Firewall Support Interview Questions & Answers

  1. Question 1. What Is Firewall?

    Answer :

    A firewall is a hardware or software installed to provide security to the private networks connected to the internet. They can be implemented in both hardware and A firewall is a hardware or software installed to provide security to the private networks connected to the internet. They can be implemented in both hardware and software, or a combination of both. All data entering or leaving the Intranet passes through the firewall which allows only the data meeting the administrators’ rules to pass through, or a combination of both. All data entering or leaving the Intranet passes through the firewall which allows only the data meeting the administrators’ rules to pass through it.

  2. Question 2. What Is Log Processing?

    Answer :

    How audit logs are processed, searched for key events, or summarized.

  3. Network Security Interview Questions

  4. Question 3. Define Digital Signatures?

    Answer :

    Digital signature is an attachment to an electronic message used for security purpose. It is used to verify the authenticity of the sender.

  5. Question 4. What Is Access Control Lists?

    Answer :

    Rules for packet filters (typically routers) that define which packets to pass and which to block.

  6. Network Security Tutorial

  7. Question 5. What Are The Types Of Firewalls?

    Answer :

    Packet Filtering Firewall: This type of Firewall detects packets and block unnecessary packets and makes network traffic release.

    Screening Router Firewalls: It’s a software base firewall available in Router provides only light filtering.

    Computer-based Firewall: It’s a firewall stored in server with an existing Operating System like Windows and UNIX.

    Hardware base Firewall: Its device like box allows strong security from public network. Mostly used by big networks.

    Proxy Server: Proxy server allows all clients to access Internet with different access limits. Proxy server has its own firewall which filters the all packet from web server.

  8. Internet Security Interview Questions

  9. Question 6. What Is Ip Spoofing?

    Answer :

    An attack whereby a system attempts to illicitly impersonate another system by using its IP network address.

    In computer networking, the term IP address spoofing or IP spoofing refers to the creation of Internet Protocol (IP) packets with a forged source IP address, called spoofing, with the purpose of concealing the identity of the sender or impersonating another computing system.

  10. Question 7. What Is Defense In Depth?

    Answer :

    The security approach whereby each system on the network is secured to the greatest possible degree. May be used in conjunction with firewalls.

  11. Internet Security Tutorial
    Computer Network Security Interview Questions

  12. Question 8. What Is The Public Key Encryption?

    Answer :

    Public key encryption use public and private key for encryption and decryption. In this mechanism, public key is used to encrypt messages and only the corresponding private key can be used to decrypt them. To encrypt a message, a sender has to know recipient’s public key.

  13. Question 9. What Is Worm?

    Answer :

    A standalone program that, when run, copies itself from one host to another, and then runs itself on each newly infected host. The widely reported ‘Internet Virus’ of 1988 was not a virus at all, but actually a worm.

  14. Veritas Volume Manager (VVM or VxVM) Interview Questions

  15. Question 10. Explain Abuse Of Privilege?

    Answer :

    When a user performs an action that they should not have, according to organizational policy or law.

  16. Question 11. What Is Data Encryption?

    Answer :

    Data encryption ensures data safety and very important for confidential or critical data. It protect data from being read, altered or forged while transmission.

  17. Spotfire (TIBCO) Interview Questions

  18. Question 12. What Is Uthentication?

    Answer :

    The process of determining the identity of a user that is attempting to access a system.
    authentication is a process that can verify pc identity(user name and pass etc)

  19. Network Security Interview Questions

  20. Question 13. What Is Least Privilege?

    Answer :

    Designing operational aspects of a system to operate with a minimum amount of system privilege. This reduces the authorization level at which various actions are performed and decreases the chance that a process or user with high privileges may be caused to perform unauthorized activity resulting in a security breach.

  21. Question 14. What Is Authentication Token?

    Answer :

    A portable device used for authenticating a user. Authentication tokens operate by challenge/response, time-based code sequences, or other techniques. This may include paper-based lists of one-time passwords.

  22. Question 15. What Is Tunneling Router?

    Answer :

    A router or system capable of routing traffic by encrypting it and encapsulating it for transmission across an untrusted network, for eventual de-encapsulation and decryption.

  23. Cisco Unified Computing System Interview Questions

  24. Question 16. What Is Cryptographic Checksum?

    Answer :

    A one-way function applied to a file to produce a unique “fingerprint” of the file for later reference. Checksum systems are a primary means of detecting filesystem tampering on Unix.

  25. Question 17. Explain You Are Currently Designing Your Own Desktop Publishing Application, As You Have Not Found Any That?

