Network Security Interview Questions & Answers

  1. Question 1. Why Does Active Ftp Not Work With Network Firewalls?

    Answer :

    When a user initiates a connection with the FTP server, two TCP connections are established. The second TCP connection (FTP data connection) is initiated and established from the FTP server. When a firewall is between the FTP client and server, the firewall would block the connection initiated from the FTP server since it is a connection initiated from outside. To resolve this, Passive FTP can be used or the firewall rule can be modified to add the FTP server as trusted.

  2. Question 2. Which Feature On A Network Switch Can Be Used To Prevent Rogue Dhcp Servers?

    Answer :

    DHCP Snooping

  3. Networking Interview Questions

  4. Question 3. Which Feature On A Cisco Ios Firewall Can Be Used To Block Incoming Traffic On A Ftp Server?

    Answer :

    Extended ACL.

  5. Question 4. Name One Secure Network Protocol Which Can Be Used Instead Of Telnet To Manage A Router?

    Answer :

    SSH

  6. Networking Tutorial

  7. Question 5. Provide A Reason As To Why Https Should Be Used Instead Of Http?

    Answer :

    HTTP sends data in clear text whereas HTTPS sends data encrypted.

  8. Verilog Interview Questions

  9. Question 6. How Can You Prevent A Brute Force Attack On A Windows Login Page?

    Answer :

    Setup a account lockout for specific number of attempts, so that the user account would be locked up automatically after the specified number.

  10. Question 7. In An Icmp Address Mask Request, What Is The Attacker Looking For?

    Answer :

    The attacker is looking for the subnet/network mask of the victim. This would help the attacker to map the internal network.

  11. Penetration Testing Tutorial
    Switching Interview Questions

  12. Question 8. Why Is Ripv1 Insecure In A Network?

    Answer :

    RIPv1 does not use a password for authentication as with RIPv2. This makes it possible to attackers to send rogue RIP packets and corrupt the routing table.

  13. Question 9. Which Feature On A Network Switch Can Be Used To Protect Against Cam Flooding Attacks?

    Answer :

    Port-Security feature can be used for the same. In a cam flooding attack, the attacker sends a storm of mac-addresses (frames) with different values. The goal of the attacker is to fill up the cam table. Port-Security can be used to limit the number of mac-addresses allowed on the port.

  14. Firewall Support Interview Questions

  15. Question 10. Which Protocol Does Https Uses At The Transport Layer For Sending And Receiving Data?

    Answer :

    TCP

  16. Cryptography Tutorial

  17. Question 11. ____ Typically Involves Using Client-side Scripts Written In Javascript That Are Designed To Extract Information From The Victim And Then Pass The Information To The Attacker?

    Answer :

    Correct Answer: Cross site scripting (XSS)

  18. System Verilog Interview Questions

  19. Question 12. What Is Srm (security Reference Monitor)?

    Answer :

    The Security Reference Monitor is the kernel mode component that does the actual access validation, as well as audit generation

  20. Networking Interview Questions

  21. Question 13. In A Company Of 500 Employees, It Is Estimated That _____ Employees Would Be Required To Combat A Virus Attack?

    Answer :

    five employees.

  22. Digital Communication Tutorial

  23. Question 14. According To The Research Group Postini, Over ____ Of Daily E-mail Messages Are Unsolicited And Could Be Carrying A Malicious Payload?

    Answer :two-thirds.

  24. Question 15. A Software-based ____ Attempt To Monitor And Possibly Prevent Attempts To Attack A Local System?

    Answer :

    HIDS

  25. Penetration Testing Interview Questions

  26. Question 16. A Security ____ Focuses On The Administration And Management Of Plans, Policies, And People?

    Answer :

    manager.

  27. Question 17. Under The _____ , Healthcare Enterprises Must Guard Protected Health Information And Implement Policies And Procedures To Safeguard It, Whether It Be In Paper Or Electronic Format?

    Answer :HIPAA.

  28. Cryptography Interview Questions

  29. Question 18. How Did Early Computer Security Work?

    Answer :

    It was pretty simple- just passwords to protect one’s computer. With the innovation of the internet, however, computers have increased security with firewalls and hundreds of anti-virus programs.

  30. Verilog Interview Questions

  31. Question 19. What Is A Firewall?

    Answer :

    A Firewall is software that blocks unauthorized users from connecting to your computer. All computers at Bank Street are protected by a firewall which is monitored and updated by CIS.

