router and start sniffing data packets
that you are sending thus trying to
compromise information contained within
those packets so the phishing attack uh
is where a hacker will send a seemingly
legitimate looking message to you an
email let's say uh asking you to perform
certain actions uh where the hacker
would be impersonating another
organization and you fall prey to that
and end up giving your confidential
information a drive by attack cross-site
scripting attacks where
web applications get compromised and
scripts are embedded within those
applications or within commands that are
sent out by the users password attacks
where your hackers try to compromise the
passwords of users by tracking them
based either on brute force dictionary
based attacks or password guessing
eavesdropping attacks this could be
physical in nature where somebody
overhears what you're saying or tries to
capture data packets that contain your
voip transmissions
let's say you're
assuming you're making a skype or a link
based call sql injection attacks where
again attackers will target your
database try to send in malicious
queries which will compromise your
database and the data within but they
are tax it is based
on cryptography
where there are where you're looking at
permutations and combinations of how
algorithm functions and then you're
looking at the permutations on how many
times the processing needs to be done
for that algorithm to be reversed so
these are some of the most common
attacks in cyber security now uh these
more than attacks would be threats that
you're going to face there would be
various different methods that these
attacks can be launched and that's where
the cyber security expert comes in with
their knowledge of identifying what
exactly is a threat to the organization
and how they are going to prevent that
from happening but more on that a little
bit later let's look at the history of
cyber crime so as you can see this graph
shows us how cyber crime has progressed
over the years in 1990s mnc database
pentagon and ibm were hacked in again in
1990s national crackdown on criminals
microsoft nt operating system pierced so
this is where hacking started becoming
more mainstream right
before this hacking was very much
limited to organizations who used
computers but in the late 80s internet
happened and then we had e-commerce
coming in which basically led to our
online retail stores online banking and
online data stores as well which then
led to criminals hijacking this data or
hijacking your money and trying to steal
it on the internet itself in 2001 cyber
criminals launched attacks against ebay
yahoo cnn amazon and other organizations
2007 this was where one of the biggest
bank hacks had happened swedish bank
nadia they recorded at least a million
dollars
being stolen in three months from 250
accounts 2013 adobe had 2.9 million
accounts compromise and then usernames
and passwords released on the open
internet in 2016 kaspersky one of the
leading antivirus providers to the world
reported around 758 million malicious
attacks that occurred which they
identified themselves these are some of
the most famous faces in cyber security
or earlier cyber crime in 1988
robert morris uh he's an american
computer scientist and entrepreneur he's
best known for creating what is called
the morris worm and this was way back in
1988 and this is the first computer worm
that has been identified on the internet
kevin lee or kevin lee polson in 1990 uh
he was accused of hacking into a los
angeles los angeles radio station called
kis hyphen fm
where there was a contest going on and
if you're a particular number of caller
and give a correct answer you're
supposed to win a porsche 944 and he
hacked the those telephone lines
ensuring that he became that particular
person and answered the question
correctly uh it was later on revealed
that this actually happened he was
jailed for it then comes david smith
david smith
he created the melisa virus now melisa
virus one of the most dynamic viruses
known around march 1999 uh that's when
this happened this virus was released
and this was a macro based virus which
affected microsoft world and outlook
based files adam bought bill in 2004
he's also an american computer hacker
from michigan he gained unauthorized
access to love's computer corporate
computer network via an open unsecured
wireless access points now these access
points back then were not that much
secured uh the these people were able to
identify it what they tried to attempt
by doing that was gain access to the
company's network and install the
software which would then help them
capture credit card information of that
organization right and uh this was later
on identified as well and uh he was
prosecuted for that crime and got jailed
just a matter of trivia kevin lee polson
he was one of the first people found
guilty and was banned from using
computers and the internet for three
years after his release
in today's world we cannot even imagine
living without the internet this guy
lived for three years without it
now let's see how cyber security works
uh it's all about securing a computer
and there are various methodologies
there are various factors that come in
on how you're going to secure uh various
aspects of the same computer we start
off by authentication mechanisms what is
authentication authentication is the
part where you're going to identify a
person authorize that person for some
access controls and authenticate that
person to ensure that the person is the
same person who they claim to be so here
you start off with a username and you
associate a password with it the
username is used to identify the account
that the person wishes to access the
password is the authentication mechanism
to prove that the person is who they are
now here you may want to enhance the
authentication mechanism by using a
two-way authentication mechanism for
example with banks when you're typing
their username and password they send an
otp or a one-time password which is
auto-generated by a server and sent to a
registered device that the person owns
for example a cell phone so that's one
added layer of security where you're not
only relying on the password which can
be cracked but you're relying on a
third-party device as well which the
person needs to have physical access to
where they are going to receive the otp
and then they are going to import it
every time they try to log in a new otp
will be generated securing your
passwords just having a password may not
be sufficient you have to ensure that
the password meets some complexity
standards to ensure that the security of
those passwords or the complexity of
that password is high enough where
cracking programs will not be able to
easily crack the password regular
updates all the operating systems or the
applications that you use will be
receiving regular updates could be for
functionality but more for security so
as new vulnerabilities in applications
or operating systems are found out the
software vendors are the developers of
those softwares over a period of time
start sending out these updates also
called patches to the end users it is
very important for the end users to
identify these security patches and
install them on their devices as soon as
possible else they remain open for those
vulnerabilities and unpatched systems
that thus can easily be hacked usage of
an anti-virus to protect yourself from
viruses worms trojans essentially
malwares there needs to be a software
that nee that's installed on your
computer that is going to watch out for
them you cannot rely on the operating
system itself to protect you so there
has to be an anti-virus which will be
scanning the connections that you're
makings the websites that you will be
visiting the files that are getting
executed in the background and ensure
that everything that is happening is
legit installing a firewall on a system
or a server a firewall essentially is a
software or a hardware that allows or
disallows some functionality for example
a port to be opened or closed or a
service to function on a computer or not
function on a computer thus what you're
trying to do here by
disabling unwanted services is you're
limiting the threat landscape that
you're creating for your computer if a
service doesn't exist on your computer
it cannot be hacked so the essence here
is first identify which ports you'll be
using which services you will be using
and then create a policy on the firewall
to ensure that only required ports and
services are running no phishing so
phishing as we said could be a malicious
website that is being hosted by a hacker
the hacker sending you a fake mail
looking like a genuine email asking you
to connect to that particular server and
fooling you into you giving that
confidential information to the hacker
so you should either the antivirus or an
addition to that would have a
anti-phishing toolbar which would
identify the websites that you're
visiting and give you the risk rating of
that website
giving you an idea whether this website
was ever reported as a phishing website
or not cryptography encryption the best
way to keep everything secure is to
encrypt it however what kind of
encryptions are required what should be
encrypted what should not be encrypted
how that encryption should function uh
and how this encryption enhances the
business value is what we need to
ascertain so the knowledge here that
will be required is what protocols you
want to encrypt for that you first need
to identify which protocols you're going
to consume what data is going to be
transmitted over that protocol how
valuable that data is to your
organization and then you're going to
add encryption or cryptography on top of
it to prevent any attacks from hackers
and then securing dns servers dns is a
domain name server which is basically an
index that maps your domain names to
your ip addresses so the domain name
system is an index that maps your domain
names to your ip addresses now on the
internet computers do not know domain
names they only they can only identify
ip addresses and mac addresses so when
we type in let's say google.com on our
browser the computer doesn't know what
google.com is what it does is it sends
the packet to the dns server and in the
dns server it queries where google.com
is located it is given the corresponding
ip address because of which the packet
then goes to the relevant server there
are attacks where a dns can be
compromised and the pointer pointing to
your particular website can be changed
to point to a malicious server that a
hacker is hosting so to prevent that
from happening you need to secure your
dns servers
so with these kind of attacks and the
kind of defense mechanisms we have seen
let's see how do we become a cyber
security expert so essentially who is a
cyber security expert a cyber security
expert is an individual employed by an
organization to protect their
infrastructure right so this person is
responsible to identify potential flaws
identify
what threats the organization faces and
then streamline or create or design or
architect methodology which is going to
protect all the assets that the
organization has so this is going to
happen through a variety of techniques
such as finding weaknesses so
vulnerability management where you run
vulnerability scanners identify
potential flaws in
the organization's infrastructure could
be applications could be servers could
be desktops could be operating systems
uh could be anything could be
network-based flaws as well and then
you're going to monitor these systems
you're going to look at
the data flow that is going to the
internet through the network through the
intranet rather and then you're going to
check if there is anything malicious
going on in that network so
over these techniques you're basically
going to monitor it on a day-to-day
basis on a regular basis and you're
going to try to identify if anything out
of the ordinary is happening right after
you find the weakness you're going to
test those weaknesses to identify the
complexity of those weakness to validate
those weakness actually exist and then
you're going to repair them you're going
to patch them you're going to install
updates or you're going to prevent
you're going to install mechanisms like
firewalls or antiviruses to mitigate
those weaknesses and you're going to
thus resulting in strengthening the
areas where an attack may have occurred
let's see the domains in cyber security
now when we say domains in cyber
security in the previous slide we were
discussing where these attacks may
happen like applications infrastructure
network so let's see these domains in
details asset security now when we say
assets assets could be applications
could be networking devices could be
computers could uh could be routers it
could be wireless access points uh and
these uh all these devices have their
own operating systems they have their
own functionality and it is important
that we look at the security of each and
every asset that the organization owns
security architecture and engineering
now
not everyone can just walk in an
organization uh and then say let's start
implementing is uh in implementing
security in a particular manner we have
to standardize the security in such a
way where the security is constant for a
long period of time and is consistent
right so for that to happen there is an
architecture
an engineering phase where we are going
to create a plan of how this security
needs to be implemented for example if i
determine to install a particular
antivirus i have to ensure that the same
antivirus is installed on all the
systems in the organization i cannot
have different kind of antiviruses
installed
that do not talk to each other or do not
report properly
to the proper owner so we have to create
policies procedures and we have to
implement them in a standardized manner
for our security to work properly
communication and network security now
with cloud computing coming in and
hybrid clouds happening where you got a
deployment of a physical infrastructure
talking to something that is on the
cloud let's say aws or microsoft azure
right and data flows are happening
globally these days uh you have to be
very careful how these data are going to
be transmitted across the network thus
you have to create those paths and
ensure that those parts are monitored
properly are regulated properly and do
not have any data leakages similarly
identity and access management who is
accessing my data are they authorized to
access my data and if yes how am i going
to authenticate them how am i going to
track them home how am i going to hold
them accountable for whatever they have
done even if a person is authorized to
do something we have to hold them
accountable for that activity so that if
something something happens later on we
can identify who made that change so the
identity and access management module
will consist of us creating groups
policies users roles and interlinking
them with the assets to ensure that only
authorized people are able to access
those devices security operations on a
day-to-day basis we need to monitor the
security of the organization for example
if today i start facing a denial of
service attack or somebody starts a
password attack on my organization where
they're trying to crack somebody's
password there should be some internal
mechanisms that are in place which will
try to identify these attacks one the
appropriate administrator and that
administrator will walk in and try to
investigate that attack so day-to-day
operations are a must security
assessment and testing now that we are
all have these mechanisms in place are
they going to remain constant for the
rest of our lives no i.t is a ever
evolving scenario so we need to assess
and test our security controls on a
regular basis to ensure that there are
no gaps left what i configured today may
be irrelevant tomorrow so i have to
constantly keep on looking at the latest
security trends the latest
vulnerabilities that are being
identified the patches that are being
installed and i have to compare my
infrastructure to all of these to see
that i am compliant with the latest
