Log In Register

Top 50 Network Security Interview Questions You Must Prepare 27.Jul.2024

Q1. The Plain Text To Be Trmitted Has A Cyclic Redundancy Check (crc) Value Calculated, Which Is A Check Sum Based On The Contents Of The Text. Wep Calls This The ____ And Append It To The End Of The Text

Correct Answer: integrity check value (ICV)

Q2. What Is Another Name For Unsolicited E-mail Messages?

spam

Q3. What Is Kerberos Protocol?

Kerberos is an authentication protocol, it is named after a dog who is according to the Greek mythology, - is said to stand at the gates of Hades.In the terms of computer networking it is a collection of software used in large networks to authenticate and establish a user's claimed identity. It is developed by MIT and using a combination of encryption as well as distributed databases so that the user can log in start a session.

It has some disadvantages though. As I said Kereberos had been developed by MIT under the project Athena, - Kerberos is designed to authenticate the end users on the servers.

Q4. Why Does Active Ftp Not Work With Network Firewalls?

When a user initiates a connection with the FTP server, two TCP connections are established. The second TCP connection (FTP data connection) is initiated and established from the FTP server. When a firewall is between the FTP client and server, the firewall would block the connection initiated from the FTP server since it is a connection initiated from outside. To resolve this, Passive FTP can be used or the firewall rule can be modified to add the FTP server as trusted.

Q5. How Often Are Logs Reviewed?

Logs should be reviewed every day. This includes IDS logs, system logs, management station logs, etc. Not reviewing the logs is one of the biggest mistakes an organization can make. Events of interest should be investigated daily. It can be a very tedious task for a single person to do this job as their only assignment (unless they really enjoy it). It is better to have a log review rotation system amongst the security team.

Q6. What Is An Ip Grabber?

An ip grabber is a program that will find the ip address of another computer. Often used by hackers.

Q7. Where Is Your Organization's Security Policy Posted And What Is In It?

There should be an overall policy that establishes the direction of the organization and its security mission as well as roles and responsibilities. There can also be system-specific policies to address for individual systems. Most importantly, the policies should address the appropriate use of computing resources. In addition, policies can address a number of security controls from passwords and backups to proprietary information. There should be clear procedures and processes to follow for each policy. These policies should be included in the employee handbook and posted on a readily accessible intranet site.

Q8. How Does Symmetric Key Encryption Work?

Symmetric encryption requires that both parties (sender and receiver) know and have the exact same encryption key. This key is used both for encrypting and decrypting the data. Using the same encryption algorithm me that only those individuals that know or have the same key will be able to read any messages encrypted by the symmetric key.

Q9. A(n) ____ Finds Malicious Traffic And Deals With It Immediately?

IPS

Q10. What Is The Difference Between Network Security And Cryptography?

Cryptography is the deliberate attempt to obscure or scramble the information so that only an authorized receiver can see the message. Network security may employ cryptography, but has many other tools to secure a network, including firewalls, auditing, Intrusion Detection Systems, and so forth. Cryptography would be used only when trying to keep messages secret when sending them across a network or keeping information secret in a file.

Q11. What Is Your Organization's Password Policy?

A password policy should require that a password:

  • Be at least 8 characters long
  • Contain both alphanumeric and special characters
  • Change every 60 days
  • Cannot be reused after every five cycles
  • Is locked out after 3 failed attempts In addition, you should be performing regular password auditing to check the strength of passwords; this should also be documented in the password policy.

Q12. A ____ Is A Cumulative Package Of All Security Updates Plus Additional Features.

service pack

Q13. What Are The Tolerable Levels Of Impact Your Systems Can Have?

An organization must understand how an outage could impact the ability to continue operations. For example, you must determine how long systems can be down, the impact on cash flow, the impact on service level agreements, and the key resources that must be kept running.

Q14. A ____ Is A Single, Dedicated Hard Disk-based File Storage Device That Provides Centralized And Consolidated Disk Storage Available To Lan Users Through A Standard Network Connection?