  32. Question 20. Business ____ Theft Involves Stealing Proprietary Business Information Such As Research For A New Drug Or A List Of Customers That Competitors Are Eager To Acquire?

    Answer :data.

  33. Firewall (computing) Interview Questions

  34. Question 21. ____ Monitor Internet Traffic And Block Access To Preselected Web Sites And Files?

    Answer :

    Internet content filters.

  35. Question 22. What Is Another Name For Unsolicited E-mail Messages?

    Answer :

    spam

  36. Question 23. The ____ Is The Link Between The Cellular Network And The Wired Telephone World And Controls All Transmitters And Base Stations In The Cellular Network?

    Answer :

    MTSO

  37. Check Point Certified Security Administrator (CCSA) Interview Questions

  38. Question 24. ____ Technology Enables A Virtual Machine To Be Moved To A Different Physical Computer With No Impact To The Users?

    Answer :

    Live migration

  39. Switching Interview Questions

  40. Question 25. A(n) ____ Finds Malicious Traffic And Deals With It Immediately?

    Answer :

    IPS

  41. Question 26. A ____ Virus Infects The Master Boot Record Of A Hard Disk Drive?

    Answer :

    boot

  42. CheckPoint Firewall Interview Questions

  43. Question 27. Can Police Track An Ip Address After It Has Been Changed?

    Answer :

    Sometimes-for example, if the user has a dynamic IP address, and their IP address changes within this system as usual, it can generally be tracked. If the user uses a proxy service to make their IP address appear as if it is located in some random other p

  44. Firewall Support Interview Questions

  45. Question 28. ____ Is A Software Program That Delivers Advertising Content In A Manner That Is Unexpected And Unwanted By The User?

    Answer :

    Adware

  46. Question 29. Encryption Under The Wpa2 Personal Security Model Is Accomplished By ____?

    Answer :

    AES-CCMP

  47. Digital Communication Interview Questions

  48. Question 30. According To The 2007 Fbi Computer Crime And Security Survey, The Loss Due To The Theft Of Confidential Data For 494 Respondents Was Approximately ____?

    Answer :

    $10 million.

  49. Question 31. ____, Also Called Add-ons, Represent A Specific Way Of Implementing Activex And Are Sometimes Called Activex Applications?

    Answer :

    ActiveX controls.

  50. Question 32. What Is A Sid (security Id)?

    Answer :

    SID stands for Security Identifier and is an internal value used to uniquely identify a user or a group. A SID contain * User and group security descriptors * 48-bit ID authority * Revision level * Variable sub authority values

  51. Siemens PLC Interview Questions

  52. Question 33. ____ Can Fully Decode Application-layer Network Protocols. Once These Protocols Are Decoded, The Different Parts Of The Protocol Can Be Analyzed For Any Suspicious Behavior?

    Answer :

    Protocol analyzers

  53. System Verilog Interview Questions

  54. Question 34. A ____ Is A Computer Program Or A Part Of A Program That Lies Dormant Until It Is Triggered By A Specific Logical Event?

    Answer :

    logic bomb

  55. Question 35. A ____ Is A Cumulative Package Of All Security Updates Plus Additional Features.

    Answer :

    service pack

  56. Question 36. The Goal Of ____ Is To Prevent Computers With Suboptimal Security From Potentially Infecting Other Computers Through The Network?

    Answer :

    NAC

  57. Penetration Testing Interview Questions

  58. Question 37. ____ Is A Windows Vista And Windows Xp Service Pack 2 (sp2) Feature That Prevents Attackers From Using Buffer Overflow To Execute Malware?

    Answer :

    DEP

  59. Question 38. ____ Are Portable Communication Devices That Function In A Manner That Is Unlike Wired Telephones?

    Answer :

    Cell phones

  60. Question 39. A ____ Is A Single, Dedicated Hard Disk-based File Storage Device That Provides Centralized And Consolidated Disk Storage Available To Lan Users Through A Standard Network Connection?

    Answer :

    NAS

  61. Question 40. What Is Administrator Privileges When Trying To Install A Download?

    Answer :

    Administrator privileges allows the user full access to a program or network second only to the system account. If you don’t have administrator privileges, you cannot do certain things You may be able use a program, but not upgrade it.

  62. Cryptography Interview Questions

  63. Question 41. With Operating System Virtualization, A Virtual Machine Is Simulated As A Self-contained Software Environment By The ____ System (the Native Operating System To The Hardware)?

