#interview #cybersecurity
🔶Data Leakage can be divided into 3 categories based on how it happens:

🚀Accidental Breach: An entity unintentionally send data to an unauthorized person due to a fault or a blunder
🚀Intentional Breach: The authorized entity sends data to an unauthorized entity on purpose
🚀System Hack: Hacking techniques are used to cause data leakage

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

🖥You can prevent MITM attack by using the following practices:

Use VPN
Use strong WEP/WPA encryption
Use Intrusion Detection Systems
Force HTTPS
Public Key Pair Based Authentication

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

☑️دوره های آموزشی رایگان Google در سال میلادی جدید:
➖Agile Project Management
➖Project Execution: Running the Project
➖Foundations of Project Management
➖Project Initiation: Starting a Successful Project
➖Project Planning: Putting It All Together
➖Google Analytics for Power Users
➖Fundamentals of digital marketing
➖Python Basics for Data Analysis
➖Data Science Foundations
➖Google Analytics for Beginners
➖Advanced Google Analytics
➖Get started with Google Maps Platform
➖Google Cloud Computing Foundations
➖Google Cloud Computing Foundations
➖Data, ML, and AI in Google Cloud
➖Google Cloud Computing Foundations: Networking and Security in Google Cloud
➖Machine Learning Crash Course
➖Basics of Machine Learning
➖Data Science with Python

⬅️(امکان ثبت نام و دریافت محتوای آموزشی با شماره موبایل ایران هم وجود دارد.)

🆔 @PingChannel
خبر، تحلیل، انتقاد - فناوری اطلاعات

🚀You can prevent Phishing attacks by using the following practices:

Don’t enter sensitive information in the webpages that you don’t trust
Verify the site’s security
Use Firewalls
Use AntiVirus Software that has Internet Security
Use Anti-Phishing Toolbar

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

How Do You Design an Email Spam Filter?

Building a spam filter involves the following process:

The email spam filter will be fed with thousands of emails

Each of these emails already has a label: ‘spam’ or ‘not spam.’
The supervised machine learning algorithm will then determine which type of emails are being marked as spam based on spam words like the lottery, free offer, no money, full refund, etc.
The next time an email is about to hit your inbox, the spam filter will use statistical analysis and algorithms like Decision Trees and SVM to determine how likely the email is spam
If the likelihood is high, it will label it as spam, and the email won’t hit your inbox
Based on the accuracy of each model, we will use the algorithm with the highest accuracy after testing all the models

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

#interview
🥏How Do You Handle Missing or Corrupted Data in a Dataset?
One of the easiest ways to handle missing or corrupted data is to drop those rows or columns or replace them entirely with some other value.

There are two useful methods in Pandas:

IsNull() and dropna() will help to find the columns/rows with missing data and drop them

Fillna() will replace the wrong values with a placeholder value

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

Why are elliptic curves used in cryptography?

🔸The elliptic curve provides security similar to classical systems (such as RSA), but uses far fewer bits
🔹Implementation of elliptic curves in cryptography requires a smaller chip size, less power consumption, an increase in speed, etc.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

🪝SQL Injection (SQLi) is a code injection attack where an attacker manipulates the data being sent to the server to execute malicious SQL statements to control a web application’s database server, thereby accessing, modifying and deleting unauthorized data. This attack is mainly used to take over database servers.

You can prevent SQL Injection attacks by using the following practices:

Use prepared statements
Use Stored Procedures
Validate user input

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

🚧What do you mean by a Null Session?

A null session occurs when a user is not authorized using either a username or a password. It can provide a security concern for apps because it implies that the person making the request is unknown.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

What are the types of consensus algorithms in blockchain?
🔺Proof of Work (POW)
🔺Proof of Stake (POS)
🔺Practical Byzantine Fault Tolerance (PBFT)

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

🚧What do you mean by brute force in the context of Cyber Security?

A brute force attack is a cryptographic assault that uses a trial-and-error approach to guess all potential combinations until the correct data is discovered. This exploit is commonly used by cybercriminals to gain personal information such as passwords, login credentials, encryption keys, and PINs. It is very easy for hackers to implement this.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

🖥 سری ویدیو های آموزشی Node.Js
👨‍💻مدرس : میثم منصف

🔹آشنایی مقدماتی با nodejs
⛓https://youtu.be/Vjb6l8xNRAQ
🔹آشنایی با معماری نود جی اس(Node.js)
⛓https://youtu.be/guOhZ20ZGwg
🔹نصب محیط برنامه نویسی نود جی اس
⛓https://youtu.be/6n3ebW3z0rc
🔹نصب نود جی اس روی لینوکس
⛓https://youtu.be/f_fgncga6qQ
🔹راه اندازی phpstorm و Nodemon
⛓https://youtu.be/Fb6t4GeYbHM
🔹متغییر ها در نود جی اس
⛓https://youtu.be/-XxYjeFCRqA
🔹توابع در نود جی اس
⛓https://youtu.be/0yRI2rcAMdc
🔹تعیین سطح دسترسی و محدوده در نود جی اس
⛓https://youtu.be/Xy1P58RXWKY
🔹آشنایی با لاگ در نود جی اس
⛓https://youtu.be/xo4IFyoLs4U
🔹آشنایی با Async در نود جی اس
⛓https://youtu.be/-697ez4e6vw