NAS

Q15. A ____ Virus Can Interrupt Almost Any Function Executed By The Computer Operating System And Alter It For Its Own Malicious Purposes?

resident

Q16. What Applications And Services Are Specifically Denied By Your Organization's Security Policy?

Your organization’s security policy should specify applications, services, and activities that are prohibited. These can include, among others:

  • Viewing inappropriate material
  • Spam
  • Peer-to-peer file sharing
  • Instant messaging
  • Unauthorized wireless devices
  • Use of unencrypted remote connections such as Telnet and FTP

Q17. A(n) ____ Is A Computer Programming Language That Is Typically Interpreted Into A Language The Computer Can Understand?

scripting language

Q18. How Did Early Computer Security Work?

It was pretty simple- just passwords to protect one's computer. With the innovation of the internet, however, computers have increased security with firewalls and hundreds of anti-virus programs.

Q19. Which Protocol Does Https Uses At The Trport Layer For Sending And Receiving Data?

TCP

Q20. A(n) ____ Attack Makes A Copy Of The Trmission Before Sending It To The Recipient?

replay

Q21. A ____ Virus Infects The Master Boot Record Of A Hard Disk Drive?

boot

Q22. Targeted Attacks Against Financial Networks, Unauthorized Access To Information, And The Theft Of Personal Information Is Sometimes Known As ____?

cybercrime

Q23. ____ Typically Involves Using Client-side Scripts Written In Javascript That Are Designed To Extract Information From The Victim And Then Pass The Information To The Attacker?

Correct Answer: Cross site scripting (XSS)

Q24. ____ Enables The Attacker's Computer To Forward Any Network Traffic It Receives From Computer A To The Actual Router?

IP forwarding.

Q25. How Are Subnets Used To Improve Network Security?

Subnets improve network security and performance by arranging hosts into different logical groups. Subnetting is required when one network address needs to be distributed across multiple network segments. Subnetting is required when a company uses two or more types of network technologies like Ethernet and Token Ring.

Q26. Difference Between Network And Operating System Security?

Network security concentrates on the packets of information flowing between computer systems. Operating System security controls access to resources on the server itself. Therefore, the two are looking at different things in terms of security.

Q27. Encryption Under The Wpa2 Personal Security Model Is Accomplished By ____?

AES-CCMP

Q28. Explain In Mobile And Computer And Home Is It Possible That We See And Listen Person Voice And Activity Carefully For Destroying Their Privacy?

Yes, it can be possible by third party software in computer and 3g in mobile.In computer third software like skype can be better media of communication method.

Q29. How Does An Encryption Help Security Of An Network?

One of the key objectives of computer security is confidentiality - information is only available to those who are supposed to have access to it. Encryption helps protect confidentiality of information trmitted over a network by (if it works as intended) making it difficult or impossible for someone who is not authorized to have the information to make sense of it if they intercept the information in trit. In cases of data stored on a network, if it is stored in encrypted form, it can make it difficult or impossible for an attacker to get anything useful from the encrypted file.

Q30. What Is The Difference Between An Exploit And Vulnerability In Information Security?

A vulnerability is a weak point in a system. This implies a risk, especially to confidential information. An exploit is a me of taking advantage of the vulnerability and using it to take advantage of a system or network. Just because something has been identified as a vulnerability doesn't mean that it has been used to compromise a system. The presence of the exploit me someone has successfully used that weakness and taken advantage of it.

Q31. With Operating System Virtualization, A Virtual Machine Is Simulated As A Self-contained Software Environment By The ____ System (the Native Operating System To The Hardware)?

host

Q32. What Does Your Network/security Architecture Diagram Look Like?

The first thing you need to know to protect your network and systems is what you are protecting. You must know:

  • The physical topologies
  • Logical topologies (Ethernet, ATM, 802.11, VoIP, etc.)
  • Types of operating systems
  • Perimeter protection measures (firewall and IDS placement, etc.)
  • Types of devices used (routers, switches, etc.)
  • Location of DMZs
  • IP address ranges and subnets
  • Use of NAT In addition, you must know where the diagram is stored and that it is regularly updated as changes are made.