    Answer :

    host

  64. Question 42. While Most Attacks Take Advantage Of Vulnerabilities That Someone Has Already Uncovered, A(n) ____ Occurs When An Attacker Discovers And Exploits A Previously Unknown Flaw?

    Answer :

    zero day

  65. Firewall (computing) Interview Questions

  66. Question 43. ____ Enables The Attacker’s Computer To Forward Any Network Traffic It Receives From Computer A To The Actual Router?

    Answer :

    IP forwarding.

  67. Question 44. A(n) ____ Is A Computer Programming Language That Is Typically Interpreted Into A Language The Computer Can Understand?

    Answer :

    scripting language

  68. Question 45. In A ____ Attack, Attackers Can Attackers Use Hundreds Or Thousands Of Computers In An Attack Against A Single Computer Or Network?

    Answer :

    distributed

  69. Question 46. What Is The Maximum Fine For Those Who Wrongfully Disclose Individually Identifiable Health Information With The Intent To Sell It?

    Answer :

    $250,000

  70. Question 47. _____ Ensures That Information Is Correct And That No Unauthorized Person Or Malicious Software Has Altered That Data?

    Answer :

    Integrity

  71. Question 48. The Plain Text To Be Transmitted Has A Cyclic Redundancy Check (crc) Value Calculated, Which Is A Check Sum Based On The Contents Of The Text. Wep Calls This The ____ And Append It To The End Of The Text?

    Answer :

    Correct Answer: integrity check value (ICV)

  72. Question 49. The _____ Act Is Designed To Broaden The Surveillance Of Law Enforcement Agencies So They Can Detect And Suppress Terrorism?

    Answer :

    USA Patriot

  73. Question 50. The Single Most Expensive Malicious Attack Was The 2000 ____, Which Cost An Estimated $8.7 Billion?

    Answer :

    Love Bug.

  74. Question 51. Live Migration Can Be Used For ____; If The Demand For A Service Or Application Increases, Then Network Managers Can Quickly Move This High-demand Virtual Machine To Another Physical Server With More Ram Or Cpu Resources?

    Answer :

    load balancing

  75. Question 52. The ____ Are The Operating System Settings That Impose How The Policy Will Be Enforced?

    Answer :

    configuration baselines

  76. Question 53. ____ Involves Using Someone’s Personal Information, Such As Social Security Numbers, To Establish Bank Or Credit Card Accounts That Are Then Left Unpaid, Leaving The Victim With The Debts And Ruining Their Credit Rating?

    Answer :

    Identity theft

  77. Question 54. Targeted Attacks Against Financial Networks, Unauthorized Access To Information, And The Theft Of Personal Information Is Sometimes Known As ____?

    Answer :

    cybercrime

  78. Question 55. The Goal Of ____ Is To Make It Harder To Predict Where The Operating System Functionality Resides In Memory?

    Answer :

    ASLR

  79. Question 56. Instead Of The Web Server Asking The User For The Same Information Each Time She Visits That Site, The Server Can Store That User-specific Information In A File On The User’s Local Computer And Then Retrieve It Later. This File Is Called A(n) ____?

    Answer :

    cookie

  80. Question 57. One Type Of Virtualization In Which An Entire Operating System Environment Is Simulated Is Known As ____ Virtualization?

    Answer :

    operating system

  81. Question 58. Wep Accomplishes Confidentiality By Taking Unencrypted Text And Then Encrypting Or “scrambling” It Into ____ So That It Cannot Be Viewed By Unauthorized Parties While Being Transmitted?

    Answer :

    ciphertext.

  82. Question 59. ____ Authentication Is Based Upon The Fact That Only Pre-approved Wireless Devices Are Given The Shared Key?

    Answer :

    Shared key

  83. Question 60. ____ Work To Protect The Entire Network And All Devices That Are Connected To It?

    Answer :

    NIPS

  84. Question 61. Flash Memory Is A Type Of ____, Non Volatile Computer Memory That Can Be Electrically Erased And Rewritten Repeatedly?

    Answer :

    EEPROM

  85. Question 62. What Is The Primary Function Of A Firewall?

    Answer :

    Its primary function is to prevent accesses from untrusted (or undesired) external systems to internal systems and services, and to prevent internal users and systems to access external untrusted or undesired systems and services. More generally, its pur

  86. Question 63. ____ Hinges On An Attacker Being Able To Enter An Sql Database Query Into A Dynamic Web Page?

    Answer :

    SQL injection

  87. Question 64. ____ Are Designed To Inspect Traffic, And Based On Their Configuration Or Security Policy, They Can Drop Malicious Traffic?