🔝 @InfoSecTube
🖥 🖥 youtube
🍁 instagram.com/info_sec_tube

🚀How can you avoid a brute force attack?

Brute Force attack can also be avoided by the following methods:-

Limit the number of failed login attempts.
By altering the sshd_config file, you can make the root user unreachable via SSH.
Instead of using the default port, change it in your sshd config file.
Make use of Captcha.
Limit logins to a certain IP address or range of IP addresses.
Authentication using two factors
URLs for logging in that are unique
Keep an eye on the server logs.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

📌وبسایت‌هایی برای دریافت رایگان کتاب و مقالهٔ انگلیسی
📥دریافت کتاب:
اول، بر اساس موضوعی که در نظر دارید، کتاب دلخواه‌تان را با استفاده از کلیدواژه‌های مناسب، در یکی از بانک‌های اطلاعاتیِ کتاب، مانند وبسایت‌های زیر جست‌وجو کنید:

1️⃣ آمازون‌‌ (amazon.com)
2️⃣ انتشارات دانشگاه آکسفورد (global.oup.com)
3️⃣ انتشارات دانشگاه کمبریج (cambridge.org)
4️⃣ انتشارات وایلی (wiley.com)

وقتی کتاب دلخواه را یافتید، عنوان آن را در یکی از وبسایت‌های زیر جست‌وجو و PDF آن را دریافت کنید.
🌐 www.b-ok.org
🌐 www.bookfi.net

📥دریافت مقاله:
اول، بر اساس موضوعی که در نظر دارید، با استفاده از کلیدواژه‌های مناسب، مقالهٔ دلخواه را در یکی از بانک‌های اطلاعاتیِ مقالات علمی، مانند وبسایت‌های زیر پیدا کنید:

1️⃣ امِرآلد (emeraldinsight.com)
2️⃣ ساینس‌دایرکت (sciencedirect.com)
3️⃣ جی‌استور (jstor.org)
4️⃣ اشپرینگر (springer.com)
5️⃣ پابمد (ncbi.nlm.nih.gov/pubmed)

سپس عنوان مقاله، یا DOI مقاله، یا نشانیِ صفحه‌ای را که مقاله در آن است، در وبسایت sci-hub.tw وارد کنید یا فقط عنوان مقاله را در وبسایت booksc.org وارد کنید و PDF مقاله را بگیرید.
🌐 https://sci-hub.tw
🌐 https://booksc.org


🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

What is a smart contract security audit?

A smart contract security audit is a detailed review of the code in a project’s smart contracts. These are important to safeguard funds invested through them. As all transactions on the blockchain are final and immutable, funds cannot be retrieved should they be stolen.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

Differentiate between Information protection and information assurance.

💥Information protection protects data from unauthorized access by utilizing encryption, security software, and other methods.

🔥Information Assurance ensures the data's integrity by maintaining its availability, authentication, and secrecy, among other things.


🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

🖥 سری ویدیو های امنیت بلاکچین و قراردادهای هوشمند

🖥BSCS:Blockchain & Smart Contract Security - Distributed ledger technology (DLT)

👨‍💻مدرس : saeid ghasemshirazi
🧬لینک ویدیو:
⛓https://youtu.be/FSc860DW9CU

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

Which is faster public or private blockchain?

Private blockchains can process transactions in real-time, unlike public blockchains where consensus-building can take time. This is because a private blockchain has a more centralized network than a public blockchain, where the decision-making is much faster.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

🔥What do you mean by Network Sniffing?

Sniffing is a technique for evaluating data packets delivered across a network. This can be accomplished through the use of specialized software or hardware. Sniffing can be used for a variety of purposes, including:

Capture confidential information, such as a password.
Listen in on chat messaging
Over a network, keep an eye on a data package.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

What do you mean by System Hardening?

In general, system hardening refers to a set of tools and procedures for managing vulnerabilities in an organization's systems, applications, firmware, and other components.
The goal of system hardening is to lower security risks by lowering potential attacks and compressing the system's attack surface.
The many types of system hardening are as follows:

Hardening of databases
Hardening of the operating system
Hardening of the application
Hardening the server
Hardening the network


🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube