1. What would it mean if I saw a lot of activity on port 53? First of all you need to find what is the source of traffic. Try something like: netstat -a -n -p|grep :53 or this: lsof -p PID 2. What is the diff between http and html? One is a protocol and […]
Articles Tagged: #infosec interview questions
How would you assess the security of third party vendors with access to your organization?
If a third party vendor has access to your organization and the vendor gets hacked, your company is at risk of losing vital data, confidential employee data and contact lists, and the consequences can range to damaged reputation, stockholder sellouts, insurance claims, extensive financial damage and possibly even bankruptcy. Remember these steps to reduce the […]
An example of an organization’s hiring process that I personally experienced
Do not think that an extended hiring process means you will get an offer. Take a look at this recent and actual hiring process that I personally experienced: I submitted my resume to a Security Analyst job posting in late January 2016 On Feb 9th, I had a phone Interview with the HR Representative. It […]
What are some command line Tools in Linux and Windows? What do they do?
arp: used to view and manage the arp cache, can be used to look at the Layer 3-to-Layer 2 mapping on an Ethernet network for most Windows- and Linux-based devices. dig: verify DNS resolution. dhclient: releases your computer’s IP address to get a new one from the DHCP server host: performs DNS lookups – give […]
Basic Linux Privilege Escalation
Hat tip to g0tmi1k for authoring one of the best basic Linux privilege escalation compilations ever. Operating System What’s the distribution type? What version? 1 2 3 4 cat /etc/issue cat /etc/*-release cat /etc/lsb-release # Debian based cat /etc/redhat-release # Redhat based What’s the kernel version? Is it 64-bit? 1 2 3 4 5 6 […]
What are some examples of common security vulnerabilities?
#1:Missing patches All it takes for an attacker, or a rogue insider, is a missing patch on a server that permits an unauthenticated command prompt or other backdoor path into the web environment. Sure, we have to be careful when applying patches to servers but to not apply patches at all (I often seen missing […]