    Answer :

    NIPS

  88. Question 65. An Attacker Could Alter The Mac Address In The Arp Cache So That The Corresponding Ip Address Would Point To A Different Computer, Which Is Known As ____?

    Answer :

    ARP poisoning.

  89. Question 66. Creating And Managing Multiple Server Operating Systems Is Known As ____ Virtualization?

    Answer :

    server

  90. Question 67. A ____ Is A Program Advertised As Performing One Activity But Actually Does Something Else?

    Answer :

    Trojan

  91. Question 68. A(n) ____ Attack Makes A Copy Of The Transmission Before Sending It To The Recipient?

    Answer :

    replay

  92. Question 69. ____ Is An Image Spam That Is Divided Into Multiple Images?

    Answer :

    GIF layering

  93. Question 70. A Computer ____ Is A Program That Secretly Attaches Itself To A Legitimate “carrier,” Such As A Document Or Program, And Then Executes When That Document Is Opened Or Program Is Launched?

    Answer :

    virus

  94. Question 71. _____ Ensures That Only Authorized Parties Can View Information?

    Answer :

    Confidentiality

  95. Question 72. Coppa Requires Operators Of Online Services Or Web Sites Designed For Children Under The Age Of _____ To Obtain Parental Consent Prior To The Collection, Use, Disclosure, Or Display Of A Child’s Personal Information?

    Answer :

    13

  96. Question 73. ____ Is A Process Of Ensuring That Any Inputs Are “clean” And Will Not Corrupt The System?

    Answer :

    Input validation

  97. Question 74. In Order To Avoid Detection Some Viruses Can Alter How They Appear. These Are Known As ____ Viruses?

    Answer :

    metamorphic

  98. Question 75. ____ Is A Language Used To View And Manipulate Data That Is Stored In A Relational Database?

    Answer :

    SQL

  99. Question 76. What Is The Most Secure Operating System?

    Answer :

    Security is a difficult and sometimes controversial thing to analyze. The only truly “secure” operating systems are those that have no contact with the outside world. The firmware in your DVD player is a good example. Among all modern general purpose op.

  100. Question 77. What Do You Do If Spybot Will Not ‘immunize’?

    Answer :

    redownload spybot.

  101. Question 78. The Goal Of A ____ Is To Hide The Ip Address Of Client Systems Inside The Secure Network?

    Answer :

    proxy server

  102. Question 79. ____ Uses “speckling” And Different Colors So That No Two Spam E-mails Appear To Be The Same?

    Answer :

    Geometric variance

  103. Question 80. What Is Sam (security Account Manager)?

    Answer :

    SAM stands for Security Account Manager and is the one who maintains the security database, stored in the registry under HKLMSAM. It serves the Local Security Authority (LSA) with SIDs. The SAM maintains the user account database.

  104. Question 81. Today’s Computer Systems Have A(n) ____ Chip In Which The Contents Can Be Rewritten To Provide New Functionality?

    Answer :

    PROM

  105. Question 82. ____ Is A Means Of Managing And Presenting Computer Resources By Function Without Regard To Their Physical Layout Or Location?

    Answer :

    Virtualization

  106. Question 83. A ____ Virus Can Interrupt Almost Any Function Executed By The Computer Operating System And Alter It For Its Own Malicious Purposes?

    Answer :

    resident

  107. Question 84. Why Is Wep Security Not Recommended For Wireless Networks?

    Answer :

    WEP security is easily compromised – usually in 60 seconds or less. Part of the problem is that WEP security was developed for backward compatibility with older devices and is a less strong security measure.

  108. Question 85. Besides Default Rule Sets, What Activities Are Actively Monitored By Your Ids?

    Answer :

    IDSs come with default rule sets to look for common attacks. These rule sets must also be customized and augmented to look for traffic and activities specific to your organization’s security policy. For example, if your organization’s security policy prohibits peer-to-peer communications, then a rule should be created to watch for that type of activity. In addition, outbound traffic should be watched for potential Trojans and backdoors.

  109. Question 86. What Type Of Traffic Are You Denying At The Firewall?

    Answer :

    There should be a default deny rule on all firewalls to disallow anything that is not explicitly permitted. This is more secure than explicitly denying certain traffic because that can create holes and oversights on some potentially malicious traffic.

