Answer:- If the application doesn’t sanitize the user input then the SQL injection happens. Thus a malicious hacker would inject SQL queries to gain unauthorized access and execute administration operations on the database. SQL injections may be classified as follows: • Error-based SQL injection • Blind SQL injection • Time-based SQL injection

Answer:- It’s best, actually, to master all 5 of Python, C/C++, Java, Perl, and LISP. Besides being the foremost vital hacking languages, they represent totally different approaches to programming, and each of it can educate you in valuable ways.

Answer:- A spoofing attack is when a malicious party impersonates another device or user on a network so as to launch attacks against network hosts, steal data, unfold malware or bypass access controls. Different Spoofing attacks are deployed by malicious parties to achieve this.

Answer:- • ARP Spoofing Attack. • DNS Spoofing Attack. • IP Spoofing Attack.

Answer:- Passive reconnaissance is nothing but to gain info regarding targeted computers and networks while not actively participating with the systems. In active reconnaissance, in distinction, the attacker engages with the target system, usually conducting a port scan to find any open ports.

Answer:- All networks across devices are assigned a number which is unique, which is termed as MAC or Machine Access Control address. This address may be a personal mail box on the net. The network router identifies it. the amount may be modified anytime.All devices get their distinctive information processing address so they can be located easily on a given laptop and network. Whoever is aware of your distinctive information processing address will contact you through it.

Answer:- SSL is identity verification, not hard encryption. it’s designed to be able to prove that the person you’re engaging on the other side is who they say they are. SSL and TLS are each used by almost everyone online, however because of this it is a huge target and is mainly attacked through its implementation (The Heartbleed bug for example) and its far-famed methodology.

Answer:- Cryptography aids to secure information from third parties who are called adversaries. It allows only the sender and the recipient to access the data securely.

Answer:- Traceroute is a network diagnostic tool. It helps track the route taken by a packet that is sent across the IP network. It shows the IP addresses of all the routers it pinged between the source and the destination. Uses: • It shows the time taken by the packet for each hop during the transmission. • When the packet is lost during the transmission, the traceroute will identify where the point of failure is.

Answer:- A firewall is a network security device/system, which blocks malicious traffic such as hackers, worms, malware, and viruses to maintain data privacy. Uses: • It monitors the incoming and outgoing network traffic. It permits or allows only data packets that agree to the set of security rules. • It acts as a barrier between the internal network and the incoming traffic from external sources like the Internet.

Answer:- It is a process that happens in a TCP/IP network when you make a connection between a local host and the server. It is a three-step process to negotiate acknowledgment and synchronization of packets before communication starts. Step 1: The client makes a connection with the server with SYN. Step 2: The server responds to the client request with SYN+ACK. Step 3: The client acknowledges the server’s response with ACK, and the actual data transmission begins.

Answer:- HTTP response codes indicate a server’s response when a client makes a request to the server. It shows whether an HTTP request is completed or not. 1xx: Informational The request is received, and the process is continuing. Some example codes are: • 100 (continue) • 101 (switching protocol) • 102 (processing) • 103 (early hints) 2xx: Success The action is received, understood, and accepted successfully. A few example codes for this are: • 200 (OK) • 202 (accepted) • 205 (reset content) • 208 (already reported) 3xx: Redirection To complete the request, further action is required to take place. Example codes: • 300 (multiple choice) • 302 (found) • 308 (permanent redirect) 4xx: Client Error The request has incorrect syntax, or it is not fulfilled. Here are the example codes for this: • 400 (bad request) • 403 (forbidden) • 404 (not found) 5xx: Server Error The server fails to complete a valid request. Example codes for this are: • 500 (internal server error) • 502 (bad gateway) • 511 (network authentication required)

Answer:- CIA Triad is a security model to ensure IT security. CIA stands for confidentiality, integrity, and availability. • Confidentiality: To protect sensitive information from unauthorized access. • Integrity: To protect data from deletion or modification by an unintended person. • Availability: To confirm the availability of the data whenever needed.

Answer:- Here is a list of common cyberattacks aimed at inflicting damage to a system. 1. Man in the Middle attack: The attacker puts himself in the communication between the sender and the receiver. This is done to eavesdrop and impersonate to steal data. 2. Phishing: Here, the attacker will act as a trusted entity to perform malicious activities such as getting usernames, passwords, and credit card numbers. 3. Rogue Software: It is a fraudulent attack where the attacker fakes a virus on the target device and offers an anti-virus tool to remove the malware. This is done to install malicious software into the system. 4. Malware: Malware is software that is designed to attack the target system. The software can be a virus, worm, ransomware, spyware, and so on. 5. Drive-by Downloads: The hacker takes advantage of the lack of updates on the OS, app, or browser, which automatically downloads malicious code to the system. 6. DDoS: This is done to overwhelm the target network with massive traffic, making it impossible for the website or the service to be operable. 7. Malvertising: Malvertising refers to the injections of maleficent code to legitimate advertising networks, which redirect users to unintended websites. 8. Password Attacks: As the name suggests, here, the cyber hacker cracks credentials like passwords.