security standards software development
security so if you're an organization
who's developing software and who's
going to sell that software to end users
security becomes a huge part because the
end user or the buyer if it is an
organization is going to ask what kind
of security testing was done in that
application so that brings us to a
software development life cycle which a
life cycle which talks about how you're
going to create that code how you're
going to test that code ensure that the
code is secure enough so you need to
follow secure coding practices and
you're going to test the software over
and over again till you're satisfied
with the outcome and then security and
risk management now uh when we come to
risks risks are basically events that
may occur compromising the security of
an organization so it is very important
that we identify these risks we map
these risks we verify how that risk is
going to impact the business and then
try to figure out security controls to
mitigate that risk or
bring it down to manageable aspects so
that's a lot of talk that's a lot of
domains that's a lot of attacks that we
have discussed now let's see what kind
of courses and certifications are
available for us to enhance our careers
and address all of these domains all of
these attacks so starting off from a
technical perspective where we are going
to look at ethical hacking or security
where we are going to assess and do a
liberty assessment and penetration test
there are certifications from compchia
like security plus or from ec council
which is the certified ethical hacking
training which basically allows us to
become vulnerability assessment and
penetration testing experts so we'll be
technically be testing each and every
device and trying to hack those devices
to see
if that vulnerability is real and what
can be attained out of that
vulnerability ciasp is very high level
uh is a very high level certification
that normally
is considered as a management level
certification right so just to get
certified yourself you need at least
five years of experience in the i.t
security field uh this is where you get
certified and you're basically a chief
information security officer where
you're going to develop policies
procedures and security control
mechanisms and you're going to
standardize the security policy of the
entire organization then you've got the
cisa or also known as the cisa certified
information systems auditor it is from
an organization called asaka it's more
on the system side where you're going to
audit systems and you're going to verify
that they are adhering to the policies
that you have implemented the cism or
system is a certified information
security manager this is again a
project based oriented approach where
you're going to manage the security of
an organization and you're going to look
at all the daily operations of the
security operation center and you're
going to maintain and manage all of
those functions overall when we talked
about risk assessment and risk strategy
for that we've got the crisc which is
certified in risk and information
systems control now for these
certifications this is more on the
business side of everything where you
understand the business processes you
understand the business requirements and
based on those business requirements you
compare the technical implementations of
compute of computing powers that you
have implemented and then you are going
to compare how those technical aspects
can be converted into a risk for example
a vulnerability assessment identifies a
possible sequel injection attack now
technically it becomes technically it
becomes a big risk however which system
is being affected if that system gets
compromised what kind of losses is the
organization looking at how much are
they going to be what kind of losses the
organization are looking at are they
looking at lawsuits from their customers
are they looking at penalties from
regulatory authorities so that risk that
uh implied risk that this if this
vulnerability is hacked that is the
aspect that you want to look at when
you're looking at risk information uh
and controls similarly you have ccsp
this is a certified cloud security
professional certification so this is
especially for people who want to deal
with the cloud uh let it be a public
cloud a private cloud or a hybrid cloud
this certification gives you an
architectural overview over different
aspects of cloud and how you want to
implement security in a cloud-based
scenario so simplylearn offers all of
these certifications with trainings from
certified professionals so there's a
master's program from simplylearn which
talks about becoming a cyber security
expert which includes all of these
trainings once you have these kind of
trainings uh and you get those
certifications on your profile that's
where you're basically a cyber solutions
or cyber security expert and you'll be
designing and developing security
policies structures architectures for
various organizations and helping them
enhance the security of their
infrastructure so let's see what we have
talked about during this entire video
first what is cyber security and its
advantages we have talked about the
confidentiality integrity and
availability triad and we have talked
about the threats that are posed for the
cia triad motives behind cyber crimes we
have seen what motivates people to
attack other computer systems and steal
data from it we have talked about types
of hackers and cyber security experts we
have talked about white hat black hat
and gray head hackers there are other
types that we have talked about as well
we have looked at the domains that are
available in cyber security and the
courses and certifications that can be
mapped with these domains so this is
what uh what we have discussed within
this session uh if you have any further
queries please go ahead and post them in
the comment section and we'll try to
address them as soon as possible with
the world turning virtual cyber attacks
are constantly flooding new headlines
kovit 19 accelerated the current digital
transformation and the year 2020
witnessed several data breaches
since technology has become more
intertwined with our daily lives it is
no surprise that the need for skilled
cyber security professionals is
increasing
on that note hey everyone welcome yet to
another exciting video by simply learn
which will take you through the top
cyber security career options available
today but before we begin if you're new
here and haven't subscribed already make
sure to hit the subscribe button and
that bell icon for interesting tech
videos every day there is a significant
lack of skilled cyber security
professionals who can tackle the cyber
security challenges faced daily
hence a career in cyber security is
demanding and equally rewarding finding
the right career path in the cyber
security industry isn't always easy here
we are here to help you with that
there are a few prerequisites for a
career in cyber security the basic one
being a bachelor's degree in a subject
relating to cyber security
however if you don't have a relevant
degree you can always take up relevant
cyber security certifications and kick
start your cyber security journey
a few other skills like networking
knowledge of operating systems and cloud
security are required to start and grow
your cyber security career you can check
out our video on the top five cyber
security skills to know more
cyber security jobs vary from entry
level to executive management and
everything in between there are several
cyber security paths available today it
is best if you start with entry level
and then move on to the next level with
the help of certifications and relevant
experience
here let us have a look at the top five
cyber security job roles today
the first job role is that of a network
engineer
network engineers construct and
administer a company's computer networks
they are responsible for installing
configuring and supporting network
equipment they also configure and
maintain firewalls switches and routers
this entry-level cyber security job can
help you start your journey to become an
ethical hacker
the annual average salary of a network
engineer in the us is eighty-five
thousand and ninety-eight dollars and in
india it is around 510 000 rupees
second on our list is information
security analyst as an information
security analyst your primary duty is to
protect sensitive information
information security analysts create and
implement plans for preventing cyber
attacks they monitor data access and
ensure compliance with policies
depending on the cyber threat they
decide if it has to be resolved or
escalated further in the u.s an
information security analyst earns 89
and 140 dollars annually and in india
they earn 6 lakh 42 and 756 rupees
third on our list is ethical hacker they
are also known as penetration testers
they are network security consultants
who identify and exploit system
vulnerabilities just like how a hacker
would do
they probe and test the network using
various penetration tools and software
they also design new penetration tools
and document the test results in the us
a certified ethical hacker earns around
93 000 on an annual average basis and in
india they make around 5 lakh rupees
the fourth job role that we are going to
talk about is security architect
security architects research and plan
the security elements for their
organizations they design robust
security structures that are capable of
preventing malware attacks
a security architect approves the
installation of routers vpn and
firewalls their duties go beyond just
architecture building and including
formulating company procedures
guidelines and user guides
security architects in the u.s make a
handsome sum of 124 thousand dollars a
year on an average and in india they
make nearly 21 lakh 80 000 rupees
and finally fifth on our list is chief
information security officer ciso they
are senior level officers in an
organization they ensure the safety of
the information they develop implement
and maintain information security and
risk management programs they also
interact with stakeholders and regularly
brief them with information security
concerns
the average annual salary of a chief
information security officer in the
states is a whopping 165 000 annually
and in india it is 22 lakh 22
and 845 rupees
several companies are looking for
skilled cyber security professionals
phillips siemens google microsoft and ge
to name a few with passion the right
amount of experience and relevant
certifications you can grow your cyber
security career you can check out simply
learn cyber security expert master's
program to equip you with the necessary
skills needed to become an expert in
this rapidly growing domain this course
will help you learn various methods as
to how you can protect your
infrastructure secure your data run risk
analysis achieve compliance and much
more so with that we come to the end of
this video on the cyber security career
think we missed anything important do
let us know in the comments section
below let's start off with networking
questions let's start off with question
1 what is the osi model explain the
different layers of the osi model osi
largely is a theoretical model
uh utilized to understand networking and
how data packets are created and how
they are being processed by a computer
this is normally used by the tcp the
transmission control protocol over
internet protocol
software suite
so osi is known as the open systems
interconnection model it is a reference
model that describes how applications
are going to interact via the computer
network
there are seven different layers that we
need to understand they are as follows
so in this diagram there are these seven
different layers we start off from the
bottom first is the physical layer the
data link layer network layer transport
layer session layer presentation and
application
when such a question is asked in an
interview it is not only that we
identify these seven layers explaining
what the osi model is in the first place
we then try to identify these seven
layers and we give a brief description
about each and every layer if there are
any additional questions they will come
after uh this basic question
so let's start off with the physical
layer
this is the lowest layer of the osi
model now this is where any and every
physicality of your computer comes into
the picture so it could be a
network interface card it could be an
rj45 or a cat5 cable anything that
allows data to be transmitted physically
from your machine to another machine
next comes the data link layer
so on the data link layer as far as
networking is concerned we just need to
understand that data packet is encoded
decoded into bits at this layer this is
also the layer that deals with mac
addressing so the physical address of
every network network interface card
which is the mac address which is
utilized to
route
data packets over the network this is
where the mac address resides on the
data link layer
the next layer is the network layer
here datagrams are transferred from one
to another the function of this layer
are routing and logical addressing the
moment we talk about routing and logical
addressing ip addresses come into the
picture ipv4 ip version 6.
so network layer will deal with ip
addressing and the routing of those
packets
then comes the transport layer this is
the layer responsible for end to end
connections that automatically signifies
that this is where tcp and udp will be
working
tcp stands for transmission control
protocol udp for user datagram protocol
tcp
is a connection oriented protocol
whereas udp is a connectionless protocol
these two protocols are utilized
to establish connectivity between two
machines
tcp is a more reliable method of
connectivity because there are a lot of
packets that are sent across to verify
that the data has been sent data has
been received and so on so forth whereas
udp is a connection less protocol where
data is just dumped without verifying
whether the receiver
actually receives that data or not
so in a nutshell on the transport layer
tcp and udp make their appearance and
this is where that functionality lies
then comes the session there
this controls signals between the
computer it establish maintains and
terminates connections between processes
so in the transport layer we talked
about tcp and udp udp being a connection
less protocol where data is just
transmitted without verifying whether
the receiver received that data or not
whereas tcp we studied is more of a
reliable protocol thus
there are different packets signals that
will be sent across to verify that data
has been transmitted it has been
received properly
and then the next uh segment of that
data is being sent so those control
signals
are established using the session layer
so the three-way handshake of tcp the
acknowledgement packets and
uh
those kind of packets will be taken
taken care of on the session layer of
the osi model
then comes the presentation layer
the presentation layer is responsible to
translate data into the application
layer format so the formatting right
mime or encoding that is being utilized
the utf-8 character set that we utilize
for presentation
encryption mechanisms all of these work
on the presentation layer
and finally comes the application layer
where
the application itself uses a particular
protocol so that the
other
machine on the receiving end
the application on that machine will be
able to understand what the
communication was about
right so in a nutshell
if i start from up top the application
layer will deal with any of the data
that the application
uh is generating so maybe an user input
you're logging in you're typing the
username password all that data will be
constructed let's say into an http or
https format that's where application
layer comes into picture then the
formatting of which into utf-8
and the encryption of which would be
done at the presentation layer
then this transport layer and the
session layer would kick in to establish
a tcp session do the three-way handshake
establish that connectivity ip