  110. Question 87. Where Is Your Organization’s Security Policy Posted And What Is In It?

    Answer :

    There should be an overall policy that establishes the direction of the organization and its security mission as well as roles and responsibilities. There can also be system-specific policies to address for individual systems. Most importantly, the policies should address the appropriate use of computing resources. In addition, policies can address a number of security controls from passwords and backups to proprietary information. There should be clear procedures and processes to follow for each policy. These policies should be included in the employee handbook and posted on a readily accessible intranet site.

  111. Question 88. What Is Security Policy In A Distributed Network Environment?

    Answer :

    The security policy anything really, whatever your admin enforces. Everything from what programs you are allowed to what wallpaper you have can be controlled through GPO’s. Usually you will find the common one are that every computer has to get updates, every computer has to have an AV

  112. Question 89. What Is Preprocessing In Ids?

    Answer :

    Before analysis all the captured data needs to be organized in a particular format or pattern for the classification purpose this whole process of organizing data is known as preprocessing. In this process data that is collected from the IDS or IPS sensors needs to be put into some canonical format or a structured database format based on the preprocessing. Once the data is formatted it is further broken down into classifications, which totally depends on the analysis scheme used. Once the data is classified, it is concatenated and used along with predefined detection templates in which the variables are replaced with real-time data.

  113. Question 90. What Are The Tolerable Levels Of Impact Your Systems Can Have?

    Answer :

    An organization must understand how an outage could impact the ability to continue operations. For example, you must determine how long systems can be down, the impact on cash flow, the impact on service level agreements, and the key resources that must be kept running.

  114. Question 91. How Are Subnets Used To Improve Network Security?

    Answer :

    Subnets improve network security and performance by arranging hosts into different logical groups. Subnetting is required when one network address needs to be distributed across multiple network segments. Subnetting is required when a company uses two or more types of network technologies like Ethernet and Token Ring.

  115. Question 92. What Does Your Network/security Architecture Diagram Look Like?

    Answer :

    The first thing you need to know to protect your network and systems is what you are protecting. You must know:

    • The physical topologies
    • Logical topologies (Ethernet, ATM, 802.11, VoIP, etc.)
    • Types of operating systems
    • Perimeter protection measures (firewall and IDS placement, etc.)
    • Types of devices used (routers, switches, etc.)
    • Location of DMZs
    • IP address ranges and subnets
    • Use of NAT In addition, you must know where the diagram is stored and that it is regularly updated as changes are made.
  116. Question 93. What Security Measures Are In Place For In-house Developed Applications?

    Answer :

    Any development that is taking place in house should include security from the beginning of the development process. Security needs to be a part of standard requirements and testing procedures. Code reviews should be conducted by a test team to look for vulnerabilities such as buffer overflows and backdoors. For security reasons, it is not a good idea to subcontract development work to third parties.

  117. Question 94. Why Is 802.11 Wireless More Of A Security Problem Than Any Other Type Of Network?

    Answer :

    Wireless is typically less secure because it uses radio waves for transmission. In other words, you have your data “floating” in airspace which makes it more susceptible to being compromised (hacked). With a wired connection someone cannot “steal” your data frames (packets) unless they physically connect to the network cabling. Additionally, the level of security built into wireless technology is less advanced than that of wired networks. This is mainly due to the fact that 802.11 is a relatively newer protocol standard. Manufacturers (both hardware and software) are developing better security for wireless systems and it is possible to harden the security of a WLAN by using the current security protocols along with using some third-party software. For additional specific information read the RFC standards for 802.11.

  118. Question 95. What Resources Are Located On Your Internal Network?

    Answer :

    In addition to internal web, mail, and DNS servers, your internal network could also include databases, application servers, and test and development servers.

  119. Question 96. What Is Your Backup Policy?

    Answer :

    VPNs should be used for remote access and other sensitive communication. IPSEC is a great choice for this purpose. Strong encryption protocols such as 3DES and AES should be used whenever possible. Web access to sensitive or proprietary information should

  120. Question 97. You Are Working On A Router That Has Established Privilege Levels That Restrict Access To Certain Functions. You Discover That You Are Not Able To Execute The Command Show Running-configuration. How Can You View And Confirm The Access Lists That Have Been.

    Answer :

    show ip interface Ethernet 0 The only command that shows which access lists have been applied to an interface is show ip interface Ethernet 0. The command show access-lists displays all configured access lists, and show ip access-lists displays all configured IP access lists, but neither command indicates whether the displayed access lists have been applied to an interface.