    Answer :

    You are currently designing your own Desktop Publishing application, as you have not found any that do exactly what you want with existing applications. As part of the design you are using a Controller to which you send all GUI requests. Not all objects can process the same commands. For example you can?t select the spell check tool when an image has the focus. To stop any possible errors you would like to filter out some of the messages as they are passed from these objects to.

  26. Virtual Private Network (VPN) Interview Questions

  27. Question 18. What Is Ip Splicing/hijacking?

    Answer :

    An attack whereby an active, established, session is intercepted and co-opted by the attacker. IP Splicing attacks may occur after an authentication has been made, permitting the attacker to assume the role of an already authorized user. Primary protections against IP Splicing rely on encryption at the session or network layer.

  28. Internet Security Interview Questions

  29. Question 19. What Is Screened Host?

    Answer :

    A host on a network behind a screening router. The degree to which a screened host may be accessed depends on the screening rules in the router.

  30. Question 20. What Is Dns Spoofing?

    Answer :

    Assuming the DNS name of another system by either corrupting the name service cache of a victim system, or by compromising a domain name server for a valid domain.

  31. CheckPoint Firewall Interview Questions

  32. Question 21. What Is Bastion Host?

    Answer :

    A system that has been hardened to resist attack, and which is installed on a network in such a way that it is expected to potentially come under attack. Bastion hosts are often components of firewalls, or may be “outside” web servers or public access systems. Generally, a bastion host is running some form of general purpose operating system (e.g., Unix, VMS, NT, etc.) rather than a ROM-based or firmware operating system.

  33. Question 22. What Is Screened Subnet?

    Answer :

    A subnet behind a screening router. The degree to which the subnet may be accessed depends on the screening rules in the router.

  34. Question 23. What Is Dual Homed Gateway?

    Answer :

    A dual homed gateway is a system that has two or more network interfaces, each of which is connected to a different network. In firewall configurations, a dual homed gateway usually acts to block or filter some or all of the traffic trying to pass between the networks.

  35. Cisco Network Engineer Interview Questions

  36. Question 24. What Is Log Retention?

    Answer :

    How long audit logs are retained and maintained.

  37. Computer Network Security Interview Questions

  38. Question 25. What Is Perimeter-based Security?

    Answer :

    The technique of securing a network by controlling access to all entry and exit points of the network.

  39. Question 26. Which Feature On A Firewall Can Be Used For Mitigating Ip Spoofing Attacks?

    Answer :

    Access control list can be used for the purpose.

  40. Cisco Asa Firewall Interview Questions

  41. Question 27. What Type Of Firewall Can Be Used To Block A Web Security Threat?

    Answer :

    A web application firewall or a layer 7 firewall can be used for the purpose.

  42. Veritas Volume Manager (VVM or VxVM) Interview Questions

  43. Question 28. Which Fields In A Packet Does A Network Layer Firewall Look Into For Making Decisions?

    Answer :

    IP and transport layer headers for information related to source and destination IP addresses, port numbers etc.

  44. Question 29. Which Is The Main Field In An Ip Header , Which Is Modified By A Nat Firewall?

    Answer :

    The source IP address in the IP header.

  45. Question 30. Which Feature On A Cisco Firewall Can Be Used For Protection Against Tcp Syn Flood Attacks?

    Answer :

    TCP intercept feature.

  46. Question 31. What Is The Difference Between Gateway And Firewall?

    Answer :

    A Gateway joins two networks together and a network firewall protects a network against unauthorized incoming or outgoing access. Network firewalls may be hardware devices or software programs.

  47. Question 32. What Is The Difference Between Stateful & Stateless Firewall?

    Answer :

    Stateful firewall – A Stateful firewall is aware of the connections that pass through it. It adds and maintains information about users connections in state table, referred to as a connection table. It than uses this connection table to implement the security policies for users connections. Example of stateful firewall are PIX, ASA, Checkpoint.

    Stateless firewall – (Packet Filtering) Stateless firewalls on the other hand, does not look at the state of connections but just at the packets themselves. Example of a packet filtering firewall is the Extended Access Control Lists on Cisco IOS Routers.

  48. Question 33. What Information Does Stateful Firewall Maintains?

    Answer :

    Stateful firewall maintains following information in its State table:-

    1. Source IP address.
    2. Destination IP address.
    3. IP protocol like TCP, UDP.
    4. IP protocol information such as TCP/UDP Port Numbers, TCP Sequence Numbers, and TCP Flags.
  49. Spotfire (TIBCO) Interview Questions

  50. Question 34. Firewalls Works At Which Layers?

    Answer :

    Firewalls work at layer 3, 4 & 7.