addressing would be done on the network
layer mac addressing would be done on
the data link layer and when everything
is ready on the physical layer the
packet will be sent out at the receiving
end the packet will be received on the
physical layer and then all these layers
will be reversed and finally at the
application layer the data would be
presented to the application who would
then execute it and showcase it on the
screen
of the
recipient
so this is the way you want to explain
this question you want to be very
concise precise about what you're
explaining you don't want to go into two
hypothetical scenarios you don't want to
delete earlier with the layers you just
want to give the basic functionality
want to demonstrate that you understand
what the osi layer is how the computer
functions and you want to move on from
there if the interviewer has any further
follow-up questions they will ask those
specific questions
so that's question one moving on to the
question two
question two is define unicasting
multicasting and broadcasting
now this is a question which can be very
lengthy but again most of your interview
questions
are designed that way it's basically to
understand how much conceptually you are
aware about these technologies so you
have to be very concise don't go
uh rattling about technology too much
but in a concise manner just try to
explain what these things is so when
data is being transmitted over a network
it can be transmitted either in one of
these particular manners it can either
be a unicast multicast or a broadcast so
what is unicost
unicast is when a message is sent from a
single user to a single receiver so one
to one right so
uh one machine talking to another
machine and nobody else so also known as
point to point communications one point
to another point if you have to send
information to multiple receivers then
you will have to send it using multicast
right so this is where
your multicast networking comes into
picture so in our case uh let's assume
it's a network where there are there's a
class c network approximately 255 odd
machines
and within these there are two machines
that want to talk to each other
if they want to talk between each other
it would be a point to point
communication where they will utilize
unicast where only these two machines
will have visibility of that
conversation and the other machines will
not even realize that this conversation
is taking place
if
one machine wants to talk to multiple
machines
then the multicast comes into the
picture as the name suggests in this
mode of communication data is sent from
one or more more
sources to multiple destinations
multicast uses the internet group
management protocol also known as the
igmp protocol to identify groups so
under this igmp protocol various groups
are created where machines
are subscribed to those particular
groups and whenever a message needs to
be sent through those groups
it will be identified by the igmp
protocol and then that particular
message will be sent to those multiple
machines that are members of those
particular groups
and then comes the broadcast
the third method is known as the
broadcast as it says it is going to
broadcast to all so this is one to all
that is communication between a single
user and it is going to be sent to all
the machines in that particular network
right so the three ways unicast is one
two one
multicast is one to many
and broadcast is one to all then
question number three
what is dns
dns stands for domain name system it is
like the internet's phone book that is
responsible for mapping the domain name
into its corresponding ip address and
let me give you an example over here
whenever we go and open up let's say a
browser a google chrome browser we type
in www.google.com
and then we press enter and magically
google comes in front of us the website
rather
now how does the computer know who
google is because as far as we are
concerned humans understand google and
words like that computers don't
computers
deal with binary zeros and ones
right and as far as internet is
concerned they will only deal with ip
addresses and mac addresses so how does
a computer know how to find google.com
and where is it located so the moment we
type in
in the browser window in the address bar
google.com and press enter a dns query
is generated automatically by the
browser where a packet is sent to our
dns servers asking what the ip address
is so in short dns resolves domain names
to their corresponding ip addresses
there is a dns server which will have
this index
a database of all the domains associated
with their ip addresses
if one particular dns server does not
have that information that you're
looking for it may query another dns
server who may have that particular
response
so the first thing is when you type in
domain name it gets resolved with the
dns it identifies the ip address
corresponding to that particular domain
name and thus allows the computer to
route that packet to the particular
server where that domain name resides
so in this scenario if you look at the
screen on the local pc you have typed in
cybersecurity.com
there's a dns resolution that a query
that goes to the dns server what is the
ip of cybersecurity.com the dns server
looks it up in its particular database
if it has the corresponding ip address
it will then respond back the ip
addresses 172.17.252.1
after which the packet is sent off to
cybersecurity.com moving on to question
number four
what is a firewall
now this is a very good question and
normally a very basic answer that i've
ever heard is that a firewall is a
hardware and a software firewall but
that's the functionality of a firewall
that is what how you can install a
firewall but there are different types
of firewalls and there is a specific
functionality that the firewall is
created for
right so firewall
is either a hardware or software
but its responsibility is for blocking
either incoming or outgoing traffic
from the internet to your computer they
secure a network so essentially the
firewall will allow a connection to
happen or disallow a connection to
happen it won't go beyond that that's
the basic functionality of a firewall
okay so based on the
configurations that you have done based
on the rules that you have created on
the firewall it will then based on those
rules identify whether some traffic is
allowed in that network or some traffic
is
to be blocked from entering that network
so as the screen shows
the firewall rules will analyze whether
the traffic is good
if yes it will allow if the traffic is
bad it will block the traffic and not
allow that connection from happening in
the first place
now there are few common types of
firewalls that also need to be included
in the answer to this question and the
first one is a packet filtering firewall
these are the most common types that you
will come across which analyze packets
and lets them pass through only if they
match an established security rule set
now here people do get confused when we
say that we analyze packets
people think that these firewalls will
analyze the contents of that packet
which is not correct
when the definition for a packet
filtering firewall says that these
firewalls analyze packets it means that
they are only analyzing the source and
destination ip addresses port numbers
and the protocols that are mentioned in
those packets these firewalls do not
have the capability of deep packet
inspection or a dpi as it is known if
that capability comes into the picture
you are basically looking at an
intrusion detection system or intrusion
prevention system in today's world
called as a next-gen firewall
okay so packet filtering firewall
essentially will only analyze data
packets for its source and destination
ip addresses port numbers and the
protocol that is being utilized it will
then map that information to the rules
that are there on the firewall and based
on those rules it will either allow that
a connection to happen or disallow that
connection from happening
the second type of is a proxy firewall
these firewalls filter network traffic
at the application level so when you say
application level they work at the layer
7 of the osi model packet filtering
firewalls since we have mentioned that
they've worked on ip addressing and port
numbers will work on
the network layer of the osi model also
on the transport layer because you also
look at protocols
proxy firewalls will work at layer 7
which is this application layer of the
osi model and will deal with application
level protocols such as http https ftp
smtp and so on so forth
and the third one is a stateful
multi-layer inspection firewall these
filter packets are the network transport
and application layers so they basically
do
the job of the first and the second type
of firewalls
the packets are compared to known uh
trusted packets but now the first
question is if there is a stateful
multi-layer inspection firewall why do
we have type one and type two firewalls
like packet filtering and proxy
firewalls that is because that is how
the firewalls have evolved we started
off with the packet filtering then we
added functionality to it and so on so
forth
so if a question comes what is a
firewall you start off with the
option saying it is a hardware or
software this is the responsibility the
functionality of a firewall
is to allow good traffic and disallow
bad traffic based on the rules that have
been configured on the firewall and then
you've got basically three types of
firewalls packet filtering proxy and
stateful multi-layer and just include a
brief description of each of these
firewalls if getting your learning
started is half the battle what if you
could do that for free
visit skill up by simply learn click on
the link in the description to know more
then moving on to question number five
what is a vpn
vpn is also called a virtual private
network it is a connection between a vpn
server and a vpn client
so it basically creates an encrypted
tunnel between the client and the vpn
server which is then utilized to
secure the connections that you are
making with the internet so as you can
see in the diagram
the user has a vpn client installed on
the machine the vpn client then creates
an encrypted tunnel to the vpn server
and through this tunnel encrypted data
is transmitted which can then be
processed by the vpn server uh sent to
the internet information can receive can
be received back by the vpn server the
vpn server will encrypt that data back
and send it back to the user so if there
is a man in the middle attack that is
happening or a hacker trying to
eavesdrop on the communication mechanism
they will not be able to do so because
of the encrypted terminal it is very
difficult to decrypt this or hack
through this encrypted tunnel
it is possible but it is very difficult
to achieve that moving on to question
number six what are the advantages of
distributed processing
now before we go into advantages of
distributed processing we first have to
understand what is distributed
processing
so it is a term which describes various
computer systems
that use more than one processor to run
an application
here multiple computers across different
locations
share the same processor the advantages
of distributing processes are as follows
but before we go into the advantages
distributed computing is basically where
multiple machines will pull their
resources together
to run a singular application so an
application that has multiple resources
and can scale up and scale down as and
when required
the advantages are
that it can be very very useful in data
recovery
for example raid
where you're striping data on various
hard disks it is reliable it is cheaper
lower cost can be achieved and it is
easy to expand because of the
scalability factor that we just talked
about if there is loss of data in one
computer it can then be recovered by
another interconnected computer and one
of the examples would be blockchain in
today's world right what is blockchain
that this data is
created live and stored on a connection
of computers so if one of the computers
goes offline the other computers in that
network will still have that data
and the blockchain will still function
without any issues the second point a
glitch in one machine does not affect
the processing as there will be multiple
other machines like we discussed in the
blockchain
several cost effective mini computers
are used instead of costly or mainframe
machines so instead of having a server
bank
i can have multiple machines connect
interconnected together
and they can function
in that particular blockchain or for
that particular distributed processing
mechanism
depending on the amount of data
processing more computers can be
attached to the network thus you can
increase the number of computers that
can be a part of that blockchain or you
can reduce them as and when necessary
moving on to question number seven what
is tcpip
tcpip or transmission control protocol
over internet protocol is a set of
communication protocols that are used to
interconnect networking devices on the
internet this protocol defines how data
should be transmitted over the internet
by providing end-to-end communications
so essentially if you want networking to
be established on your machine you will
need tcp
without tcp ip there will be no work
groups there will be no domains
basically your interconnectivity will go
for a task
tcp is a software that once installed on
your machine will then interact with the
hardware which is your network interface
cards and then your switches wires
cables and all those through protocols
that have been already pre-configured in
it
so within the tcp suite of softwares you
will have all the protocols all the
functionality of the osi layer
and each and every protocol that works
on each and every layer will be
predefined and pre-configured to work in
a particular manner the internet
protocol is all about routing each
individual packet to make sure it
reaches its destination so with the tcp
you're talking about the protocols that
will allow you to format the data and
generate it so that you can communicate
it over the network the ip will then
deal with the routing of those packets
so that the packet can be routed to the
correct computer and be received by the
recipient
so the tcp model is the compressed
version of the osi model the seven
layers will get converted into four
layers the network access layer internet
layer transport layer and application
layer going on to question 8
what do you mean by ipconfig and
ifconfig both of these are commands the
first one on a windows machine the
second one on a linux machine
so ipconfig is known as the internet
protocol configuration this is a command
that is used on the command line
interface of microsoft windows to view
all the adapters and the configuration
of each and every adapters for their
network interfaces so as you can see on
the right hand side in the command
prompt screen if once you type in the ip
config command on the c prompt and press
enter it will give you a list of all the
adapters that are there
so you can see wireless lan adapter
local area connection the media is
disconnected it doesn't exist at the
bottom you'll see the wi-fi connection
wireless lan adapter and can give you
the ip version 6 ip address ipv version
4 address the subnet mask and the
default gateway so this is the
configuration that allows the machine to
know on what network it is on what is
the default gateway for communicating to
the internet what is the subnet mask so
how many computers may exist in that
particular network and what is the ip
address of that specific computer so
that it can communicate across the
network as well ifconfig is the same
thing on the linux mac or unix operating
system
so the command will also give you the
list of interfaces and the configuration
of each and every interface it is used
to configure control the tcp network
interface parameters from the command
line interface
it allows you to see the ip address of
these network interfaces so here you can
see
the
wlp19
the ipr is being 192.168.43.215
subnet mask being 255.255.255.0
with the broadcast being 192.168.43.255.