  121. Question 98. What Is The Defining Difference Between Computer Security And Information Security?

    Answer :

    Ar 25-2

  122. Question 99. How Are You Monitoring For Trojans And Back Doors?

    Answer :

    In addition to periodic vulnerability scanning, outgoing traffic should be inspected before it leaves the network, looking for potentially compromised systems. Organizations often focus on traffic and attacks coming into the network and forget about monitoring outgoing traffic. Not only will this detect compromised systems with Trojans and backdoors, but it will also detect potentially malicious or inappropriate insider activity.

  123. Question 100. What Types Of Idss Does Your Organization Use?

    Answer :

    To provide the best level of detection, an organization should use a combination of both signature-based and anomaly-based intrusion detection systems. This allows both known and unknown attacks to be detected. The IDSs should be distributed throughout the network, including areas such as the Internet connection, the DMZ, and internal networks.

  124. Question 101. How Does An Encryption Help Security Of An Network?

    Answer :

    One of the key objectives of computer security is confidentiality – information is only available to those who are supposed to have access to it. Encryption helps protect confidentiality of information transmitted over a network by (if it works as intended) making it difficult or impossible for someone who is not authorized to have the information to make sense of it if they intercept the information in transit. In cases of data stored on a network, if it is stored in encrypted form, it can make it difficult or impossible for an attacker to get anything useful from the encrypted file.

  125. Question 102. How Can An Operating Systems Help Administrators Control A Network And Manage Security?

    Answer :

    To Abe able to manage and control a network properly, your computer would have to have server preferences. Server Operating Systems such as Microsoft Server 2008 can be used for security management over a network, but requires a fair bit of insight to operate and are mostly used by IT professionals only. Group Policy Controls, an Advanced firewall with by the minute updates, Network Access Protection, Network Policy and access System. Windows 7 has a few network security capabilities built in…

  126. Question 103. How Often Are You Performing Vulnerability Scanning?

    Answer :

    An organization should be performing vulnerability scanning as often as possible, depending on the size of the network. The scanning should be scheduled to allow adequate time to review the reports, discover anything that has changed, and mitigate the vulnerability.

  127. Question 104. Why Is Your Federal System A Double Security?

    Answer :

    because it contains top secret information.

  128. Question 105. How Often Are Your Systems Patched?

    Answer :

    Systems should be patched every time a new patch is released. Many organizations don’t patch regularly and tend to not patch critical systems because they don’t want to risk downtime. However, critical systems are the most important to patch. You must schedule regular maintenance downtime to patch systems. As vulnerabilities are discovered, attackers often release exploits even before system patches are available. Therefore, it is imperative to patch systems as soon as possible.

  129. Question 106. What Is Availability For Ia Security?

    Answer :

    One of the basic themes of IA is that it is composed of three principles – which have the memorable acronym CIA. C = confidentiality: only those who should be able to see the data can see it. I = integrity: the data is only changed by those authorized to change it and is not being corrupted accidentally or intentionally. A = availability: users can access the data when they want to or need to.

  130. Question 107. What Are The Specific Threats To Your Organization?

    Answer :

    In addition to identifying the critical business systems and processes, it is important to identify the possible threats to those systems as well as the organization as a whole. You should consider both external and internal threats and attacks using various entry points (wireless, malicious code, subverting the firewall, etc.). Once again, this will assist in implementing the appropriate security protections and creating business continuity and disaster recovery plans

  131. Question 108. How Does Symmetric Key Encryption Work?

    Answer :

    Symmetric encryption requires that both parties (sender and receiver) know and have the exact same encryption key. This key is used both for encrypting and decrypting the data. Using the same encryption algorithm means that only those individuals that know or have the same key will be able to read any messages encrypted by the symmetric key.

  132. Question 109. What Is Ring Protection In Sdh?

    Answer :

    Ring protection is a system where multiplexers are connected in a ring topology. If a single span fails traffic switches around the other side of the ring.

  133. Question 110. What Physical Security Controls Are In Place In Your Organization?

    Answer :

    Physical security is a large area that must be addressed by an organization. Examples of physical controls includes physical access controls (signs, locks, security guards, badges/PINs, bag search/scanning, metal detectors), CCTV, motion detectors, smoke and water detectors, and backup power generators.

