What is CIA triad in Cyber Security ? CIA stand for Confidentiality, Integrity, Availability Also called as CIA triad, three pillars of security. It is model which helps in Information security policies of an organization. It helps in risk assessment. Infosec professionals take care about this. It helps to know what went wrong about security […]
Continue Reading
What is Encryption and Decryption in Cyber security? Let see each of them in detail. What is Encryption? It is process of encoding information by which only authorized individuals can understand. You can say readable format to un readable. It converts plant text to ciphertext (Secret code) for reading need to convert to simple text. […]
Continue Reading
Syn flood attack: It is type of DOS attack which exploits TCP three way handshake. The attacker sends huge connection requests ( SYN) to server. Server will accept the request for certain time and hold the connection. It will consume all the concurrent connection’s on. Target server will not be available for legit users. It […]
Continue Reading
What is Man in the middle attack? By this attack Communications between two parties are altered. In short it is called as MITM. Two parties believe they are directly communicating with each other. Attackers interrupts in communications between two parties. It is type of eavesdropping attack It is also a type of session hijacking. Mitigation: […]
Continue Reading
What is DNS spoofing attack ? Internet traffic is diverted to fake servers Corrupt DNS data is introduce into DNS resolvers cache ( DNS Cache Poisoning) It is also called as DNS poisoning How does DNS Spoofing works? In DNS spoofing attack takes help of DNS server vulnerabilities, traffic is diverted to fake servers away […]
Continue Reading
What is Malware in Cyber Security?, Computer It is Malicious or bad code, which is design to do wrong activity Design to damage a system, steal information Examples of Malware It can add, modify, delete the data. It collects sensitive data It can stop running services It can shut down the system How to prevent […]
Continue Reading
OWASP 10 Vulnerabilities with Examples: OWASP stands for Open web application security project: It is non profit foundation works to improve web applications security. It releases Top 10 Vulnerability, risks which applications may face for particular year. Every year it announce 10 top vulnerabilities It functions under open community model, anyone can take part and […]
Continue Reading
What is SQL Injection With Example? Attacking database and can modify, delete data By commands attack takes place Malicious SQL statements are inserted into the entry field Should not be executed by external IP Impact: By SQL injection attack in Cyber Security, hackers can get unauthorized access to sensitive data user passwords, personal user information, […]
Continue Reading
What is Cross Site Scripting Attack ? Malicious scripts is injected in the code (user provided inputs) of web applications ( website, website database) Malicious scripts are executed in web browser of victim. Attack by malicious code (payload) in legitimate web applications It is JavaScript vulnerability in Web applications Attacker can steal active session cookie […]
Continue Reading
Cyber security Definition: It is protection of servers, computers, apps data from unauthorized access which are aimed to exploitation. It is vast topic. Please find below questions and answers for more information on What is cyber security definition. It is subset of Information security. Is Cyber security a Good Career? Yes choosing this field as […]
Continue Reading