The Cyber Security Interview Questions You MUST KNOW!
In this cyber security interview questions video we'll provide you with answers to a couple of information security interview questions you must be aware of before moving to your next cyber security interview. These cyber security interview questions are as follows:
Q: Explain Cross-site Request Forgery (CSRF.)
A: CSRF is an attack that aims to force the user to perform things he otherwise wouldn't perform.
The CSRF attack is found in forms that require user interaction and to be successful, frequently require a user to be logged in.
Q: Most frequent places for a CSRF attack to occur?
A: The CSRF attack frequently occurs in password changing forms, Purchasing forms, etc. (forms that require interaction)
The user must be logged in for the CSRF attack to work.
Q: csrf vs xss. Are there differences?
A: Yes, and quite a lot. CSRF intends to make the user perform actions he wouldn't want to perform himself, while XSS allows an attacker to execute javascript code within the victim's browser.
Q: What should a WAF block for it to be effective?
A: Preferably the OWASP Top 10. SQL injection, Cross-site Scripting, Cross-site Request Forgery, Server-Side Request Forgery, Sensitive Data Exposure, etc.
Q: One of the iso 27001 interview questions. What is the ISO27001?
A: It's an international standard for information security.
It outlines how organizations should manage security threats.
Q: The strongest type of hash for passwords? Why?
A: BCrypt or Blowfish. These algorithms are designed to be slow and consume a lot of resources.
Q:
Why should you salt hashes?
A:
Salted hashes are harder to crack if the attacker is cracking many hashes at once.
Enjoy the video!
Music:
Hey! - Tobjan / tobjanmusic
Creative Commons — Attribution 3.0 Unported — CC BY 3.0
Free Download / Stream: https://bit.ly/3r1kvCG
Music promoted by Audio Library: • Hey! – Tobjan (No Copyright Music)
#shorts #reels #cybersecurity #cyber #infosec #informationsecurity