  134. Question 111. What Is Meant By The Term Securing Your Perimeter Network Security?

    Answer :

    your perimeter network is the network you operate such as you have the internet and your network your network is your perimeter

  135. Question 112. Is Stand Alone Computer Secure?

    Answer :

    Of course viruses can be spread through floppy disks, usb keys or other methods so being a standalone computer not connected to any network doesn’t mean the computer can not be infected though the information cannot be leaked via the network to external persons. However, there is also physical security of the computer itself, and that where it gets interesting depending on who and what your trying to secure the pc from. If for instance the pc is sitting in a public area, and you are not worried just about external threats but also potential employee data theft then one should assume no information on the pc is secure even if the pc is standalone.

  136. Question 113. Which Layer Is Done By Congestion Control?

    Answer :

    at the network layer, congestion control mechanism takes place.

  137. Question 114. What Types Of Attacks Are You Seeing?

    Answer :

    Typically an organization sees a constant stream of port scan attacks. These are a regular occurrence on the Internet as a result of attackers and worms. An organization should not be seeing many substantial attacks such as compromises, backdoors, or exploits on systems. This would indicate that the security defenses are weak, patching may not be occurring, or other vulnerabilities exist.

  138. Question 115. How Can A Switch Help Reduce Network Security Problems?

    Answer :

    Switches use routing table which does allow to brandband your connection requests how hubs do. It protects you from sniffing programs.

  139. Question 116. What Is Security?

    Answer :

    Security is the degree of protection to safeguard a nation, union of nations, persons or person against danger, damage, loss, and crime. Security as a form of protection are structures and processes that provide or improve security as a condition. The Institute for Security and Open Methodologies (ISECOM) in the OSSTMM 3 defines security as “a form of protection where a separation is created between the assets and the threat”. This includes but is not limited to the elimination of either the asset or the threat.

  140. Question 117. How Are You Protecting Against Social Engineering And Phishing Attacks?

    Answer :

    The best way to protect against social engineering and phishing attacks is to educate the users. Employees should attend security awareness training that explains these types of attacks, what to expect, and how to respond. There should also be a publicly posted incidents email address to report suspicious activity.

  141. Question 118. What Is The Need For Network Security?

    Answer :

    The need for network security is quite obvious, (no offense to the asker), but, it is simply thus: There are criminal activities in every field, computers being no exception. People like to store private information on computers. If a criminal was able to slip onto your network, they would be able to access any unguarded computer, and retrieve information off of it once they have access. Make sure you keep AT LEAST ONE password on every computer you own, multiple different ones if it allows it. 

  142. Question 119. Difference Between Network And Operating System Security?

    Answer :

    Network security concentrates on the packets of information flowing between computer systems. Operating System security controls access to resources on the server itself. Therefore, the two are looking at different things in terms of security.

  143. Question 120. What Is Your Wireless Infrastructure?

    Answer :

    Part of knowing your network architecture includes knowing the location of wireless networks since they create another possible entry point for an attacker. You must also confirm whether they are being used for sensitive data and are they secured as best as possible.

  144. Question 121. What Desktop Protections Are Used?

    Answer :

    Desktops should have a combination of anti-virus software, personal firewall, and host-based intrusion detection. Each of these software packages must be regularly updated as new signatures are deployed. They must also be centrally managed and controlled.

  145. Question 122. What Is The Difference Between An Exploit And Vulnerability In Information Security?

    Answer :

    A vulnerability is a weak point in a system. This implies a risk, especially to confidential information. An exploit is a means of taking advantage of the vulnerability and using it to take advantage of a system or network. Just because something has been identified as a vulnerability doesn’t mean that it has been used to compromise a system. The presence of the exploit means someone has successfully used that weakness and taken advantage of it.

  146. Question 123. What Applications And Services Are Specifically Denied By Your Organization’s Security Policy?

    Answer :

    Your organization’s security policy should specify applications, services, and activities that are prohibited. These can include, among others:

    • Viewing inappropriate material
    • Spam
    • Peer-to-peer file sharing
    • Instant messaging
    • Unauthorized wireless devices
    • Use of unencrypted remote connections such as Telnet and FTP
  147. Question 124. What Is Message Control System?

    Answer :

    A method for controlling messages in a software system. The method activates a report-handling module when a subroutine has a message to send. The subroutine passes an identification to the report-handling module. The subroutine then passes a message and message level to the report handling module. The report-handling module then determines the message level to be reported for that subroutine, the process from which that subroutine is sending messages and the message level to be reported for that process. If the message level of the message compares correctly to the message level of the subroutine and the process, the message is reported.