question 9
what is the difference between a domain
and a work group this can be a very
interesting question and can be a very
lengthy question at the same time a work
group is nothing but a decentralized
network where you have
interconnected multiple machines
together and each machine acts in its
own individual capacity
thinks of itself as a server right
so a decentralized network use every
user manages the resources individually
on their pc so local users on their own
pcs
managing
the network shares what can be shared
from that particular machine what data
should be shared should not be shared to
whom it can be shared with and so on so
forth
it is good if you've got a small network
a few machines all together
and you want them to interact with
minimal management effort
right so each computer each user will
decide what they want to allow other
users to see on that particular network
and all of them would be connected over
a land a local area network either a
wireless or a wired one so if you look
at your home wi-fi right now that is one
of the best examples of having a work
group
the domain on the other hand is a
centralized network model so in a
corporate environment whenever you go
there and you got a domain based
username and password which
when entered onto a particular machine
gives you access to the entire network
or whatever applications and whatever
resources have been allocated to you
that is where the domain comes in so it
it also uses a single sign on mechanism
for all the resources that are made that
are to be made available to you whereas
in a work group your local user only
meant for that particular computer right
so coming back to the domain it is an
administrator who is going to manage the
entire domain and all of the resources
connected to the domain the resources
could be switches routers servers data
stores applications web servers mail
exchange servers and so on so forth so
all of these are administered by an
administrator through the domain
it is the most reliable and optimum
solution for a large network where
multiple users are going to interconnect
and share that data amongst each other
right the computer can be connected to
any network that means you can be on the
internet and through the internet using
a vpn you can connect to your corporate
network authenticate in and get access
to whatever resources you are allowed to
access whereas in a work group you have
to be a part of that network to access
that particular network if you change
your location you go and connect to
another wi-fi you will lose access to
your previous wi-fi then the last
question for the networking
section what is data encapsulation in
networking data encapsulation refers to
the process of adding headers and
trailers to the data
the data link layer binds each packet
into a frame that contains the hardware
address of the source and the
destination computer so in this example
when you're talking about data
encapsulation we have talked about how
data that has been created by the
application layer we'd have a header
and a trailer that will give
the various informations of where that
data needs to be sent so the hardware
address which is the mac address comes
into the picture and gets added to the
header and the
ip addresses port numbers and all of
those things would then be added to this
uh traders as well so that the data can
be then routed
to the intended recipient of that
particular communication
with this we end the first 10 questions
in networking and in this video we are
going to look at software and
programming so we're going to look at
the first 10 questions
first question being how do you keep a
computer secure now this is going to be
a very generic question so you want to
put your best foot forward and you want
to identify the most common
methodologies on how you can keep a
computer secure so when we talk about
computers the first thing that you want
to talk about is authentication
mechanisms where you want multi-factor
authentication or two-way authentication
to ensure that your accounts are kept
secured now if you look at using
passwords depending on how passwords are
being stored by the application
uh password attacks can
be possible either a brute force attack
or a dictionary based attack
uh or even password guessing attacks are
possible to mitigate those kind of
attacks you we need multi-factor
authentication
to ensure that accounts are kept secure
now even if we are using multi-factor
authentication we also want to look at
secure passwords
which means that the password is complex
enough to withstand most of the common
attacks and a brute force attack or a
dictionary attack is just not possible
so we want to randomize our passwords we
want to create a complexity where a
password meets standards such as
me has at least one lowercase one
uppercase character has numerics and
special characters and is randomized is
not based on a dictionary word doesn't
contain user names email addresses phone
numbers or anything that is personal to
that particular user
third keep regular updates which means
that there will be patches that will be
released for the application for the
software that you're utilizing download
the patches install them on a regular
basis to ensure that you are secured
against the most recent attacks that
have been identified
install a good antivirus
could be a internet security suite which
will have an antivirus intrusion
detection system a firewall
and will help you protect yourself
against ransomwares malwares
and any script-based attacks
also have a specialized firewall on your
system could be a host-based firewall or
a network-based firewall to ensure that
attacks are kept at a minimum and you
have your network definitions in place
to allow or disallow connections from
happening to your devices
have anti-phishing softwares installed
as well to ensure that you are not
getting any spam mails even if you do
you are able to identify that
and not fall pre or victim to those spam
mails
phishing attacks are generic
where they are directed towards
individuals
uh and they prey
on the gullibility of that particular
individual so our nigerian frauds or the
lotteries that we win on a regular basis
of hundreds of million dollars
those messages the emails that we
receive they are all phishing emails
where uh they're basically
prone to victimize the user and then
drop them off money or
install some malware
or do some other malicious activity
if you want to enhance encryption about
data that you have stored on your
devices or on your or that is accessed
by your software or being transmitted by
your software use encryption
encrypt your data whether it is at rest
whether it is in motion or whether it is
at use
thus reducing data leakage and data loss
possibilities and finally in the
foremost secure your dns dns is the
domain name server which is utilized
by
computers to resolve domain names to ip
addresses
if a dns poisoning attack is possible
where your dns settings have been
modified by an attacker and you are
redirected to a malicious dns server
that server is going to redirect you to
another malicious application which may
have a malware or a malicious software
as a payload
also you don't want people to know your
dns servers and the queries that you're
making so you want to use secure dns or
dns over https to encrypt your dns
queries as well
so in a nutshell if you follow these
eight steps
your devices your computers your
applications are going to be as secure
as possible the next question discuss
security related aspects between c c
plus plus and java now this is an
open-ended question it depends on which
level you're giving an interview on but
you're looking at it from a fresher's
perspective
or a less experienced perspective
and thus these are some of the aspects
that we want to look at and the
comparisons between c c plus plus and
java so the five aspects that we are
looking at are pointers code
translations storage allocation
inheritance
and
overall security are based on cc plus
plus and java so when we say pointers
we are looking at
how we are going to uh
we are using pointers and
stacks and heaps to point to functions
and how we exit those functions and
how those
functions are then recalled into the
next function so c supports pointers it
is most secure
c plus plus also supports point pointers
but it is a little bit less secure than
c java it is not supported direct access
is given to memory allocation and thus
it is the least secure as far as
pointers are concerned when we look at
code translations
c
is able to compile but it is not secure
same with cc plus plus but in java it
has a interpreted language and it is
abstracted and secured
in storage allocation in c we use malloc
and
catalog memory allocation
which is less secure because it does not
have internal checks on
verifying what memory is allocated and
the user input that is being compiled or
that is being input to that memory right
thus this can allow buffer overflow
errors uh to creep in because of the
uh non-verification of the input data
so it is the least secure in cc plus
plus it uses
new and delete options and is
comparatively secure but java uses a
garbage collector and thus is the most
secure as far as storage allocation is
concerned
when we talk about inheritance
the most secure is ccp plus plus
c has no inheritance so it's not secure
in c plus plus it is supported
does it is the most secure whereas in
java there is multi inheritance that is
not supported and does this
comparatively
secure overall the most secure out of
all these based on these five aspects is
java
the least secure is c
and the
mid level is c plus plus moving on to
question 13 what are the different
sources of malware now malware stands
for malicious software right
malware is basically a software that
poses as a legitimate software but has a
payload of a trojan virus spyware
keylogger or some malicious software
that is going to have
a negative impact on security of your
particular device
so the question here is what are the
different sources of malware we want to
identify the most common
sources through which malwares infect
end user devices in today's world and
you can start with pop-up ads so most of
the websites if you're visiting
untrusted sites if you're being
redirected to sites that you don't know
about there'll be a lot of pop-ups
coming your way when it says you're the
one million visitor to this site please
click here to download your gift
or it will say uh congratulations on
winning a particular product for
visiting this page and so on so forth
there are some instances where you can
see a banner which is flashing at you on
top of the page and says that there are
eight
uh infections that have been identified
on your computer click here to download
an antivirus to clean the infections so
all of these pop-ups
are there as a social engineering attack
as a phishing attack to make gullible
people click on those links and download
those malwares now the software that is
posing as a security software itself can
be a malicious software which is going
to install a trojan or a virus or a bot
on your machine compromising the
security of that machine
the second is removable media usbs and
humans have a fascination with usb so if
you find a usb lying around
it's a free usb you get excited about it
and you want to
take it home you want to plug it into a
machine and see what's on the usb worst
case scenario you format it and you've
got a free usb to utilize higher the
capacity the better
but that is one of the most easiest way
people
use malware to
uh to be deployed on unsuspecting users
if there is a usb lying around
why would why would somebody want to
forget a usb it's most likely planted
over there as a social engineering
attack so that a gullible person is
going to pick it up
plug it into their device if the device
is not secured enough
it is going to install the malware
right
uh then documents and executable files
this is where your viruses and all those
creeps in so let's say you're surfing on
the internet you're looking for a
software
uh and you find the software on a
particular website you do not verify the
trustworthiness of that site and you
just download and install that software
now that software could be malware as
well does if you're surfing on the
internet you're downloading files from
different locations you have to research
the website you have to research the
source to ensure that it is trustworthy
and only then are you going to download
and execute those files thus internet
downloads as well and when we say
internet downloads it's not just
untrustworthy sites we go to torrents
we go to uh the dark web or the deep web
and searching for other softwares
especially uh those who are researching
security right we always want we are
always on the lookout of new softwares
and we are always on those forums which
may not be so much trustworthy
and we just download those files and
start installing them that is a very bad
scenario right so you have to be very
careful what you are downloading from
the internet your anti-viruses your uh
anti-phishing mechanisms your threat
intelligence mechanisms uh have those uh
mechanisms installed and you want to
verify where your downloads are coming
from then your network connections if it
is a p2p connection it is a local area
network connection or a metropolitan
area network you have to verify whom
which devices are connected to your
machines and you have to validate those
connections before you want to trust
those devices
and before you connect to them
if you are on a public wi-fi you
probably don't want to connect to a
public wi-fi in the first place
then comes email attachments
there are so many attachments that come
across in today's world most of them in
a zip format or a rar format
some of them come as document files
where there are macros hidden within
them macros are scripts that are
recognized by microsoft office files
right
and then finally there are these
malicious advertisements that we find
online right uh let it be facebook let
it be whatsapp let it be uh
any social media platform that you go or
even your
search engines
their job is to display ads their job is
not to verify whether the ad is legit or
not it is for us as consumers to be
careful and validate that ad and verify
whether it is a genuine ad or not so
just don't start clicking on
uh any of the ad trusting uh this
platform that you're on
be
sure that you are investigating that so
these are the most common
sources of malware and the end user
will always get infected by one of these
mechanisms
moving on to question 14
how does email work
now this is a very uh
can be a complex question
but we have to keep it as simple as
possible
and we have to identify that there are
uh two servers
while uh both of them either using smtp
which is a simple message transfer
protocol
where
in this scenario john
wants to send an email thus they've got
an email client installed on their
machine which is connected to the mail
exchange server which has a dns server
which maps the routing and which maps
the exchange server and inboxes
so when john composes that message and
clicks on send john should be connected
to a mail exchange server where the
email is sent through that particular
person's inbox so john's inbox will then
be validated and that email will then be
sent through the dns server uh through
the internet and will be received by the
recipient mail server so at this point
in time john also requires the
recipient's
email address so in this case this is
jack so jack at something.com would be
the email address
so while john is composing
the two field will have jack's email
address the from field will have john's
email address the subject field will
have whatever they want to convey as a
message the message body will have the
message itself and then when
john clicks on send it will go to their
exchange server the exchange server will
then validate the inbox and identify
where that inbox is located for jack and
then through the internet it will be
sent to the uh to the mail server of
jack the mail server will then identify
the proper
inbox that it now that that email needs
to be sent to and it will store that
email in that particular inbox
when jack opens their computer
and accesses their inbox this email from
john will be already waiting for them
and they can respond to it the same way
john had sent that email
if getting your learning started is half
the battle what if you could do that for
free
visit skill up by simply learn click on
the link in the description to know more
moving on to question 15 what are the
types of threats a company can face
right and this is where your threat
modeling comes into the picture so
you're looking at software as you're
looking at operating systems and the
company comes and asks you
uh what are the threats that are most
likely
that a company will face so on a broader
scale the threats that a company will
always face would be classified as
natural threats man-made threats
technical threats and a supply system
threat
so a natural threat would be an act of
god which is outside the control of
human beings could be
storms or any natural occurrences like
volcanoes
thunderstorms flooding
earthquakes fire
and so on so forth so anything that is
natural so it depends on the geographic
location that you're in
and what kind of climate that area faces
and you need to identify the immediate
threats
and prepare for them so if it is
flooding that you're looking at
and you want to look at an office
and the possibility of the office
getting flooded is real you probably
want to
take office at a higher floor
so that the threat of flooding is
minimized
for fire we always have a fire drill
where we practice our fire mechanism so
that we can evacuate all humans as soon
as possible and then worry about the
technicalities of it under any
circumstances under any threats humans
will always have the first priority
and then everything else comes in
man-made threats are where man
themselves are a problem so strikes
