1.Q: What do you mean by blocks in the blockchain technology?
Blockchain consists of information of all the financial transactions. A block is nothing but just a list of records. When these lists are combined with each other, they are known as blockchain. For example- an organisation has 100 ledger books the combination of which is known as Blockchain and a single ledger would be considered as a block.
2.Q: What challenges information leak can impose of an organisation?
The information leak can cut down the reputation of an organisation up to an excellent extent. In addition to this, it can be the reason of organisation bearing huge losses. Many organisations who fail to implement security protocols to keep their data secure have already lost the trust of their customers and are struggling very hard to get the same reputation again. The overall profits of any organisation can reduce up to 80% if no attention is paid to the online transaction security.
3.Q: Name organisations that can use Blockchain technology?
There is no strict upper limit on the category of business who can consider this approach. The fact is almost all the businesses are engaged in online or financial transactions that they need to make to run the processes smoothly. Large scale corporations, financial institutions, private businesses, government departments and even defence organisations can trust this technology very easily.
4.Q: Is it possible in Blockchain to remove one or more block from the networks?
Yes, it can be done. There are times when only a specific portion of this online ledger is to be considered. With the help of default options and filters, this can easily be done without making a lot of efforts.
5.Q: What is encryption? What is its role in Blockchain?
Data security always matters. Encryption is basically an approach that helps organisations to keep their data secure. In this technique, the data is encoded or changed up to some extent before it is sent out of a network by the sender. The only receiver can understand how to decode the same. In Blockchain, this approach is useful because it simply adds more to the overall security and authenticity of blocks and help to keep them secure.
6.Q: Is it possible to modify the data once it is written in a block?
No, it is not possible to do so. In case any modification is required, the organisation simply has to erase the information from all other blocks too. It is because of no other reason than this, data must be given the extreme care of while using this approach.
7.Q: What type of records can be kept in Blockchain? Is there any restriction on same?
There is no restriction of keeping records of any type in the Blockchain approach. Presently, a lot of organizations all over the world are using this approach and the fact is records of medical transactions, events related to organisations, management activities, transaction processing, identity management, as well as documentation are the common type of records that can be kept on them. It must be noted that the record keeping is not just limited to these applications only.
8.Q: What is Double Spending?
It is one of the major problems that are associated with the digital cash. In fact, it’s a condition when one digital token is spent multiple times because the token generally consists of a digital file that can easily be cloned. It simply leads to inflation and organisations has to bear a huge loss. One of the primary aims of Blockchain technology is to eliminate this approach up to the possible extent.
9.Q: Explain the significance of blind signature and how it is useful?
It is actually a form of digital signature and in fact an important part of the cryptography in which all the information is made blind before it is actually considered or signed. This is verified approach and is generally considered in the privacy-related protocols where both the author and the signing parties are different. One of the most common examples is digital cash scheme.
10.Q: What does BIP stands for?
It means Bitcoin improvement proposal.
11.Q. According to you, what exactly is the role of a Cyber Security expert?
Cyber Security experts are required in both small a, as well as in large-scale enterprises. The role may vary depending on the position, nature of organisations. Some important roles are proper implementation of all security protocols to assure extreme protection to data, networks, & network nodes. Assuring the loss of service interruption and data loss due to security issues is also one of the top responsibilities of a Cyber Security expert. In addition to this, such an expert must keep himself up-to-date with all the latest intelligence strategies and the common approaches hackers use to hack systems and data.
12.Q. What do you know about 80/20 rule in the Cyber Security Protocols?
Well, it is one of the very important protocols which describe Internet Protocol networks and its nodes where 80 percent of the overall traffic remains local while the remaining 20 percent is routed to a remote network.
13.Q. In business, data is everything and as a security expert you know this, so how you will make sure data safety during your job?
First I begin with the basic things that are necessary to pay attention to. Installation of Cyber Security software is the first step to be implemented and I will do this. This basically includes installation of data encryption software, firewalls and so on. Next, I will pay attention to staff training which is a relevant step to ensure all the networks and widgets are secure. The training includes network security procedures and how they are considered. A back-up plan against network disaster is also something that would eliminate all the risks in case things go wrong.
14.Q. What do you mean by phishing?
It is basically an approach that simply deceit people from getting data from the users. The regular or genuine WebPages such as email-IDs ask users to enter their own password and ID.
15.Q. What exactly data leakage is according to you. What measures will you take to stop it?