Q33. Under The _____ , Healthcare Enterprises Must Guard Protected Health Information And Implement Policies And Procedures To Safeguard It, Whether It Be In Paper Or Electronic Format?

HIPAA.

Q34. A Computer ____ Is A Program That Secretly Attaches Itself To A Legitimate "carrier," Such As A Document Or Program, And Then Executes When That Document Is Opened Or Program Is Launched?

virus

Q35. What Resources Are Located On Your Dmz?

Only systems that are semi-public should be kept on the DMZ. This includes external web servers, external mail servers, and external DNS. A split-architecture may be used where internal web, mail, and DNS are also located on the internal network.

Q36. What Are The Three Legs Of Network Security?

The three main tenets of security overall area: Confidentiality Availability Integrity.

Q37. Which Feature On A Cisco Ios Firewall Can Be Used To Block Incoming Traffic On A Ftp Server?

Extended ACL.

Q38. What Is Srm (security Reference Monitor)?

The Security Reference Monitor is the kernel mode component that does the actual access validation, as well as audit generation

Q39. What Is Sam (security Account Manager)?

SAM stands for Security Account Manager and is the one who maintains the security database, stored in the registry under HKLMSAM. It serves the Local Security Authority (LSA) with SIDs. The SAM maintains the user account database.

Q40. How Is Your Wireless Infrastructure Secured?

Wireless access must at least use WEP with 128-bit encryption. Although this provides some security, it is not very robust, which is why your wireless network should not be used for sensitive data. Consider moving to the 802.11i standard with AES encryption when it is finalized

Q41. Explain How Does Trace Route Work? Now How Does Trace Route Make Sure That The Packet Follows The Same Path That A Previous (with Ttl - 1) Probe Packet Went In?

First of all see traceroute works using ICMP packets. First source sends an ICMP packet with Time to Live (TTL) field as 1 to the destination address. Now intermediate router receives the packet and sees that TTL field has expired, so it sends a ICMP TTL expired reply. Now the source machine again sends the ICMP packet with TTL field as @This time second intermediate router replies. This process is repeated till destination is reached. That way the source can get the entire route upto destination.

Q42. ____, Also Called Add-ons, Represent A Specific Way Of Implementing Activex And Are Sometimes Called Activex Applications?

ActiveX controls.

Q43. The ____ Is The Link Between The Cellular Network And The Wired Telephone World And Controls All Trmitters And Base Stations In The Cellular Network?

MTSO

Q44. Instead Of The Web Server Asking The User For The Same Information Each Time She Visits That Site, The Server Can Store That User-specific Information In A File On The User's Local Computer And Then R

cookie

Q45. How Do You Prevent Ddos Attack?

You do not have much choice, only correctly configured firewall/iptables (which is not a trivial task to do) can help you to prevent it. But there is no 100%

Q46. ____ Work To Protect The Entire Network And All Devices That Are Connected To It?

NIPS

Q47. An Attacker Could Alter The Mac Address In The Arp Cache So That The Corresponding Ip Address Would Point To A Different Computer, Which Is Known As ____?

ARP poisoning.

Q48. Are You Performing Content Level Inspections?

In addition to the content level inspection performed by the IDS, specific content inspections should also be performed on web server traffic and other application traffic. Some attacks evade detection by containing themselves in the payload of packets, or by altering the packet in some way, such as fragmentation. Content level inspection at the web server or application server will protect against attacks such as those that are tunneled in legitimate communications, attacks with malicious data, and unauthorized application usage.

Q49. What Is Included In Your Disaster Recovery Plan?

Your disaster recovery plan (DRP) should include recovery of data centers and recovery of business operations. It should also include recovery of the accrual physical business location and recovery of the business processes necessary to resume normal operations. In addition, the DRP should address alternate operating sites.

Q50. How Often Is Your Disaster Recovery Plan Tested?

The plan is no good unless it is tested at least once a year. These tests will iron out problems in the plan and make it more efficient and successful if/when it is needed. Testing can include walkthroughs, simulation, or a full out implementation.