lockouts hackers
theft
uh war
writing
all of those are manmade threats uh
which
we ourselves cannot be in control of but
we need to plan for them and we need to
have uh a
business continuity plan or a disaster
equity plan for any of these threats
that have been identified
then come the technical threats
technical could be software bugs
operating system bugs application bugs
that uh that come with the applications
that we have or a hardware failure where
a server crashes a hard disk crashes
maybe uh the processor stops working the
motherboard stops working ram gets
corrupted
uh
any of the technical aspects
a stopping uh stop functioning does
creating a break in the business can
come under technical right so
uh anything to do with computers
let's say
a server failing or a
patch that is not installed on the
particular software those would come
under technical threats
and then the supply system the supply
system are your environmental threats
which depart depend on your supply chain
field failures what is the supply chain
for office to function there are a lot
of dependencies that office goes through
right there are a lot of other vendors
that suppose
that support and provide critical
infrastructure non-critical
infrastructure for the office to
function for first and foremost
electricity
without electricity nothing is going to
be powered on and you're not going to be
able to function so if there is an
electricity service provider and if
there's an electric outage that's that
comes under supply system
so that's a supply chain failure where
the vendor that provides electricity to
you has failed in providing that
particular service and now you need a
business continuity or a disaster
recovery plan so you probably have an
inverter or you already have a power
generator plant that is going to
generate your own power and supply to
your system
right there could be short circuits
because of fluctuation in the
electricity uh maybe the internet
service provider fails and your internet
caches so you have a backup line for the
internet from a different vendor right
and so on so forth maybe your hardware
vendors who are supplying you servers
desktops laptops and whatnot they fail
because they feel they are facing a
strike or they go bankrupt and suddenly
you can no longer purchase hardware from
your vendor because they no longer are
in business so that's a supply chain
failure
so any of these systems failing would
also come under threats
so under a broad category these are the
first four threads that you need to
identify and then you can elaborate by
providing more scenarios based on the
experiences that you have had towards
each and every of these threats so
natural threat where you may have had
experience where there would have been
let's say flooding
or
any natural disaster which caused a
problem for the continuity of your
particular business so identify each and
every example for each of these threats
and provide that as an example in the
interview
what is black box and white box testing
so when you are testing a software or
you're testing your infrastructure there
are two different
tests that you can conduct the first one
is a black box the second one is a white
box in a black box test there is no
knowledge that is shared with the tester
so let's say you're an ethical hacker
and you have been awarded a contract by
an organization to test the current
application that they have developed now
they are not going to give you any
information they are not going to tell
you what the application is they just
probably give you an ip address and a
port number where the application is
hosted and now you have to fire in your
own queries and try to figure out what
the application is try to gather
information see what what information
can be gathered in the first place and
based on that you're going to figure out
your way identify vulnerabilities and
see if any of those vulnerabilities can
lead to an security incident so without
any knowledge zero knowledge of the id
infrastructure or the source code that's
a black box attack or a black box test
a white box test on the other hand is
where full knowledge of the iit
infrastructure or the source code is
shared
so the ethical hacker has complete
knowledge
and based on the knowledge they are then
going to test out the system to see if
there are any flaws that they can
identify right so
why would these two audits be important
because the first one a black box audit
emulates the attack of a outsider a
external hacker sitting outside the
organization trying to figure their way
in whereas a white box attack can
emulate the attack of an insider so a
disgruntled employee within that
organization misusing their access
controls or the access rights to make uh
unvalidated profits right
so somebody's corrupt who has been
bribed who wants to sell out company
secrets based uh so they're going to try
to find out vulnerabilities try to steal
data and try to sell it on the uh gray
market right so a white box would
emulate a internal attack a black box
would emulate an external attack moving
on to question 17 what is use case
testing
now use case testing is a functional
test
and it is also a black box test
right what is a functional test it tests
the functionality of a particular
software once it has been created
why is it a black box test because the
user doesn't know what the functionality
is they just want to find out each and
every scenario and try to see what that
scenario
generates as a response they are not
sure whether that is the appropriate
response that should be generated or not
they're just trying to find out the
response that is going to be generated
after they fire off a query so this
technique is used by testers to get the
test scenarios to exercise the whole
system from start to finish
so let's say it's a login mechanism for
an application right now a user
at this point in time the tester since
it's a black box testing will know that
it is a login mechanism they will not
know the details of what logging
mechanisms are being utilized so they
wouldn't know whether
input validation is done they wouldn't
know whether output encoding is done
they wouldn't know how the cgi calls are
being made they will not know how the
queries are handled at the server side
and how the database is going to treat
that particular query so they have no
idea whether sql injection attacks are
possible and so on so forth so for them
with whatever input they are going to
try to insert
for that login mechanism that's a
functional black box test the
functionality being whether the login
mechanism works and based on the type of
inputs that are going to put in whether
it creates an unwarranted output whether
they can bypass the mechanism or they
can uh pack into the system because of
some of the flaws that were left behind
right another example here is a software
made for users to use for documentation
the testers will test all the cases that
the user can do so can the user view a
document can they add new documents can
they edit documents and can they delete
documents so this functionality
will depend upon the access controls
that have been granted to a particular
user so for this particular user the
tester at this point in time they would
not know whether they're an
administrative user or they're a regular
user they'll just try to do all of these
and then write the responses saying i
was able to view i was able to add i was
able to edit and i was able to delete
now the result will be then sent to a
manager the manager will look at the
results and then based on the actual
access controls that were supposed to be
there for this particular user then
we'll try to identify whether this is an
acceptable case or whether there were
any flaws within this case
moving on to question 18
what is static and dynamic testing now
this is again in application testing
static testing is done in an early stage
of development life cycle now software
development life cycles there are
multiple of those what are these life
cycles
there are different stages in which a
application is
created
and provided to the customer so your
first stage would be determining the
scope of the application determining the
hardware requirements for that
application
then
creating a flowchart for that
application a functional chart for that
application and then maybe start coding
then an architect comes in tests the
code verifies the code then the testing
phase comes in then the security testing
phase comes in and then the user
acceptance testing comes in but
in every stage at the very earliest of
first stage a static test will always be
started
to see whatever code has been developed
whatever
scope has been developed whether that
scope is going to be correct or not this
will include walkthroughs and code
review what is a walkthrough a
walkthrough is going through documents
that have been generated and trying to
find faults in the documented journey
that has been uh that has been created
so far
so let's say somebody has created a
workflow
or a flowchart for a program how the
functions are going to be called and how
they're going to be executed so a
walkthrough would be where
all these
responsible people will walk through
that particular flowchart and find out
any flaws within that and then rectify
them
if there is any code that has already
been written this code will be reviewed
manually and
any flaws within that code would then be
identified static testing will always be
100 accurate in a very short amount of
time because it is immediate uh you have
created it and then the expert is going
to test it to see whether everything is
fine or not
right it is all about prevention
mechanism so since you are doing it at
the inception itself if you find any
flaw it gets immediately repaired so
this is about preventing vulnerabilities
from keeping into that application at a
later point in time
whereas dynamic on the other side is
done at the end of the development life
cycle so you have generated the
application everything is ready now you
want to do dynamic testing includes
functional and non-functional testing
functional testing is where the
application itself is being tested the
functions to see that all the parameters
that are given to the application are
functioning properly
non-functional testing would be where
security parameters
administrative parameters all of them
are being verified
right
this is where your test case scenarios
come in
and
you're going to test each and every
scenario
by generating inputs and analyzing the
output that the application is going to
give you
dynamic testing is all about cure so
here you're going to identify
vulnerabilities report them to the
management and the management is then
going to figure out a way of patching
those vulnerabilities so that they can
be mitigated moving on to the next
question what are the test levels in
software testing so
as far as software testing is concerned
there are four test levels module
testing integration testing system
testing
and the final one is acceptance testing
so in the testing phase of your
development life cycle the first thing
is a module test you're going to check
your routines your subroutines your sub
programs procedures that have been
written in a program so all your
functions all your
mechanisms for that application are
going to be tested when you go into
integration testing the software may
have been integrated with multiple
softwares there may be different api
calls coming in maybe a third party
software on which you are
depending upon to supply for information
so all of these integration of various
softwares various apis are tested to
ensure that they are functioning
properly and there are no flaws errors
or mistakes leave behind in the
integration of all of these softwares
then the system testing
is where the entire system so including
the hardware including the software
right it starts from the installation so
now the software is complete we know
which hardware we are going to support
for it we start by installing the
software and see whether the
installation is going to be completed
properly if there are any errors in the
installation process itself
then once it is installed the
performance of that particular
application
the
write speeds the read speeds on the hard
disk
uh the transaction speeds that the
application is capable of the network
dependencies that the application may
have all of those would come under
system testing and then the acceptance
testing which is basically a quality
assurance exercise
that
the application meets the client's
requirements so the client in the first
stage would have given the scope of what
needs to be achieved in the acceptance
testing you are verifying that that
scope has been met and the client
requirements uh have been met and you
can assure the client about the
functionality and the performance of
that particular application coming to
the last question in this
software programs
what are the valuable steps to resolve
issues while testing so in the previous
scenarios when we have started testing
now if you find out
when you execute a particular use case
and then you find out of law what would
be the steps that you would utilize to
address those particular flaws in those
tests the first step will always be
record then you're going to report it
and then you're going to introduce a
control process for it so when you say
record
you're going to create logs
and you're going to try to resolve all
the problems that have happened now when
you say resolve you're not going to
recode the application but you're going
to test the system again and again to
ensure that whatever is being recorded
is accurate
and all the logs all the error
mechanisms all the dumps all of those
that have been generated due to this
particular log of this particular error
are being captured so that they can be
reported to the higher level managers so
the next step is once you have
eventually accumulated all these logs
and records you're going to report them
to the higher level managers who are
then going to investigate it and go back
to the developers trying to figure out
the best way to mitigate those
particular flaws so the report writing
needs also also needs to be accurate
it needs to be to the point
it needs to detail what the problem was
it will document all the steps that they
were that you took
all the inputs that you put in and it
will also
record all the errors and it will also
record
all the mechanisms that were utilized
and the
errors that were generated
and that report will be given to the
higher level managers who can then
forward it to the developers who based
on those reports can start their
troubleshooting and then the control
mechanism comes in you're going to
define the issue management process
so this process needs to work in a
particular manner where you're doing a
test you're recording whatever is
happening you're creating a report out
of it you're sending it to the
management the management will then take
those reports study them take it to the
developers the developers will test
based on their criterias they might
interact with the testers at that point
in time to identify particular flaws
and then they might want to record that
application on a developer patch which
once installed
will mitigate that particular flaw and
then it can come back to the testing
phase again where you can repeat those
tests and validate that the flaw is no
longer existing
so these are the three steps
that would be utilized for testing
purposes
and that brings us to the first 10
questions on the software platform in
the next video we'll be looking at
operating systems and applications
the first question is on virtual memory
what exactly is virtual memory
for a computer we have two types of
memory the first is the primary memory
which is your random access memory which
is also known as a volatile memory and
the secondary memory is your hard disk
where your data is stored permanently
but for a computer when it has let's say
a 4gb memory or a ram as in this
scenario on your screen it is going to
replicate that and is going to create
another 4gb of virtual memory on the
hard disk and it is going to use it in
tandem along with the ram
so if the ram is insufficient the
processor is going to utilize the 4gb of
the virtual memory that is created on
the hard disk and it is going to swap
data from the ram to the hard disk
this can also be known as a page file
or a swap file the next question is what
are different scheduling algorithms now
the context for this question is you're
talking about the profi processor and
you're talking about how processes are
going to be fed to the processor and how
the process is going to treat these
processes so the first is
first come first serve so the process
which requests the cpu first gets the
cpu allocation first now whenever there
are processes that are being run by
different applications they make
requests for some cpu type
now in first come first serve the first
service or the first process that is
going to request some processing time
will get that much allocated to them
they will run through the process first
and in the next and the next and so on
so forth
the second one is the shortest job first
this is the process where the shortest
execution time for that process
is calculated and that process is
selected first for the cpu
then there is parity scheduling this
scheduler selects the task to work as
per priority so there would be some
tasks that are marked with high priority
some would be normal and some would be
low so based on this high
normal or low priority uh all the
processes will be classified higher
priority will be dealt with
first then the normal and in the least
priority
the fourth option is multiple level
queues where processors are assigned to
a queue based on the specific property
like process priority the size of memory
etc so it will be classified based on
the
attributes given to that particular
process and multiple queues will be
created and then based on the attributes
