41⟩ Tell me how would an HTTP program handle state?
HTTP does not handle state natively. HTTP applications use cookies to handle the state of an application. The developer can also store data in the web server’s session.
Cryptography Teacher
Home Cryptography Cryptography Teacher
“Cryptography Teacher related Frequently Asked Questions by expert members with job experience as Cryptography Teacher. These questions and answers will help you strengthen your technical skills, prepare for the new job interview and quickly revise your concepts”
55 Cryptography Teacher Questions And Answers
42⟩ Tell me what is the difference between a public key cryptography and a private key for encrypting and signing content?
A send or recipient publishes his public key. You use the public key to encrypt content and your private key to sign the content. This is the standard form of communication with encryption and signing.
43⟩ Explain me what is RC4?
RC4 is a symmentric key, cryptographic algorithm developed by Ron Rivest. It uses stream cipher to create variable size keys.
44⟩ Explain what is RC5?
RC5 is the coding technique through which IR remote button keycode are coded and transmitted to the receiver......
45⟩ Explain me what should be implemented on a login page?
Whenever you transfer sensitive data, you need to use HTTPS. Ensure you answer this question with HTTPS and possibly how you would implement a conversion of HTTP to HTTPS.
46⟩ What is ElGamal Cryptosystem?
Along with RSA, there are other public-key cryptosystems proposed. Many of them are based on different versions of the Discrete Logarithm Problem.
ElGamal cryptosystem, called Elliptic Curve Variant, is based on the Discrete Logarithm Problem. It derives the strength from the assumption that the discrete logarithms cannot be found in practical time frame for a given number, while the inverse operation of the power can be computed efficiently.
Let us go through a simple version of ElGamal that works with numbers modulo p. In the case of elliptic curve variants, it is based on quite different number systems.
47⟩ Tell me what are some ways that the company can defend against XSS?
First, the programmers should defend against JS script added to a querystring. Also, remove JS from any input variables send through online forms and stored in a database.
48⟩ Explain me RSA Analysis?
The security of RSA depends on the strengths of two separate functions. The RSA cryptosystem is most popular public-key cryptosystem strength of which is based on the practical difficulty of factoring the very large numbers.
Encryption Function − It is considered as a one-way function of converting plaintext into ciphertext and it can be reversed only with the knowledge of private key d.
Key Generation − The difficulty of determining a private key from an RSA public key is equivalent to factoring the modulus n. An attacker thus cannot use knowledge of an RSA public key to determine an RSA private key unless he can factor n. It is also a one way function, going from p & q values to modulus n is easy but reverse is not possible.
49⟩ Do you know what is Cross Site Scripting or XSS?
Cross site scripting occurs when an attacker is able to inject executable code within JavaScript. This is done through a hacked database or poorly scrubbed querystring variables.
50⟩ What is symmetric Key Encryption?
The encryption process where same keys are used for encrypting and decrypting the information is known as Symmetric Key Encryption.
The study of symmetric cryptosystems is referred to as symmetric cryptography. Symmetric cryptosystems are also sometimes referred to as secret key cryptosystems.
51⟩ Explain me what are the two types of XSS?
Cross site scripting has two types of attacks: reflected and stored. A stored XSS hack allows the attacker to store malicious code within the database. The database content is served to the user from the database and can be used in private pages behind a secure login to gain access to site private data. The next is reflected, and this comes from the hacker sending the user a link that runs JS code within the pages directly from the querystring.
52⟩ Explain me about your home network?
Although there is no right answer for this question, it helps the candidate relax, while pushing them off script. From there, try probing into details and ask relevant questions about decisions.
Understanding how a person thinks about cybersecurity is just as important as knowing about the controls. Following the discussion as to why the candidate made specific decisions, you are likely to be asked, “What is the goal of information security within an organization?”
This helps the interviewer understand what you think about the role. Are you authoritarian and will be ready to stop the project because of a risk or is there a better way? This will also help them answer if the applicant is trustworthy.
53⟩ Tell me do you prefer Windows or Linux?
This question is more of a preference, but many network security professionals know linux to work with security. For instance, Linux is better to know when working with routers. Be honest with your answer and give pros and cons that relate to which one you prefer.
54⟩ Explain me what port is for ICMP or pinging?
Ping uses the ICMP protocol, which is a layer 3 protocol. Ping doesn’t use a port, so you want to note that this is a trick question if asked.
55⟩ What is asymmetric Key Encryption?
The encryption process where different keys are used for encrypting and decrypting the information is known as Asymmetric Key Encryption. Though the keys are different, they are mathematically related and hence, retrieving the plaintext by decrypting ciphertext is feasible.
