• HOME
  • ABOUT
  • CONTACT
  • DISCLAIMER
  • PRIVACY POLICY

Hacktress

  • HOME
  • ABOUT
  • CONTACT
  • DISCLAIMER
  • PRIVACY POLICY

Article Categories

#infosec(1)

  • What is Information Security?

Attacks(14)

  • What is fuzzing?
  • What are Attack Vectors?
  • Ransomware
  • Browser Hijacking Scenario
  • Brute Force SSH Attack Scenario

Authentication(3)

  • What is 802.1X?
  • What is Two-factor Authentication?
  • What is the three-way handshake?

Best Practices(11)

  • Security Consultant Advice
  • Side effects of automated testing
  • How to write a disaster recovery plan
  • What is a disaster recovery plan?
  • How would you make your Linux server more secure?

Bitcoin(1)

  • Is Bitcoin traceable?

Bootkit(1)

  • What is a bootkit?

Botnets(1)

  • What is a Botnet?

Browsers(2)

  • Tools that pair their services with browsers
  • Tools That Should Be In Your Infosec Toolbox

Cheat Sheets(7)

  • SQL Injection Links, Cheat Sheets and Tools
  • Cheat Sheet for Metasploit
  • SQL Injection Links and Cheat Sheets
  • What is Wireshark?
  • What is tcpdump?

CIA(1)

  • What is the CIA Triad?

Command Line(20)

  • How exactly does traceroute/tracert work at the protocol level?
  • NetCat Security by Mati Aharoni
  • What is ps?
  • What is dhclient?
  • What is ifup / ifdown?

Common Vulnerabilities and Exploits(1)

  • What are some examples of common security vulnerabilities?

Compliance(5)

  • How to test firewalls for PCI-DSS compliance
  • What is ISO 25000?
  • What is Sarbanes-Oxley Act (SOX) ?
  • What is Protected Health Information (PHI)?
  • What is the HIPAA (Health Insurance Portability and Accountability Act) ?

Cryptography(9)

  • What is Salting?
  • What is Diffie Hellman?
  • What is a Digital Certificate?
  • What is PKI?
  • Using Cryptographic Protocols

Data Link Layer(2)

  • What is the OSI Layer for a Switch?
  • What is the Data Link Layer?

Databases(1)

  • What is AJAX?

DDoS(1)

  • How to respond to a network distributed denial‐of‐service (DDoS) incident

Definitions(3)

  • What is a Threat?
  • What is a vulnerability ?
  • What is the difference between a risk, a threat and a vulnerability?

DHCP(1)

  • What is DHCP?

DNS(2)

  • Why is DNS monitoring important?
  • How do you change your DNS settings in Linux/Windows?

Encoding(1)

  • What is Encoding?

Encryption(17)

  • What is IPSec?
  • How do you provide confidentiality with encryption?
  • What is Salting?
  • What is Encryption?
  • What is Diffie Hellman?

Endpoint Security(1)

  • What is Endpoint Security?

Featured(0)

    Firewalls(4)

    • How to test firewalls for PCI-DSS compliance
    • What is a Network-Based Firewall?
    • What is a host-based firewall?
    • What is a firewall?

    Forensics(4)

    • How do you identify abnormal or malicious behavior?
    • What is Helix3?
    • What is a Chain of Custody Form?
    • What is eDiscovery?

    Frameworks(5)

    • What is the NIST Cybersecurity Framework?
    • What is the NIST Cyber Security Framework?
    • What are Some Various Compliance and Regulatory Frameworks?
    • What is HITRUST?
    • Tools That Should Be In Your Infosec Toolbox

    Governance(12)

    • How to test firewalls for PCI-DSS compliance
    • What is ISO 25000?
    • What is the NIST Cybersecurity Framework?
    • What are Some Various Compliance and Regulatory Frameworks?
    • What are some standards, frameworks and guidelines that auditors use in security audits?

    GRC(1)

    • How to test firewalls for PCI-DSS compliance

    Hacking(1)

    • The interviewer leaves you alone in a room with a computer. Your job is to hack their test network. What do you do next?

    Hardening(0)

      Hash(1)

      • What is a Hash?

      Hashing algorithms(2)

      • What is SHA, SHA-1, and SHA-2?
      • What is MD5?