the processes will be
processed by the cpu
then shortest remaining time the process
will be allocated to the task which is
closest to its completion
so
or you look at it this way the process
that will take the least time to
complete its processing would be chosen
first
and then the round robin method where
each process comes in turn gets an equal
share of time so if there are 10
processors each process will be
allocated a certain amount of time after
which the next process will be processed
and so on so forth and it will continue
in a round robin fashion till all the
processes get executed
so in short six
different scheduling algorithms
depending on how you how the operating
system deals with it
the next question is
what are the steps involved in hacking a
server or a network so this is more of
an ethical hacking question you're
looking at devices and for and the
interviewer asks you uh what kind of
steps are involved what are the
activities that you would do
in hacking a server or a network now
there are no specific steps that you
would define because every hack is going
to be unique but it has a hack can be
classified in five different steps
which are quite generic right so the
first step will always always be the
recognizance step also known as
information gathering phase also known
as footprinting or fingerprinting uh
depending on what exactly you're doing
but in this phase
the attacker gathers all the evidence
all the information that is possible
about the targets that they want to
attack so here you're trying to get to
know the victim so you can launch
specific attacks towards them you want
to identify what operating system they
are utilizing what ip addresses mac
addresses the versions of the operating
systems and applications the patch
levels find out vulnerabilities find out
whatever information is possible find
out the information about the
person who's using those computers so
you can launch social engineering
attacks and so on so forth so the first
step is all about gathering enough
information
based on which you can launch further
attacks once you have that information
comes the second phase which is known as
the scanning phase
this is more of a technical phase so
yeah right in the first step you've got
your ip addresses domain names maybe
even network maps and you have
identified which devices are available
now in the scanning phase you're going
to identify live devices
and then you're going to scan them for
open ports processors protocols services
you're going to identify vulnerabilities
you're going to enumerate them to
identify more information from them
thus at this point in time you will have
identified a certain set of
vulnerabilities or a certain set of
security loopholes that you can misuse
once you have identified those
you are going to the next step which is
the gaining access tape
in this you are actually going to
execute your attacks based on the
vulnerabilities that you have found and
you are either going to gain access to
that particular system by installing a
trojan or destroy the system by
installing a virus or install a spyware
or a key logger whatever you wanted to
achieve so in the gaining access phase
you would have based on the knowledge
that you've gained in the first and the
second phase you're going to launch your
attacks and you're going to try to gain
access to that particular device
then the next step is where you're going
to maintain that access now that you
have hacked into that device it is not
necessary that you will always
be able to get access to that device
suppose you have cracked the password of
that particular user and the user
changes that password after a few days
your attack is worthless so what you're
going to do here is you're going to
maintain your access
so this is
where it is assumed that you want
repeated access to that device and thus
you're going to install a keylogger or a
trojan or some mechanism which will
still allow you to get access to that
device without the knowledge or the
authorization of that particular user
and finally the last step is where
you're going to cover your tracks so
whatever activity that we have done so
far will have created logs and will have
created information
based on which the victim will come to
know that they have been compromised and
may be able to trace that activity back
to you so to prevent the user or the
victim from realizing that they have
been hacked and to prevent them to
discover who has hacked them
you want to cover your tracks by
deleting logs and any references that
point to that particular activity you're
going to hide the files that you have
created so you have installed a trojan
or a key logger
these will create files and directories
you're going to hide them so that they
are not discovered you're going to hide
processes that have been created you're
going to try to hide all the activity
that you have done so that to conceal
the actual attack
and preventing the user from realizing
that they haven't compromised
so these are the five steps that will be
involved in hacking a server network
application or any computing device
you'll come across the next question
refers to what are the various sniffing
tools now this is a network-based attack
where you're trying to capture uh data
packages that that are being transmitted
over the network and then you're going
to analyze them to see if you can
capture any sensitive information like
usernames passwords bank details or any
anything of that sort now these tools
will also depend on which operating
system you're utilizing for example msn
sniffer would work on microsoft uh
operating systems
eater cab would be based on linux and so
on so forth so on the screen you'll see
six different sniffing tools that work
on different operating systems wireshark
is uh something that is common both on
windows and linux
uh it is used to analyze network in
detail it is the de facto tool that you
will come across in most of your ethical
hacking trainings in most
of your organizations when they want to
do data captures
now data capturing or packet capturing
is not only done by hackers to gather
more information but it is also a known
troubleshooting technique used by
administrators and network
administrators to analyze any issues
that may be going on in the network
right so while the first tool you see on
the screen is wireshark like we stated
is available for windows linux
as well
then there is tcp dump which again has
the same capability of wireshark but is
a command line version whereas wireshark
also has a gui a graphical user
interface
tcp dump is available on linux
msn sniffer it's a very old tool uh
when we had msn messengers uh msn
messenger is no longer there but
microsoft does or did have a microsoft
message analyzer tool uh which they have
stopped development since 2015
but that's another tool that is specific
for microsoft operating systems from
microsoft that can be installed together
more information then you've got
ethercap which is
a tool to launch man-in-the-middle
attacks data capturing and is is
essentially a linux command line based
tool
then d sniff is another password and
network capturing tool which can help
you capture data packets prominently a
linux
two
same with
eatery this is a graphical tool which
will allow you to
capture data data traffics and map
protocols and identify which ip
addresses have been communicating with
what essentially all of the tools have
similar functionality except that uh
some have additional functionality like
launching manual attacks or capturing or
having specific filters that will help
you identify and troubleshoot some
network issues that you may be facing
moving on the next question what is an
operating system now this is a very
difficult question to answer because uh
we normally when we want to answer this
question we start off with the
functionality of an operating system
right
we try to describe what windows does or
what linux does or what mac os does and
then we are trying to figure out what an
operating system is in the first place
but an operating system essentially as
the slide says is a software program
that provides a platform for computer
hardware to communicate and operate with
the computer software so it is basically
an enabler for human interaction with
the hardware that you have if you take
the operating system out of the question
it's just some hardware which cannot
interact with you
but essentially when you have operating
system like microsoft windows or linux
or mac
you're essentially essentially
installing an instruction set on that
particular device which will allow you
to interact
and manipulate the hardware to do
whatever you want that hardware to do
right essentially uh when we talk about
uh
drivers for your various devices like a
driver for your lan card or for your
sound card or your graphics card which
allows you to tweak these cards
for a functionality right
it allows us input and output functions
uh
for example the basic example you open
up microsoft office products like
microsoft word or excel and you get a
gui on the screen
which you can interact with you've got a
keyboard and you type on that keyboard
and the computer knows what you're
typing and reflects those
actions on the screen by showcasing it
on that particular
excel file or a word file so how does
the computer know what to do or what
you're exactly intending to do at this
point in time it is all the operating
system that is providing you all these
services analyzing what your inputs are
and then based
on the programming it is going to
execute that and show it to you on the
screen
right some of the most common commonly
used operating system are microsoft
windows you have them in desktop as well
as server variants
unix
linux again linux as desktop and
servers you've got ubuntu and linux red
hat and so on so forth and then you've
got mac os
for
apple related components the next
question what is the difference between
micro kernel and macro kernel now the
first thing we need to know is what is
the kernel kernel is the
heart of the operating system that
allows that input and output to happen
it allows those drivers to be set up so
that the hardware can interact with the
software and we can then instruct the
software and the hardware both
to function in a particular manner
so there are two types of kernels micro
kernels and a macro kernel micro kernel
is something that we normally use micro
kernels are for
operating systems that use processors
directly handled by the processor
the micro kernel is very small in size
micro kernel is large because it
basically is the entire image of the
operating system
the execution for a micro kernel is slow
the micro kernel is going to be faster
because it is more evolved
there's a lot of programming involved
extendability
micro kernels are easy to extend micro
micro kernels are hard to extend as fast
security is concerned if a micro kernel
crashes it takes everything down with it
the entire operating system is going to
crash but in case of a micro kernel it
is only that particular process that is
going to get affected microkernel there
is a lot of coding involved
micro kernel less coding is involved
examples of micro kernels would be
simply an oss most popularly used on
yester eu phones nokias if you remember
those
uh qnx and so on so forth micro kernels
your linux or bsd operating systems
essentially use macro kernels
next question what are the different
types of operating systems
so as you can see on the screen
five types of operating systems batched
os distributed operating systems time
sharing multi-program and real-time what
are batched operating systems the
computer operator places the jobs coming
from input devices into batches
so
consider this not from a desktop
perspective but from a server
perspective where these devices are used
by organizations to compute and to
crunch some processors that is going to
make some business sense out of it so
when there are multiple processes coming
in multiple jobs that are going to be
scheduled a batched os is going to place
these jobs in batches and they're going
to crunch those based on the
inputs that have been given by these
operators distributed oss where there
are multiple computers which are
interconnected and are communicating
through networks so in a corporate
environment you don't use one single
computer to do everything you've got a
data center and the data center will
have a cluster of servers where they are
going to share some resources to crunch
one particular task right so that's
where your distributed oss come into the
picture
then you have time sharing oss where you
are renting some type so time sharing
voices minimizes the response time
example in today's world cloud right uh
you go on to the cloud you have a
virtual service over there
you schedule something you show you the
job over there it is uh it is executed
and for that time being that operating
system services your particular request
and provides you that particular job
any application that you see online that
is executed for example facebook
from a consumer's perspective
could be a time shared experience
then
multi-programmed os the operating system
uses cpu shuttling to separate jobs so
you're scheduling the cpu to complete
certain jobs in this particular manner
and in real time os
the operating system gives maximum time
to critical operations so it identifies
the priority of these operations it
knows the high priority items the medium
low priority items and based on that it
is going to execute these critical
operations and get the job done moving
on to the next question what is the
difference between logical address space
and physical address space now
when you're looking at address spaces
this is where applications come into the
picture and when you execute an
application it is going to create a
particular address in the memory where
it is going to create a buffer to store
its own information so that it can be
provided to the processor processed and
then can be returned back to the
application as an output right so
as far as definitions are concerned a
logical address is generated during
running of an application
or a program a physical address is a
physical address or a physical location
on the memory module itself
right
visibility you can view a logical
address because it is programmed into a
computer so if i am looking at cc plus
and i'm using malloc or memory
allocation uh that's where the logical
address is going to be created where a
buffer is going to be created for that
program and whatever the user input is
going to be it's going to be stored in
that buffer but whereas physical
addresses are concerned this logical
address will be created on a physical
store
or a physical memory module which will
have its own addressing mechanism thus
you you can see the memory module but
you cannot see the specific address on
that particular memory module but as far
as a logical address is concerned while
you're programming or you're debugging
the application it will show you the
logical address that has been created
the start point and the end point of the
logical address that has been created
for that particular program it can be
shown in a debugging environment
right
address space logical and physical
address is physical like here this case
it's the memory module itself you can
access only the physical address on that
particular memory because logical
addresses can be viewed but you cannot
access them physically
generation uh the logical addresses are
generated by the cpu
during the processing time whereas
physical addresses are generated are
computed by the memory management unit
or the mmu that you have on your
computers
and as far as logical addresses they
will always be they are variable whereas
the physical address is always going to
be constant looking at the next question
what is the difference between logical
address space and physical active space
so moving on from the previous question
to this
the logical address is
a address created by the cpu for the
processors that need to be addressed and
that may be stored as a buffer in the
physical memory whereas the physical
memory itself is going to be a address
that is going to be there on the
physical part of that memory which is uh
which is going to be assigned to it by
the mmu then the next question discusses
uh shells so what shells are used in
linux now what is the shell shell is the
command line interface that we utilize
on a linux machine so the terminal
window as we call it is a shell
and there are different variations of a
shell based on what linux operating
systems you are using the desktop
operating systems that you use
uh or the server operating systems and
real in today's world that you're going
to use normally we'll always have a bash
shell which is the first shell that you
see on the screen
known as a bone again shell it is a
default for linux distribution so as far
as end consumers
regular consumers are concerned it is
always going to be a bash shell a
bone-again shell that you're going to
utilize for scripting and to execute
regular commands
but when it comes to high-level
programming or it comes to
specialization tasks then you've got the
rest of these
shells that you can utilize for example
the ksh known as a con shell is used for
high level programming
which supports associative arrays and
built-in operations the csh or the c
shell
uh has different functionality like
spelling corrections and drop controls
the zsh or the z-shell
provides unique features like file
generation startup files
and fish friendly interactive shell
which provides features like auto
suggestions and configuration so all of
these have different functionalities
depending on what usage that you have
for that particular shell the most
common shell like i stated is the back
shell that you'll always come across in
your desktop linux operating systems
then looking at the next question what
are the process states in linux now what
is a process process is basically a
service that is running