  51. Question 35. Explain Dmz (demilitarized Zone) Server?

    Answer :

    If we need some network resources such as a Web server or FTP server to be available to outside users we place these resources on a separate network behind the firewall called a demilitarized zone (DMZ). The firewall allows limited access to the DMZ, but because the DMZ only includes the public servers, an attack there only affects the servers and does not affect the inside network.

  52. Question 36. How Asa Works In Reference To Traceroute?

    Answer :

    ASA does not decrement the TTL value in traceroute because it does not want to give its information to others for security purpose. It forwards it without decrementing the TTL Value.

  53. Cisco Unified Computing System Interview Questions

  54. Question 37. What If We Apply Acl As Global In Asa?

    Answer :

    It will be applied on all interfaces towards inbound. Global option is only in ASA 8.4 not in ASA 8.2

  55. Question 38. What Are The Different Types Of Acl In Firewall?

    Answer :

    1.Standard ACL
    2.Extended ACL
    3.Ethertype ACL (Transparent Firewall)
    4.Webtype ACL (SSL VPN)

  56. Question 39. What Is The Difference In Acl On Asa Than On Router?

    Answer :

    In router, if we delete one access-control entry whole ACL will be deleted. In ASA, if we will delete one access-control entry whole ACL will not be deleted.

  57. Question 40. What Is The Need Of Transparent Firewall?

    Answer :

    If we want to deploy a new firewall into an existing network it can be a complicated process due to various issues like IP address reconfiguration, network topology changes, current firewall etc. We can easily insert a transparent firewall in an existing segment and control traffic between two sides without having to readdress or reconfigure the devices.

  58. Virtual Private Network (VPN) Interview Questions

  59. Question 41. What Is Tranparent Firewall?

    Answer :

    In Transparent Mode, ASA acts as a Layer 2 device like a bridge or switch and forwards Ethernet frames based on destination MAC-address.

  60. Question 42. Explain Ether-type Acl?

    Answer :

    In Transparent mode, unlike TCP/IP traffic for which security levels are used to permit or deny traffic all non-IP traffic is denied by default. We create Ether-Type ACL to allow NON-IP traffic. We can control traffic like BPDU, IPX etc with Ether-Type ACL.

  61. CheckPoint Firewall Interview Questions

  62. Question 43. Explain Failover?

    Answer :

    Failover is a cisco proprietary feature. It is used to provide redundancy. It requires two identical ASAs to be connected to each other through a dedicated failover link. Health of active interfaces and units are monitored to determine if failover has occurred or not.

  63. Question 44. What Is The Difference Between Stateful Failover And Stateless Failover?

    Answer :

    Stateless Failover: When failover occurs all active connections are dropped. Clients need to re-establish connections when the new active unit takes over.

    Stateful Failover: The active unit continually passes per-connection state information to the standby unit. After a failover occurs, the same connection information is available at the new active unit. Clients are not required to reconnect to keep the same communication session.

  64. Question 45. What Information Active Unit Passes To The Standby Unit In Stateful Failover?

    Answer :

    NAT translation table, TCP connection states, The ARP table, The Layer 2 bridge table (when running in transparent firewall mode), ICMP connection state etc.

  65. Question 46. What Are The Failover Requirements Between Two Devices?

    Answer :

    Hardware Requirements: The two units in a failover configuration must be the same model, should have same number and types of interfaces.

    Software Requirements: The two units in a failover configuration must be in the same operating modes (routed or transparent single or multiple context). They must have the same software version.

  66. Question 47. Explain Active/standby Failover?

    Answer :

    In Active/Standby Failover, one unit is the active unit which passes traffic. The standby unit does not actively pass traffic. When Failover occurs, the active unit fails over to the standby unit, which then becomes active. We can use Active/Standby Failover for ASAs in both single or multiple context mode.

  67. Question 48. Explain Security Context?

    Answer :

    We can partition a Single ASA into multiple virtual devices, known as Security Contexts. Each Context acts as an independent device, with its own security policy, interfaces, and administrators. Multiple contexts are similar to having multiple standalone devices.

  68. Question 49. What Features Are Supported In Multiple Context Mode?

    Answer :

    Routing tables, Firewall features, IPS, and Management.

  69. Question 50. What Features Are Not Supported In Multiple Context Mode?

    Answer :

    VPN and Dynamic Routing Protocols.