      HTTP Methods(4)

      • HTTP Request Response Basics
      • What is the difference between a GET and a POST?
      • HTTP Headers
      • What’s the difference between a POST and a GET?

      ICMP(1)

      • What is ICMP?

      Identity theft(1)

      • Scenario: In order to activate an email subscription, a magazine asks for month of birth…

      IDS(1)

      • What are the similarities and differences between an Intrusion Detection System (IDS) and an Intrusion Prevention System (IPS)?

      Incident Management and Response(9)

      • What is order of volatility?
      • What is the Cyber Kill Chain® ?
      • Sample Incident Handling Forms
      • Incident Response Methodology: The OODA Loop
      • What skills are needed for Incident Response?

      Information Security(1)

      • What is Information Security?

      InfoSec Interview Topics(5)

      • What is Information Security?
      • What is the difference between DNS and DHCP?
      • InfoSec Questions Asked on Recent Phone Interview
      • An example of an organization’s hiring process that I personally experienced
      • Topics Covered in InfoSec Technical Interviews

      Intrusion Detection(3)

      • What are the similarities and differences between an Intrusion Detection System (IDS) and an Intrusion Prevention System (IPS)?
      • What is an Intrusion Detection System?
      • What does an intrusion detection system do? How does it do it?

      Intrusion Prevention(1)

      • What are the similarities and differences between an Intrusion Detection System (IDS) and an Intrusion Prevention System (IPS)?

      IP Address Classes(3)

      • What is the range for IP Address Class C?
      • What is the range for IP Address Class B?
      • What is the range for IP Address Class A?

      IP Addresses(1)

      • What is the difference between IPV4 and IPV6?

      IPS(2)

      • What are the similarities and differences between an Intrusion Detection System (IDS) and an Intrusion Prevention System (IPS)?
      • What is an Intrusion Prevention System (IPS)?

      Job descriptions(1)

      • My ideal job

      Kali(1)

      • What is Kali Linux?

      Kali Linux(2)

      • What is Kali Linux?
      • The 2016 Concise Top Ten Hacker Tools List

      Layer 2(2)

      • What is the OSI Layer for a Switch?
      • What is the Data Link Layer?

      Layer 3(1)

      • What is the OSI Layer for a Router?

      Linux(12)

      • Creating an inventory with nmap network scanning
      • How would you make your Linux server more secure?
      • What is ps?
      • What is dhclient?
      • What is ifup / ifdown?

      Log management(3)

      • System Logs in Linux
      • What is Syslog?
      • What is Log Management?

      MAC OS X(1)

      • What is Mac OS X?

      Machine Learning(1)

      • What is Machine Learning?

      Malicious files(1)

      • Analyzing Malicious Document Files

      Malware(3)

      • How do you identify abnormal or malicious behavior?
      • What is Ransomware?
      • What is the difference between a Virus, a Worm, and a Trojan?

      man-in-the-middle(1)

      • What is a man-in-the-middle attack?

      Metasploit(3)

      • Cheat Sheet for Metasploit
      • Understanding Payloads in Metasploit
      • Metasploit

      Miscellaneous(1)

      • What do some obscure Linux commands stand for?

      Monitoring(3)

      • What is PRTG?
      • Why is DNS monitoring important?
      • Tools That Should Be In Your Infosec Toolbox

      Nessus(3)

      • How to Install and Configure Nessus
      • A Nessus Example
      • My NYU Presentation on Nessus

      netcat(2)

      • Netcat examples
      • NetCat Security by Mati Aharoni

      Network Administration(1)

      • Network Administration – 50 Administrator Interview Questions

      Network Intrusion(1)

      • What is Network Intrusion?

      Networks(16)

      • What is NAT vs. Bridged vs. Host-Only?
      • What is a Packet?
      • What is a Demilitarized Zone (DMZ)?
      • What is the difference between IPV4 and IPV6?
      • What is the OSI Layer for a Router?

      nikto(2)

      • How to use a Proxy with Nikto
      • How to Find Vulnerabilities for Any Website Using Nikto

      NIST(1)

      • What is a SCAP security benchmark?

      Nmap(3)

      • Topology Discovery
      • Creating an inventory with nmap network scanning
      • What is Nmap?

