Cyber Security Interview Questions and Answers - 2

15. Explain Hashing and Encryption. Explain the differences between them.

Hashing is an ideal way to store passwords, as hashes are inherently one-way in their nature. Hashing is great for usage in any instance where you want to compare a value with a stored value.

Encryption turns data into a series of unreadable characters, that aren't of a fixed length.

The key difference between encryption and hashing is that encrypted strings can be reversed back into their original decrypted form if you have the right key.

16. What is Cognitive Cyber security?

Cognitive Cyber security is an application of AI technologies patterned on human thought processes to detect threats and protect physical and digital systems.

17. If you were allowed to take over as our Cyber Security Experts, what security controls would you put in place to secure our organization?

i. Make sure that all the all the software and applications are updated.

ii. Have a password policy - Too easy or common passwords help the attackers to get in easily

iii. Ensure that employees have only relevant permissions to use a software or application in an authorized way. In case of terminations, resignations revoke these permissions. You may even have to alter them with changing roles.

iv. Keep a check on the configuration of your applications and devices so that they are up to date.

v. Monitor your network and end points for any security attacks and take immediate actions.

vi. Have a disaster, response and recovery plan in place just in case the attackers make through.

vii. Train your employees to identify and report an attack attempt.

viii. Get Pen tests done by ethical hackers & get the certification done from authorized bodies that can alert you of an possible vulnerabilities in the system.

18. What qualities are required to be a good Cyber Security professional?

The most important qualities required to be a Cyber Security Professional are:

i.) Strong analytical and diagnostics skills

ii.) Good technical skills - Beginners should have a good understanding of various Operating Systems, Mobile platforms, networking and virtualization software. You should also have a good understanding of programming languages like C, C++, Java, Assembly language and Scripting languages like PERL, Python, PHP, Shell etc.

iii.) Ability to think like attackers - So that you can build, test and protect your products or network from them.

iv.) Upgrading the skills continuously - One of the most important qualities as the field is evolutionary

v.) Good knowledge of current threat scenario and how to deal with them

vi.) Skills in disaster recovery plan - If at all the attackers manage to strike.

vii.) Expertise in analyzing the malware

viii.) Passion to improve your technical skills

ix.) Excellent communication skills to explain things to management and client in a non-technical language