for a particular application for an
application to function right
this process is going to direct user
input to the processor process it
get that output back to the application
execute it and then show it onto the
graphical user interface for the user so
in linux there are five states for a
process first is the ready space now in
ready
in this state the process is created and
it is ready to run so it is waiting uh
it is waiting for input it's ready uh
the application is executed
the running is when the process is being
executed itself blocked or wait is when
user input is being looked upon so it's
waiting for user input so that it can do
the processing
completed or terminated it has completed
its execution or was terminated by the
operating system for some reason or the
other so this is where things have
uh the processing has been completed
and then lasted state is zombie where
the process is terminated but the
process table still holds the
information uh maybe it is waiting for
the kill request before it gets
terminated
so these are the five states for a linux
process to be in and that brings us to
the ten questions in the operating
system and application space in the next
video we'll be looking at ten more
questions on cyber attacks interview
questions based on cyber attacks
let's start off with the first one the
first question is what is sql injection
sql stands for
structured query language which is a
language that is used by most of your
databases or your relational databases
the variations of your database would be
mysql microsoft sql
oracle sql
you'll have ibm databases all of these
databases utilize the structured query
languages to interact with the
applications now all of these databases
have their own syntax so you'll have to
study most of these databases based on
which applications and which databases
you want to provide security for
but as the name suggests sql injection
vulnerability or structured query
language injection vulnerability
is where a user can maliciously inject a
sql input
or a sql statement in a query
and
send it to the database and evoke a
response response out of it
so this vulnerability is not
specifically to the database it uh the
vulnerability lies more in the
application and the coding of that
application
so when the application receives a query
which it needs to be forwarded to the
sql uh database
we need to configure at the application
level
of what queries are allowed and what
queries are not allowed so there are
different various aspects
of how to manage a sql injection
vulnerability but the basic flaw lies in
the application where
invalidated input is accepted and sent
forward to the database where the
database might confuse it into an
executable statement and thus create a
response that was not warranted
there are various types of sql
injections as shown on the screen
in-band sql injection where you can look
at an error based or a union based
injection a blind sql injection where it
is either boolean based or a time-based
attack
and then an out-of-bound sql injection
essentially you're looking at databases
and you're looking at application
security where you want to encourage
secure coding practices so in
unvalidated input is mitigated
the next question is what is spoofing
now in spoofing you're basically
assuming the identity of another person
so here the attacker pretends to be some
other person or an organization and
sends you an email that appears to be a
legitimate email it looks almost genuine
it has been constructed to replicate
what a genuine email would have been
and it is very difficult to spot
a fake one
there are different ways to identify
whether an email is genuine or not
but that's for a different video moving
on to the next question what is a
distributed denial of service attack or
a ddos attack now generally a denial of
service attack is an attack where
legitimate users are prevented access to
the resources that they legitimately can
access right so for example if it is a
bandwidth-based attack
the attacker consumes the bandwidth of
the network in such a way that there is
no more bandwidth left for legitimate
users to access the network
now a single device may not be able to
generate that much amount of
uh traffic to consume the bandwidth of a
huge server thus the attacker will
construct a botnet
and through that botnet they will launch
a distributed denial of service attack
to the target victim
right so a botnet uh there are two uh
terms that you want to look at over here
the first term is a bot
and the second one being the botnet
itself bot is a software that once
installed on a victim's machine allows
the hacker to
send remote commands to that machine
that will
make it to generate some activity
once we have enough machines
on which such bots have been implemented
the collection of these machines would
be known as a botnet
so an attacker would then instruct this
entire botnet to start generating data
traffic to be to be sent to the targeted
network or to the targeted server which
will then pop down the server thus
crashing it and preventing users from
accessing that particular resource
the next question is how to avoid our
poisoning or arp now first let's
understand what arp is arp stands for
address resolution protocol which is a
protocol used by computers to
communicate over the network
once your computer boots up
it starts a discovery process of
identifying its neighbors so if i'm in a
particular subnet
my machine will proactively send out a
rp request an address resolution
protocol to find out which other
machines are within the same network and
which are live once it sends out a query
a live machine will respond to that
query along
with its mac address
this information is then
stored in what is known as a arp table
or an arp table on the machine's
cache
so whenever my machine now wants to send
out a packet to this particular machine
it will go to the arp table it will
identify the ip address and the
associated mac address it will print
that onto the data packet as a
destination
uh
ip and destination mac and send that
packet across to the switch the switch
will then identify the mac address and
send the packet to the relevant machine
that is connected to that particular
switch
now to confuse the switch into sending
it to a different machine our poisoning
attack is created this attack is
generally
launched to
create a man in the middle attack
now to prevent this art poisoning from
happening in the first place there are
three different aspects that we can
utilize first we can use packet
filtering
which will filter out and block packets
that are the same source address data so
you have identified some malicious ip
addresses and you want to block out some
ip addresses so you're using a packet
filter firewall where you have
constructed the firewall to filter out
certain packets
originating from particular range of ip
addresses this firewall and this
technique will then block those kind of
packets coming in
second keeping away from trust
relationships organizations will develop
protocols that do not depend on trust
relationships and thus you want to
keep this protocol away from that once
you have created a trust relationship
these machines should not be sending out
arp requests to other machines in the
first place since uh the trust
relationship has been defined and these
machines know whom to communicate with
such kind of protocols should then be
disabled
or you can use an erp spoofing software
so there are some there are software's
out there that will look for arp
spoofing and prevent that from happening
in the first place so if somebody has
sent out a spoofed arp packet
that packet will be picked up by this
software
and it will be mitigated of
network visualizers like glass wire
antiviruses like so force uh they
haven't built capabilities of
identifying uh our up spoofing attacks
and mitigate them in the first place in
the next question we are going to
discuss what is ransomware
now ransomware is a type of malware that
blocks victims to access personal files
and demands ransom to regain access
there are three categories before we go
into the categories let's just revisit
what ransomware is let's start with the
word malware malware is a malicious
software that poses as a legitimate
software but has a payload that will
have a security impact on your machine
so in this instance
viruses trojans all of these can be
classified under malware so can
ransomware a trojan is a software that
will give you a backdoor access to it to
a particular device a virus will do some
destructive activity on that device or
ransomware will basically encrypt the
data of that particular user from on
that particular machine thus rendering
that
that data inaccessible to the users
themselves
and in turn will demand the ransom to
provide access to that particular data
so the three types of ransomwares the
first one is scareware
which uses social engineering to cause
an anxiety or the perception of a threat
to manipulate users into buying unwanted
software so this sprays on the
gullibility of humans
where you can see a pop-up appearing on
your screen which can scare you into
believing that you may have been
attacked or there is a virus on your
machine and then instructs you to
download a particular software to
mitigate that particular virus now
the malware will be in this software
that you will be downloading and then a
ransomware will be installed and your
data will be encrypted
screen lockers uh where
locking uses computers by preventing
them from logging in and displaying an
official looking message you will see a
screen saver once you boot up which
prevents you from accessing the login
page so it will not allow you to log
into your own machine but it will give
you a warning that your data has been
encrypted
and you need to connect to a particular
email address and send bit to send
bitcoins over there uh to get a
decryption key to access your own data
and then the encrypting ransomware
displays a message demanding payment in
return for the private asymmetric key
which is needed to decrypt the symmetric
keys for encrypted file so once your
files have been encrypted you might just
have a blank screen in front of you
where you'll receive a warning message
where it instructs you to pay up a
ransom in bitcoins or in some
cryptocurrency to some particular
digital e-wallet which is not traceable
and once you make that payment they will
send you the decryption key and then you
can access your data if getting your
learning started is half the battle what
if you could do that for free visit
skillup by simply learn click on the
link in the description to know more
then talking about the next question
what is the difference between an active
and a passive cyber attack now when we
talk about cyber attacks cyber attack is
activity that is caused by a malicious
user who wants to try to
get access or do some security incidents
on the victims devices so there are two
ways that can happen it's either in an
active manner or a passive manner in an
active manner the intruder attempts to
disrupt a network's normalcy modifies
data and tries to alter the system's
resources so this is more active where
the attacker will proactively
try to
destroy the network so that
communications fail or they might try to
modify the data where we're using a
ransom where they can encrypt it or they
might delete that data using a virus or
steal that data using a trojan or they
might even alter the data uh so that it
is no longer trustworthy whereas in a
passive attack the intruder intercepts
data traveling through a network here
the intruder eavesdrop but does not
modify the message so they're just
listening in they're just observing what
is going on they're not manipulating the
data they're not stealing anything it's
just that they are monitoring what the
activity that's going on the next
question what is a social engineering
attack now social engineering attack is
a people based attack the victim here is
the human by itself the vulnerability
also lies in the human it may be
executed through a computer but
end of the day the calibrity is of the
human so it is the art of manipulating
people so that they end up giving up
confidential information
now we always read in the papers where
somebody got manipulated their passwords
got hacked and somebody's life savings
got wiped out
right because they shared the otp with
someone or they shared a
the password with someone now creating a
scenario where these people will fall
prey to this attack and share this kind
of personal information
to unknown people that is where the
social injury attack comes in creating
that scenario which will ensure that
these people give out this confidential
information now there are three
categories in this attack one the first
one is a phishing attack second is a
sphere phishing attack and a third is a
railing attack now phishing attack is
basically a generic attack
it is targeted to the world at large
whoever falls prey to that attack
will be a victim
whereas a spear phishing attack is a
targeted attack towards a specific
individual or a group of individuals or
towards an organization so there is a
lot more research that goes into spear
phishing where you analyze the victim
you try to figure out what their
vulnerabilities are and you tailor make
or you customize the attack to that
particular vulnerability once you have
that attack you launch it against those
people those people
will then fall prey to this attack and a
whaling attack is where you're attacking
top-level executives so the c-level
executives of an organization
politicians movie stars wealthy and
powerful people
so any of these people when they're
attacked it will be known as a whaling
attack
next question what is man in the middle
attack now this is something that we had
touched based when we talked about arp
where the arp poisoning attack needs to
be executed to leverage a man in the
middle attack now
in the man in the middle attack
the attacker attacking computer takes
the ip address of the client unaware of
this the server continues to communicate
with the attacker now if you remember in
a previous question we have also talked
about spoofing so in this scenario
attacker has spoofed their ip address to
replicate themselves as a genuine client
and now with that spoofing in mind they
might either through our poisoning
attack or just because of the spoofed ip
address become a man in the middle that
means that they are now
each dropping on the conversation
between the actual
client and the server by posing
themselves as a server in this scenario
the attacker is now
a go between between the client and the
server and can eavesdrop and can copy
the data if they want they can modify
the data as well so as you can see on
the screen the attacker becomes man in
the middle which means that they are now
eavesdropping on the conversation that
is happening between the client and the
server the next question
who are black hat hackers and whitehead
hackers the main thing is the
differentiation between a black hat
hacker and a white red hacker now our
blackhead hackers are skilled
individuals
who illegally hack into a system the
motive behind such an attack is mostly
for monetary gain these individuals are
known also known as security crackers
now if you look at your criminal hackers
those who have malicious intent those
who do hacking for the intent of
personal gain or for the matter of
disruption the main thing that black hat
hackers
lack
is authorization they are not authorized
to do the activity that they are about
to do and they are going to get
unauthorized access to devices or to
data which is going to cause losses to
the organization involved
whereas on the other side a white hat
hacker are also known as ethical hackers
these are the individuals who discover
vulnerabilities in a computer network
and they help the organizations mitigate
these vulnerabilities they help the
organizations defend themselves from
blackhead hackers so the main difference
between these two types of hackers a
black hat and a white hat is the intent
and the authorization so black hat
hackers will have malicious intent they
will try to personally gain from that
attack
from by finding out vulnerabilities they
also will not have authorization to
conduct whatever activity they are doing
whereas on the other side whitehead
hackers will be hired by organizations
they will provide authorization for
certain activity that the white hat
hacker can do to find out those
vulnerabilities once those possibilities
have been find out found out by the
white hat hacker they will report it to
the management and guide them in
implementing security controls to
mitigate those vulnerabilities the main
difference between a black hat and a
white hat is the authorization and the
intent the next question what are honey
pots
now honey pots are
a very interesting
device that can be introduced in a
network uh these basically are decoy
servers that are implemented in a
network to attract the attention of
attacker
it is there to lure an attacker
into
uh attacking that particular device
thus creating a security blanket blanket
for the rest of the devices
so if an attacker has been able to
bypass a firewall and is now trying to
scan a particular network when they scan
they will come across various devices
that are there in the network they will
then proceed to do a vulnerability scan
on these devices
the honeypot at that point in time will
provide as an approve as an attraction
to these attackers because it will
demonstrate some vulnerabilities to the
hacker which will divert their attention
so these vulnerabilities are simulated
on these devices these actually do not
exist but the moment the attacker then
starts interacting with the honeypot the
honeypot will identify that as a
malicious traffic and will warm the one
the administrator about a possible
attack that is going on the
administrator will then investigate
through the honeypot of what activity is
going on and then reconfigure the