      Notification Law(1)

      • Security Breach Notification Laws

      Online training(1)

      • Online IT Infosec Training

      OSI Layers(4)

      • Explain the OSI Model
      • What is the Data Link Layer?
      • What is the OSI Layer of Operation for a Bridge?
      • What is the OSI Layer of Operation for a Hub?

      OSI Model(1)

      • Explain the OSI Model

      Packet analyzers(3)

      • What’s the difference between wireshark, tshark, dumpcap and tcpdump?
      • What is Wireshark?
      • What is tcpdump?

      Password Recovery(1)

      • What is Cain and Abel?

      PCI-DSS(2)

      • How to test firewalls for PCI-DSS compliance
      • What is PCI?

      Penetration testing(3)

      • Hacker Tools Top Ten – Our recommended pentesting tools for 2017
      • How Would You Proceed with a Pentest?
      • What is a penetration test?

      Performance and Scenario Based Interview Questions(30)

      • Who are the biggest direct competitors to Splunk?
      • What are the two phases of Web Application Security testing ?
      • What is Web Application Security Testing?
      • IPV4 Header
      • Scenario: An employee’s computer has been sending out spam …

      PII(0)

        Ping(1)

        • Using tcpdump and wireshark to view network scanning

        PKI(1)

        • What is a Public Key Infrastructure (PKI)?

        Ports(9)

        • Common Ports
        • What is RDP?
        • What is NTP?
        • What is HTTP?
        • What is NetBIOS?

        Privacy(4)

        • Scenario: In order to activate an email subscription, a magazine asks for month of birth…
        • What is Sarbanes-Oxley Act (SOX) ?
        • What is Protected Health Information (PHI)?
        • What is the HIPAA (Health Insurance Portability and Accountability Act) ?

        Protocols(14)

        • What is Border Gateway Protocol (BGP)?
        • What are some common networking protocols?
        • What is HTTPS?
        • What is Transmission Control Protocol (TCP)?
        • Common Ports

        Python(1)

        • What is Python?

        QRadar(1)

        • What is QRadar?

        Qualys(1)

        • What can you tell me about QualysGuard?

        Rainbow tables(1)

        • What is a Rainbow Table?

        Ransomware(2)

        • What is Ransomware?
        • Ransomware Bookmarks

        Risks(1)

        • What are some commonly identified risks?

        Rootkit(1)

        • What is a rootkit?

        Routers(1)

        • What is a Router?

        Routing(2)

        • What is Border Gateway Protocol (BGP)?
        • What is an Autonomous System (AS)?

        Salary(1)

        • How to respond if the employer offers a salary that is below your salary range

        Scanners(2)

        • What is Nikto2?
        • What is a vulnerability assessment?

        Scans(3)

        • What you need to know about performing authenticated network security scans
        • What is a TCP port scan?
        • What is a vulnerability scan?

        Security Architecture(1)

        • Can you give me a few examples of security architecture requirements?

        Security Breaches(0)

          SIEM(3)

          • What is a SOC?
          • How to detect and investigate attack methods with AlienVault USM
          • What is Security Information and Event Management (SIEM)?

          SIEMs(1)

          • What is QRadar?

          Snort(1)

          • What is SNORT?

          SOC(2)

          • What is Triage?
          • What is a SOC?

          Social Engineering Toolkit(1)

          • What is the Social-Engineering Toolkit (SET)?

          Splunk(6)

          • Splunk Education Pages
          • Who are the biggest direct competitors to Splunk?
          • What are components of Splunk/Splunk architecture?
          • Splunk interview questions and answers
          • Give a brief description of Splunk

          SQL Injection(5)

          • SQL Injection Links, Cheat Sheets and Tools
          • SQL Injection Links and Cheat Sheets
          • Tools used to test for SQL Injection
          • What is Blind SQL Injection?
          • SQL Injection

          State and Federal Law(3)

          • What is Sarbanes-Oxley Act (SOX) ?
          • What is Protected Health Information (PHI)?
          • What is the HIPAA (Health Insurance Portability and Accountability Act) ?

          Syslog(3)

          • What are SYSLOG Severity Levels?
          • System Logs in Linux
          • What is Syslog?

          TCP(2)

          • What is a TCP port scan?
          • What is a SYN Flood attack?