Technically data leakage is nothing but the departure of IP from a pre-determined place. It can sometimes invite huge risks and therefore it is necessary to keep up the pace against it all the time. As one of the most common sayings is “Prevention is better than cure”, it’s better to pay attention to factors that can lead to same in advance. This includes technology mishaps, storing backup at an insecure location which these days is the most common reason of data leakage. The system configuration in an unreliable manner, Human errors, attack by hackers, inadequate security control for the files that are shared among departments, as well as the corrupt hardware can be the leading reasons for this.
16.Q: What is Secret Sharing? Does it have any benefit in Blockchain technology?
It is a well-known fact that security matters a lot in digital transactions. Secret sharing is an approach meant for same. In Blockchain technology it is an approach that divides secret or personal information into different units and sent them to the users on the network. The original information can only be combined when a participant to whom a share of the secret is allocated agree to combine them together with others. There are several security-related benefits it can offer in Blockchain technology.
17.Q: What exactly do you know about executive accounting? Does Blockchain support the same?
Executive accounting is nothing but a special type of accounting which is designed exclusively for a business that offers services to the people. There is no strict upper limit on services and a business can manage any through the executive accounting. Blockchain has algorithms that are specially meant to handle executive accounting. In fact, it cut down many problems that are associated with the same.
18.Q: What do you know about Blockchain?
Well, it’s a technology which was actually designed for the Bitcoin and later it got a lot of publicity due to the diverse array of benefits it brings when it comes to monitoring and recording all the financial transactions that are made on a network. It’s a trusted approach and there are a lot of organizations in the present scenario which is using it. As everything is secure, and because it’s an open source approach, it can easily be trusted in the long run.
19.Q: How does a block is recognized in the Blockchain approach?
Every block in this online ledger basically consists of a hash pointer which acts as a link to the block which is prior to it, transaction data and in fact a stamp of time.
20.Q: Why Blockchain is a trusted approach
Blockchain can be trusted due to so many reasons. The very first one is its compatibility with other business applications due to its open-source nature. Second is its security. As it was meant for online transactions, the developers have paid special attention in keeping up the pace when it comes to its security. It really doesn’t matter what type of business one owns, Blockchain can easily be considered.
21.Q: What exactly do you know about the security of a block?
Well, a block cannot be modified by all the users on a network. Therefore it offers an excellent level of security. In addition to this, every block is secured using cryptography that is another vote in this matter. Thus one needs not to worry about the safety as well as the security of data that is present in a block.
22.Q: Is there any network specific conditions for using Blockchain technology in an organisation?
There is no specific condition on using it. However, the network must be a peer-to-peer network under the concerned protocols. It actually validates the new block simply and helps organisations to keep up the pace in this matter without investing in third-party applications.
23.Q: Name the steps that are involved in the Blockchain project implementation?
Well, there are total six steps involved in this process and they are:
1. Requirement identification
2. Screen ideas consideration
3. Project development for Blockchain
4. Feasible study on the security
6. Controlling and monitoring the project
24.Q: What are the benefits of Blockchain that you know?
It encourages secure online transactions which is one of its biggest benefits. Basically, being a distributed and decentralized ledger that keeps a close eye on all the transaction records, it doesn’t let the record to be altered by anyone. This enhances the security. In addition to this, participants and the business owners can always make sure of loss cost auditing at the end. One thing that can always be assured with blockchain is every block or unit can be transferred only once which simply eliminates the double spending problem.
25.Q: Name the two types of records that are present in the blockchain database?
These records are block records and transactional records. Both these records can easily be accessed and the best thing is it is possible to integrate them each other without following the complex algorithms.
26.Q: What are the threads to the information you are familiar with?
There are lots of threats to information in the present scenario. Due to increase in online transactions over the internet, many hackers have become active and are adopting new approaches to hack information and servers that contain financial information. The major threat is software attack, identity theft, information extortion, as well as sabotage. In addition to this, Trojan horses, worms, and viruses are other trouble creators.
27.Q: What is information processing according to you? What are the key challenges that are associated with it?
The information is often shared on a network. Before actually transmitting it over a network, it needs to be changed into formats that can fit the standards of the channels (the channel is a link between the sender and a receiver). The work done to convert the information at both sender and receiver end is generally regarded as information processing. The biggest challenge to information processing is securing it during that time. Another challenge is processing bulk information can impose a limit on performance.