security controls to block the attacker
or mitigate the attack itself right so
it is more of a decoy server that will
showcase or simulate some
vulnerabilities to an attacker thus to
lure them
and safeguard the rest of the network
these are the 10 questions for
cybersecurity in the next video we'll be
talking about cryptography the first
question define cryptography encryption
and decryption
now cryptography
is used by security professionals to
scramble data
into non-readable format
which is used in securing that
information
so it involves converting data from a
readable format into a non-readable
format and then reversing it back to
readable format again
for example the word computer is now
scrambled into looking like a unreadable
format now if you look at this word that
it has been scrambled into it would be
very difficult
for a human to figure out
what the actual word was
now in this scenario we have taken an
algorithm where we have made a
shift of the alphabet where we have
added two alphabets the current one so c
plus two becomes e
o plus two becomes q m plus two becomes
o so we have done a shift of 2 and thus
the key over here for this
algorithm
is the alphabet plus 2. so any person
who figures that out will be able to
unscramble this and convert this back
into readable text
the fact of scrambling a readable text
data into something that is unreadable
by using a particular key is what
cryptography is all about
now as we discussed the decryption again
is
replacing the alphabet and taking it
further back by two characters so e
minus two becomes c q minus two becomes
o o minus two becomes m and so on so
forth so anybody who knows this key
the shift key
anybody will able to
decrypt this particular character so
this depends on the user if i want to
utilize alphabet plus five then the
spacing the shifting of that character
will be the fifth character from that
particular character
and so on so forth
the next question what is the difference
between cipher text and clear text
cipher text refers to the text which is
encrypted and totally undecided
the message received after decryption is
known as clear text this text is
comprehensible so the word computer is
clear text that means that it has not
been treated to any cryptographic
measures it does what it is intended to
be however if the moment we encrypt it
that means we scramble it into
unreadable text by using any of the
algorithms that will be looking at
that text is known as a cipher text
and without the key this becomes
unreadable
the clear text as discussed is the plain
word that we have utilized we are using
the english language in this instance so
the plain word computer is the clear
text once we add the encryption layer to
it
we get the cipher text to it
moving on to the next question what is a
block cipher
this refers to the method of encrypting
the plain message block by block the
plain message is broken down into fixed
size blocks and then encrypted now a
block cipher is normally used for data
that is stored so a data that is stored
on a hard disk and we want to encrypt
that data that is known as block
encryption or a block cipher so block
cipher is an algorithm
that will allow you to encrypt data that
is stored onto a hard disk
so in this example we've got
a plain text which is 64 bits in size
and we have
added a layer of encryption to it so
plain text plus the key that we have
studied in the previous questions and
then the scrambled data out of it which
is unreadable and thus encrypted then
the next question what is public key
infrastructure now the public key
infrastructure is a set of policies
which secures the communication between
a server and a client it uses two
cryptographic keys public and private
so
the infrastructure itself is a set of
policies people procedures and
techniques
which are standardized in nature and are
globally accepted which allow us to use
digital certificates to encrypt data and
decrypt the data
at the other end we use asymmetric
encryption over here which means that we
use two keys one is a public key to
encrypt and the private key to decrypt
the other part of your encryption is a
symmetric encryption where the same key
is used to encrypt and the same key is
used to decrypt
now in a public key infrastructure
uh like i said we have standardized that
so in the standardizing part of it these
are the various players that have been
defined in the public key infrastructure
the first is this
user or the sender in the scenario the
one who requires this digital signature
to digitally sign a particular
transaction or a communication a
registration authority with whom they
are going to register for that
particular key the certification
authority who issues that key
the verification of the authority who
validates the uh key itself and the
recipient who is going to be the other
party of that particular transaction so
how is this utilized
a sender or the user who requires this
digital signature will request or apply
for a digital signature with the
registration authority the registration
authority would validate the
genuinely of the user so they might do
some
identity verification or
proof of residence or something like
that once they've identified the person
and they have validated the information
they will then send the request to the
certification authority stating that the
sender has been validated and we can a
and the certification authority can
issue the digital certificate to the
particular user
they will send the public key to the
sender which will be utilized by the
sender for further transactions so when
the sender
is going to sign some data and
wants to send it across to the recipient
they will use the public key to sign it
and send it across
the recipient will then validate with
the verification authority to see if the
data the signed data is correct or not
now
while
the certification authority sends the
public key to the sender the
certification authority updates the
private key with the verification
authority so whatever is signed by the
sender
received by the recipient and they want
to validate it they will send it back to
the verification authority
the verification authority will validate
using the private key once the private
key is validated
it will then send the ok signal back to
the recipient thus allowing the
validation of that particular
transaction
if the signature is tampered with or is
not the very fiction authority is not
able to validate the signature it will
then send a denial message back to the
recipient and the transaction
will
not go through so the pki enables
trusted digital identities for people so
the pki grants secure access to digital
resources based on the infrastructure
that has been created and the core of
the pki is a certification authority
which ensures that the trustworthiness
of the digital data is
ensured
so
going back to the previous slide
these are the key players that have been
standardized in the public key
infrastructure the certification
authority is the authority that issues
the digital certificates the validation
authority is the one who validates that
digital certificate
moving on what is rsa
rsa is one of the first public key
crypto systems that is used for secure
data transmission it stands for reverse
xiaomira and edelman now these are the
three people who have created this
algorithm rand rivest adi shamir and
leonard edelman who are the inventors of
this technique it is a asymmetric
cryptography algorithm which works on
both public and private keys hence the
encryption key is public and the
decryption key is kept private now as we
have discussed earlier symmetric and
asymmetric cryptography symmetric
cryptography is where the same key is
used to encrypt and decrypt whereas
asymmetric cryptography is where there
are two keys to encrypt and decrypt the
algorithm what are the few alternatives
to rsa now rsa is an algorithm that is
used for encryption there are a lot of
other algorithms that can be utilized
to alter or to scramble data depending
on your requirements so in the previous
question we have studied and we have
talked about what
rsa is it stands for
reverse xiaomi and edelman the three
creators of that particular algorithm
but there are a lot of alternatives to
this algorithm depending on how secure
you want that data to be
and some of them are
listed here on your screen duo security
octa google authenticator and lastpass
lastpass is a password manager
so is dual security google authenticate
is something that we all utilize it is
an application that we can download and
store on our mobile devices and we can
set that up to
authenticate ourselves with certain
portals so it issues a unique id to us
which once utilized will allow us access
to those particular portals octa is an
identity manager where you have created
different digital identities and you
have assigned them certain permissions
and based on your authentication
mechanisms octa will allow or disallow
access to those different applications
or different portals as you have
configured it so all four
are
authorization authentication mechanisms
which can be used as alternatives to rsa
if getting your learning started is half
the battle what if you could do that for
free visit scale up by simply learn
click on the link in the description to
know more
next question what are the prime
objectives of modern cryptography and
this is a very important question
because we've so far looked at what
cryptography is and what public key
infrastructure is but what is the
achievement out of it why are we
utilizing it and what do we want to uh
gain out of it so the main and the prime
objectives of modern cryptography are
as follows mentioned on your screen the
first one is confidentiality
the second one is non-repudiation
third one is authenticity and the fourth
one is integrity
now if i go back to the first one
confidentiality
that is where i want to keep data
confidential that means it will only be
visible to the authorized users right so
here i have
created a list of people who have deemed
as authorized users and have created a
digital identity to them and have given
access controls to those people now that
is how confidentiality is
ensured so
when we want to keep data confidential
we create a list of users who we are
going to allow access to certain
resources and we are going to define
what access controls are to be utilized
what access are allowed whether they got
an administrative access or user level
access and only those authorized users
are going to be uh able to access this
resources that is how we maintain
confidentiality
the next one is non-repudiation
non-reputation is the prevention of
denial of having been a part of a
particular transaction
so in the public key infrastructure that
we discussed where a digital signature
was utilized to sign a particular
transaction
and then sent to the recipient the
sender would not be able to deny of
having originated that transaction
because it was using their
digital certificate thus non-reputation
comes into the picture uh one more
example that we can have here is uh on
our mobile phones when we use sms short
messaging service and we send a message
to uh to another person the person when
they receive a message the number is
validated by the service operator
and thus the sender cannot
deny having sent that message the sender
at the same time can have a delivery
report sent to them
that the message was delivered to the
inbox of the recipient and thus if the
recipient denies having received that
message that delivery report becomes
proof
of having
that message being delivered to their
inbox thus both the parties cannot deny
of have a of being a part of that
particular transaction
then comes the part of authenticity
now in confidentiality we have created a
digital identity assigned it to a
particular person
and we have given them digital
signatures where they cannot deny having
being a part of that transaction but
authenticity is the part where they try
to prove that they are who they claim to
be so if i am claiming a digital
identity i have to prove that i am that
person who i'm trying to claim to be and
an example to that is when we go to our
gmail.com websites it first asks us what
is our username our username is normally
our email address which identifies the
account that we are trying to access
right so this account is confidential
because it is only authorized for a
particular person
and once
they identify themselves by identifying
the email address that's when the
authentication part comes into the
picture where it asks for the password
now it has never ever happened that we
just go on to the gmail.com type in a
password and then it figures out which
account we are talking about so the
first step is always called the
confidentiality part where we identify
which account we are talking about and
then we try to authenticate as the owner
of that particular account by providing
the
appropriate password to that account if
both of these match only then do we get
access to that account and we are able
to make uh whatever transactions we want
to make now when we are making those
transactions non-reputation comes into
the place where all our activities also
being logged so we have identified our
account we have authenticated ourselves
by providing the password so the proof
is there that it is us who are trying to
access it
and then whatever activity we do send an
email receive an email delete something
attach something all of those activities
are logged
and stored as proof of what actions have
been done
so tomorrow if we deny having sent that
email gmail can still prove to us
through those logs that though that that
activity was done by us
and the fourth part is integrity which
ensures that the data received and sent
and
sent by the sender and received by the
recipient has not been modified while in
uh
motion
so the integrity part is the
trustworthiness of that data that the
data has not been modified by any hacker
or any other
entity and is still trustworthy
so these are the four prime objectives
of modern cryptography once i have
scrambled that data
using
my public's uh signature it is only my
private signature that is going to
decrypt it right uh
using these mechanisms i will be able to
achieve all these four aspects
of cryptography and
security next question what is safer
now safer stands for secure and fast
encryption routine which is also a block
cipher as we have discussed previously
block cipher is a cipher that is used to
encrypt data that is stored
so it has a 64-bit block size and
byte-oriented algorithm
uh safer's encryption and decryption
procedures are highly secure this
technology is widely used in
applications like digital payment cards
so when you are using your
a digital
payment gateway to make transactions so
you have you have gone on to an online
portal you want to purchase a particular
item
and then it takes you to another
payment gateway where you have to fill
in your credit card information
sensitive information like your uh
expiry dates cvv information and then
the otp or the password that you have
created for your particular account now
all of these need to be secured or
highly secured based on pcidss which is
the payment card industry data security
standard so these standards
ensure that certain protocols are
utilized
to attain that level of security safer
is one of those block ciphers that is
used under the digital payment gateway
infrastructure next question how does
the public infrastructure public key
infrastructure work
now we have already discussed this in
the previous diagrams we have identified
the key players the certification
authority the registration authority the
end user who requires the digital
certificate the validation authority
who's going to validate it and then the
recipe and the end user with whom the
transaction is going to be
conducted so the first point here is
the request for the digital certificate
is sent to the registration authority
they validate it and then they okay to
the certification authority who then
process the request and the digital
certificate is issued to the person who
has requested it
so when the person wants to conduct that
transaction they use that
uh digital certificate to sign that
transaction with the end user the end
user validates that with the validation
authority and once validated the
transaction goes through and now the
last question what is the blowfish
algorithm it is a 64-bit symmetric
encryption algorithm so this is an
algorithm that uses the same key
to encrypt and the same key to decrypt
the same secret key is used to encrypt
and decrypt the messages here the
operations are based on exclusive ors
and additions to on 32-bit words
the key has a maximum length of 448 bits
now this is a little bit technical uh
you might not want to go with this
technical in an interview question you
just need to identify what the algorithm
is used for so whether it is a symmetric
algorithm which means it uses the same
key or
a symmetric algorithm where it uses a
public key to encrypt and a private key
to decrypt
this the blowfish algorithm is just one
more algorithm which uses symmetric
encryption to encrypt and decrypt data
algorithms that we have seen rsa and
others that we have discussed as far as
the interview questions are concerned
what we need to remember is
which algorithms are symmetric which
algorithms are asymmetric what do
symmetric algorithms do and what do
unsymmetric uh symmetric algorithms do
and we also look at block ciphers and
stream ciphers block ciphers are
utilized to encrypt data that is stored
stationary data data addressed and
stream ciphers are utilized for data in
motion while they're being streamed so
ssl and tls is another algorithm that
comes into the picture when you're
looking at streaming data
that's it for this particular video i'll
see you in the next thank you
hi there if you like this video
subscribe to the simply learn youtube
channel and click here to watch similar
videos to nerd up and get certified
click here
No comments:
Post a Comment