          TCP/IP(2)

          • What is TCP/IP (Transmission Control Protocol/Internet Protocol) ?
          • The TCP/IP Layered Model

          tcpdump(2)

          • Using tcpdump and wireshark to view network scanning
          • What is tcpdump?

          Threat Intelligence(2)

          • What is STIX?
          • What is threat intelligence?

          Threats(7)

          • The Best Last Minute Cram Study Guide to Pass the Security+ Exam
          • What is VM detection?
          • Ethical Hacking
          • What are Firewalls?
          • What are some common security threats?

          Toolbox(0)

            Tools(8)

            • Hacker Tools Top Ten – Our recommended pentesting tools for 2017
            • What is fuzzing?
            • Open Source Black Box Testing tools
            • Some ways to use free tools
            • What is sqlmap?

            Top Ten(2)

            • Hacker Tools Top Ten – Our recommended pentesting tools for 2017
            • The 2016 Concise Top Ten Hacker Tools List

            Triage(1)

            • What is Triage?

            Tutorials(3)

            • Georgia Weidman’s Advanced Penetration Testing Course
            • What are some tips for getting started in InfoSec?
            • NetCat Security by Mati Aharoni

            Uncategorized(2)

            • What is persistence?
            • What position are you applying for?

            USM(1)

            • What is Unified Security Management (USM)?

            Virtual Machines(2)

            • What is VM detection?
            • Virtual Machines

            Virtualbox(1)

            • Virtual Machines

            Vulnerability assessment(2)

            • What are some web application vulnerability assessment tools and frameworks?
            • What is a vulnerability assessment?

            Vulnerability scanning(5)

            • What is fuzzing?
            • What are some web application vulnerability assessment tools and frameworks?
            • What is Nikto2?
            • What can you tell me about QualysGuard?
            • What is vulnerability scanning, and what service does it provide to an organization? What does a vulnerability scan look for?

            Web application firewall(1)

            • What is modsecurity?

            Web application security(8)

            • What is fuzzing?
            • Side effects of automated testing
            • What are some web application vulnerability assessment tools and frameworks?
            • What is Nikto2?
            • What is OpenVAS?

            Web vulnerability assessments(3)

            • What are some web application vulnerability assessment tools and frameworks?
            • How to Install and Configure Nessus
            • What is OpenVAS?

            Windows(6)

            • What are Windows logs?
            • What is ping?
            • What is netstat?
            • Windows Command Line – nbtstat
            • What is ipconfig / ifconfig?

            Wireless(2)

            • What is a Wireless LAN?
            • What is airmon-ng?

            Wireshark(2)

            • What is Wireshark?
            • Using tcpdump and wireshark to view network scanning

            XSS(1)

            • Can you give me an example of cross-site scripting?

            Recent Posts

            • The Best Last Minute Cram Study Guide to Pass the Security+ Exam
            • What is VM detection?
            • Hacker Tools Top Ten – Our recommended pentesting tools for 2017
            • What is Information Security?
            • SQL Injection Links, Cheat Sheets and Tools

            Archives

            • March 2018
            • February 2018
            • August 2017
            • June 2017
            • January 2017
            • September 2016
            • August 2016
            • July 2016
            • June 2016
            • May 2016
            • April 2016
            • March 2016
            • February 2016
            • January 2016

            Categories

            Information Security Podcasts

            A roundup of Information Security podcasts:

            1. Brakeing Down Security
            2. Southern Fried Security Podcast
            3. Silver Bullet Security Podcast
            4. Defensive Security Podcast
            5. Paul’s Security Weekly
            6. Down the Security Rabbithole
            7. OWASP 24/7
            8. Risky Business
            9. The Standard Deviant Security Podcast
            10. Take 1 Security Podcast
            11. 2 Minute Cyber Security Briefing
            12. SANS Internet Storm Center Podcast
            13. Security Current Podcast
            14. Security Now
            15. Threatpost Digital Underground
            16. NETSEC TL;DR

            Recent Comments

              Meta

              • Log in
              • Entries feed
              • Comments feed
              • WordPress.org
              • HOME
              • ABOUT
              • CONTACT
              • DISCLAIMER
              • PRIVACY POLICY
              Design by Westside Virtual © Copyright 2016 - 2018 Westside Virtual, Inc. All rights reserved.