28.Q: What are the key principles in Blockchain that are helpful in eliminating the security threats that needs to be followed?
Yes there are a few principles that need to be followed with respect to time. They are:
2. Securing applications
3. Securing testing and similar approaches
4. Database security
5. Continuity planning
6. Digital workforce training
All these principles are basic and are easy to implement. They are helpful in making the transactions records useful.
29.Q: What is the principle on which blockchain technology is based on?
It enables the information to be distributed among the users without being copied.
30.Q: Is Blockchain an incorruptible ledger?
As per the developer’s claim, the blockchain ledger cannot be corrupted.
31.Q: What is a security policy?
A security policy defines what exactly needs to be secured on a system. It bounds a network user under some core protocols that they all must agree and follow to enhance the overall security. When it comes to information or financial records of an organisation, multiple security policies are implemented than just one.
32.Q: How you will handle the risk management when it comes to securing the transactions records?
It is basically a process of finding the threats and all the vulnerabilities to the financial records of an organisation. The best thing that can be done with this approach is to take the right countermeasures against them immediately. Another approach is to pay attention to a backup plan. Based on the value of information, more approaches such as buying new risk management software can simply be considered. The prime risk to information is from black-hat hackers.
33.Q: Name the common type of ledgers that can be considered by users in Blockchain?
1. Centralised Ledgers
2. Decentralised Ledgers
3. Distributed Ledgers
34.Q: How a blockchain ledger is different from an ordinary one?
The first and in fact the prime difference is Blockchain is a digital ledger that can be decentralised very easily. The chances of error in this approach are far less than that in an ordinary ledger. An ordinary ledger is what that is prepared with hands or by human efforts while the Blockchain performs all its tasks automatically. You just need to configure it in a proper manner and by following all the guidelines
35.Q. What are gateways?
When it comes to getting connectivity between two or more network segments, gateways are used. A gateway is basically a computer that runs the concerned software and offers services which are related to translation.
36.Q. Tell everything you know about the loss prevention controls?
Well, there are certain factors that are relevant as well as important in this matter. The very first thing that can be done to avoid them is creating the information risk profile, next is to develop the framework following all the security protocols. A workflow diagram would be helpful for this. Also, a response chart can contribute equally. Appendance of DLP controls all over the organisation is something that is also helpful in this manner. All the outcomes for cutting down risk must be paid a closed attention. All the responsibilities must be properly assigned to the incident analyst, forensic investigators, local technical administrators, as well as to auditors for loss control prevention.
37.Q. What is the significance of a NIC?
It is basically a card that is attached to motherboard and is responsible for connecting a PC to a network
38.Q. We need to know about your personal traits which you should consider when it comes to protecting the server or network data.
The basic approach is installing strong anti-virus software and recommending all the security enhancements as well as purchases to the management. It is necessary that the system received automatic updates. Passwords must not be shared with any unauthorized staff. Any data could lead to damage or loss to the organisation should be encrypted electronically. Old PC should not be disposed of as it is. It must be ensured that all the data have been deleted from them. In addition to this, an anti-spyware tool would be best to keep up the pace. Also, information backup after a specific time period is recommended.
39.Q. What do you know about a backbone network?
It is basically an approach that is considered when it comes to distributing the data to various networks. The bandwidth management and channel legalizations are also the tasks that it can handle. In true sense, it is the central infrastructure.
40.Q. Mention some steps that you will take against Phishing
The simplest approach is considering a guard against the spam as they are the trouble creators in many cases. In case a pop-up screen is there, personal information such as User ID and password must not be entered. Any kind of information related to finance should not be sent via personal e-mail. Downloading of files received from unknown e-mail should be avoided and web links present in them should not be clicked.
41.Q. Explain subnet masking? Name one similarity between Subnet Mask and IP address?
Sometimes there is a need to combine host address with the networking address. This is exactly where this approach is considered. The extended network address can be simply identified with subnet masking. It is similar to IP address in terms of the number of bits it is made of. Both IP and subnet mast are of 32-bit size.
42.Q. What do you mean by the term data encapsulation?
Networks can face a lot of issues when it comes to sending large or bulky sizes. Thus the data is generally broken into the smaller parts which are called as packets or data packets. The approach is simple and i.e. the source and the destination address are attached through a temporary path that remains active till the transmission is going on.
43.Q. What exactly do you know about WEP cracking? Can you also tell what its types are?
