Answer:- Phishing and spoofing are totally different beneath the surface. One downloads malware to your PC or network, and the other part tricks you into surrendering sensitive monetary data to a cyber-crook. Phishing is a technique for recovery, while spoofing is a method for delivery.

Answer:- System sniffing includes utilizing sniffer tools that empower real- time monitoring and analysis of data streaming over PC systems. Sniffers can be utilized for various purposes, regardless of whether it’s to steal data or manage systems. Network sniffing is utilized for ethical and unethical purposes. System administrators utilize these as system monitoring and analysis tool to analyze and avoid network-related issues, for example, traffic bottlenecks. These devices can be used a organize cybercrime for untrustworthy purposes, for example, character usurpation, email, delicate information hijacking, etc.

Answer:- Network security is essentially a set of rules and configurations formulated to protect the accessibility, confidentiality, and integrity of computer networks and data with the help of software and hardware technologies. Types of network security: • Network access control: To prevent attackers and infiltrations in the network, network access control policies are in place for both users and devices at the most granular level. For example, access authority to network and confidential files can be assigned and regulated as needed. • Antivirus and antimalware software: Antivirus and antimalware software are used to continuously scan and protect against malicious software, viruses, worms, ransomware, and trojans. • Firewall protection: Firewalls act as a barrier between your trusted internal network and an untrusted external network. Administrators can configure a set of defined rules for the permission of traffic into the network. • Virtual private networks (VPNs): VPNs form a connection to the network from another endpoint or site. For example, an employee working from home uses a VPN to connect to the organization’s network. The user would need to authenticate to allow this communication. The data between the two points is encrypted.

Answer:- A network protocol is established as a set of rules to determine the way data transmissions take place between the devices in the same network. It basically allows communication between the connected devices regardless of any differences in their internal structure, design, or processes. Network protocols play a critical role in digital communications.

Answer:- Footprinting is nothing but accumulating and revealing as much data about the target network before gaining access to any network. Open Source Footprinting: It will search for the contact data of administrators that will be utilized for guessing passwords in Social Engineering Network Enumeration: The hacker attempts to distinguish the domain names and the network blocks of the target network Scanning: After the network is known, the second step is to spy the active IP addresses on the network. For distinguishing active IP addresses (ICMP) Internet Control Message Protocol is a functioning IP address Stack Fingerprinting: the final stage of the footprinting step can be performed, once the hosts and port have been mapped by examining the network, this is called Stack fingerprinting.

Answer:- • Encryption • Encryption is reversible • Encryption ensures confidentiality • Hashing • Hashing is irreversible • Hashing ensures Integrity

Answer:- CIA triad is a popular information security model. It follows three principles mentioned below: Confidentiality: Keeping the information secret. Integrity: Keeping the information unaltered. Availability: Information is available to the authorized parties at all times.

Answer:- • Vulnerability Assessment • Vulnerability Assessment is an approach used to find flaws in an application/network • It is like travelling on the surface • Penetration testing • It is the practice of finding exploitable vulnerabilities like a real attacker will do • It is digging for gold.

Answer:- A firewall could be a device that allows/blocks traffic as per outlined set of rules. These are placed on the boundary of trusted and untrusted networks.

Answer:- Data leak is nothing but data knowledge getting out of the organization in an unauthorized manner. Data will get leaked through numerous ways in which – emails, prints, laptops obtaining lost, unauthorized transfer of data to public portals, removable drives, pictures, etc. Security of data is very important nowadays so there are varied controls that may be placed to make sure that the info doesn’t get leaked, many controls will be limiting upload on web websites, following an internal encryption answer, limiting the emails to the interior network, restriction on printing confidential data, etc.

Answer:- Hacking, or targeting on a machine, should have the following 5 phases : • Surveillance : This is the principal stage where the hacker endeavours to gather as much data as possible about the target • Scanning : This stage includes exploiting the data accumulated amid Surveillance stage and utilizing it to inspect the casualty. The hacker can utilize computerized devices amid the scanning stage which can incorporate port scanners, mappers and vulnerability scanners. • Getting access : This is where the real hacking happens. The hacker attempts to exploit data found amid the surveillance and Scanning stage to get access. • Access Maintenance : Once access is gained, hackers need to keep that access for future exploitation and assaults by securing their exclusive access with backdoors, rootkits and Trojans. • Covering tracks : Once hackers have possessed the capacity to pick up and maintain access, they cover their tracks and to keep away from getting detected. This likewise enables them to proceed with the utilization of the hacked framework and keep themselves away from legitimate activities.

Answer:- There are several moral hacking tools out there within the marketing for different purposes, they are: • NMAP – NMAP stands for Network plotter. It’s an associate degree open-source tool that’s used widely for network discovery and security auditing. • Metasploit – Metasploit is one of the most powerful exploit tools to conduct basic penetration tests. • Burp Suit – Burp Suite could be a widespread platform that’s widely used for playing security testing of internet applications. • Angry IP Scanner – Angry information processing scanner could be a lightweight, cross-platform information processing address and port scanner. • Cain & Abel – Cain & Abel is a password recovery tool for Microsoft operational Systems. • Ettercap – Ettercap stands for local area network Capture. It is used for a Man-in-the-Middle attack using a network security tool.

Answer:- MAC Flooding is a kind of a technique wherever the protection of given network switch is compromised. In MAC flooding the hacker floods the switch with sizable amounts of frames, than what a switch can handle. This makes switch behaving as a hub and transmits all packetsto all the ports existing. Taking the advantage of this the attacker can attempt to send his packet within the network to steal the sensitive information.

Answer:- Sniffing in Ethical Hacking is a method implemented for monitoring all the data packets that pass through a particular network. Sniffers are primarily used to oversee and troubleshoot network traffic, and Network/System Administrators are responsible for this role. Sniffers can be installed in the system in the form of software or hardware. However, attackers can misuse sniffers to gain access to data packets that contain sensitive information, such as account information, passwords, etc. Packet sniffers on a network can give a malicious hacker the opportunity to intrude and access all of the network traffic. There are two types of sniffing: • Active sniffing: Sniffing in a point-to-point network device called the switch is referred to as active sniffing. The switch is responsible for the regulation of the data flow between its ports. This is done through the active monitoring of the MAC address on each port, which enables the passing of data only to the intended target. To activate the sniffing of the traffic between targets, sniffers have to inject traffic into the LAN. • Passive sniffing: Passive sniffing happens when the sniffing is done through the hub. The traffic that goes through the unbridged network or the non-switched segment is transparent to all machines in that segment. Here, sniffers work at the network’s data link layer. This is called passive sniffing as sniffers set up by the attackers passively wait for the data to capture them when they are sent.