It is basically a methodology of manipulating the susceptibility in the wireless servers or networks to gain access in an unauthorized manner. Active and Passive cracking are the two types. Active cracking doesn’t create any effect on the traffic until WEP security is performing its task. On the other side, the aim of the passive attack is nothing but to simply enhance the load on the network to cut down the performance. It can easily be detected.
44.Q. Name some WEP cracking tools you are familiar with?
Kismet, WEP Crack, WebDecryp, as well as AirCrack are some of the common WEP cracking tools.
45.Q. What do you mean by the term network topology in a network management?
In a network, it is possible to connect nodes or devices in various methods depending upon their number, requirement, and tasks. The way they can be connected with each other is termed as topology in a network. Some common types of topologies are:
1. Start topology
2. Hybrid Topology
3. Mesh Topology
4. Ring topology
5. Tree Topology
46.Q. What are web server vulnerabilities that lead to an unsecured server?
There are several vulnerabilities that can result in same. Sometimes the users consider default settings and don’t customize them. This often creates vulnerabilities and imposes risk on the overall data present in the nodes. Many time the errors in the web servers and operating system also leads to this and creates a lot of security issues. Another vulnerability is improper configuration of network and servers.
47.Q. Tell the maximum length which is allowed for a UTP cable? Is it possible to overcome this limit? If so, how?
A UTP cable can easily perform its task up to 100 meters without degrading the efficiency. Yes, it is possible to exceed this limit. We need networking devices such as switches and repeaters for this.
48.Q. What are web server attacks? How can you prevent them?
These are basically the attacks by hackers directly on the server to gain access over the same. Hacking of websites, software and nodes happens due to this. These attacks can be stopped up to great extent through some of the best possible ways. The first step is to installation and configuration of server software in a safe manner. The server firewall must always be enabled. One must pay close attention to the system vulnerability. Sometime there is a need to disable remote administration due to security protocols. All the accounts that are no longer in use should be removed or deleted from the server to avoid web server attacks.
49.Q. Name a few useful certifications for Cyber Security Experts?
Well, CSL (Certified Security Leadership), GSEC (General Security Essentials), CFA (Certified Forensic Analyst), as well as CFA (Certified Firewall analyst) are some of the best available options.
50.Q. Name the various methods that an organization can consider against SQL injection
Stored Procedures, Database connection user access rights, sanitizing the user commands, controlling error messages, as well as detecting harmful code and dumping it are some of the approaches that are helpful in this manner.
51.Q. Suggest one method to create a secure dial-up connection to a remote server
This can be done through VPN i.e. Virtual Private Network
52.Q. What does OSI stand for? Name the layers present in it?
OSI stands for open system interconnection. There are total seven layers which are present in this referencing model. These are:
1. Application Layer
2. Presentation Layer
3. Session Layer
4. Transport Layer
.5. Network Layer
6. Data Link Layer
7. Physical Layer
The role of different layers is different and they are responsible for lots of tasks in a network management approach.
53.Q. Name one referencing model other than OSI?
TCP/IP. It stands for Transmission Control Protocol/Internet Protocol. It is not widely used in the present scenario as compared to the OSI.
54.Q. Define a node? How is it different from a link?
A node is nothing but a point where greater than or equal two devices join each other. In a few models, a node is also considered as a computer on a network. On the other side a link is nothing but the connectivity between two nodes or devices. It can be wired or a wireless link depending upon shape, size and other factors related to the network. A link is responsible for maintaining the connection among different nodes on the single network.
55.Q. Suppose there is an organisation with the limited number of computers and devices in their office. What type of network should they use and why?
For limited computers and devices, LAN i.e. Local Area Networking is a good option due to several reasons. They are:
1. LAN assures faster bandwidth
2. The cost is not so high
3. Implementation is a not a complex task and in many cases, the network can be created in a short time span.
56.Q. What are the basic networking devices you are familiar with?
Modem, Router, Hub, Switch and Splitter
57.Q. What is private IP address?
They are considered when it comes to using Intranets. They are not routable to external public networks are generally used for internal networks only. Same IPs can be used for multiple intranets.
58.Q. What do you know about Parity Check-in data transmission over a network?
Party check is an important approach to know whether the data received is same as it was sent or not. As the data is sent in smaller units called as packets on a network and is in digital form, parity check assures that at receiver is same as it was sent. Parity checker assures such an issue wouldn’t declare its presence. It is possible to correct the errors when they are detected.