  148. Question 125. How Do You Stop A Computer To Broadcast?

    Answer :

    Three basic ways: On most laptops there is a switch on the front On most towers there is a USB stick to unplug On all computers WIFI and Blue-tooth can be disabled from “my computer”.

  149. Question 126. How Is Your Wireless Infrastructure Secured?

    Answer :

    Wireless access must at least use WEP with 128-bit encryption. Although this provides some security, it is not very robust, which is why your wireless network should not be used for sensitive data. Consider moving to the 802.11i standard with AES encryption when it is finalized

  150. Question 127. How Do You Remove Network Security Keys?

    Answer :

    go to your router options on your computer and it should say remove

  151. Question 128. How Often Is Your Disaster Recovery Plan Tested?

    Answer :

    The plan is no good unless it is tested at least once a year. These tests will iron out problems in the plan and make it more efficient and successful if/when it is needed. Testing can include walkthroughs, simulation, or a full out implementation.

  152. Question 129. Where, When, And What Type Of Encryption Is Used?

    Answer :

    VPNs should be used for remote access and other sensitive communication. IPSEC is a great choice for this purpose. Strong encryption protocols such as 3DES and AES should be used whenever possible. Web access to sensitive or proprietary information should be protected with 128-bit SSL. Remote system administration should use SSH. Sometimes file system encryption is also used to protect stored data.

  153. Question 130. How Often Are Logs Reviewed?

    Answer :

    Logs should be reviewed every day. This includes IDS logs, system logs, management station logs, etc. Not reviewing the logs is one of the biggest mistakes an organization can make. Events of interest should be investigated daily. It can be a very tedious task for a single person to do this job as their only assignment (unless they really enjoy it). It is better to have a log review rotation system amongst the security team.

  154. Question 131. What Is Network Security?

    Answer :

    Network security[1] consists of the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: It secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.

  155. Question 132. How Do You Prevent Ddos Attack?

    Answer :

    You do not have much choice, only correctly configured firewall/iptables (which is not a trivial task to do) can help you to prevent it. But there is no 100%

  156. Question 133. What Is Included In Your Disaster Recovery Plan?

    Answer :

    Your disaster recovery plan (DRP) should include recovery of data centers and recovery of business operations. It should also include recovery of the accrual physical business location and recovery of the business processes necessary to resume normal operations. In addition, the DRP should address alternate operating sites.

  157. Question 134. What Is Your Organization’s Password Policy?

    Answer :

    A password policy should require that a password:

    • Be at least 8 characters long
    • Contain both alphanumeric and special characters
    • Change every 60 days
    • Cannot be reused after every five cycles
    • Is locked out after 3 failed attempts In addition, you should be performing regular password auditing to check the strength of passwords; this should also be documented in the password policy.
  158. Question 135. What Resources Are Located On Your Dmz?

    Answer :

    Only systems that are semi-public should be kept on the DMZ. This includes external web servers, external mail servers, and external DNS. A split-architecture may be used where internal web, mail, and DNS are also located on the internal network.

  159. Question 136. Are You Performing Content Level Inspections?

    Answer :

    In addition to the content level inspection performed by the IDS, specific content inspections should also be performed on web server traffic and other application traffic. Some attacks evade detection by containing themselves in the payload of packets, or by altering the packet in some way, such as fragmentation. Content level inspection at the web server or application server will protect against attacks such as those that are tunneled in legitimate communications, attacks with malicious data, and unauthorized application usage.

  160. Question 137. What Are Your Critical Business Systems And Processes?

    Answer :

    Identifying your critical business systems and processes is the first step an organization should take in order to implement the appropriate security protections. Knowing what to protect helps determine the necessary security controls. Knowing the critical systems and processes helps determine the business continuity plan and disaster recovery plan process. Critical business systems and processes may include an ecommerce site, customer database information, employee database information, the ability to answer phone calls, the ability to respond to Internet queries, etc.

  161. Question 138. What Is An Ip Grabber?

    Answer :

    An ip grabber is a program that will find the ip address of another computer. Often used by hackers.

  162. Question 139. What Is The Difference Between Network Security And Cryptography?

    Answer :

    Cryptography is the deliberate attempt to obscure or scramble the information so that only an authorized receiver can see the message. Network security may employ cryptography, but has many other tools to secure a network, including firewalls, auditing, Intrusion Detection Systems, and so forth. Cryptography would be used only when trying to keep messages secret when sending them across a network or keeping information secret in a file.

  163. Question 140. What Are The Three Legs Of Network Security?

    Answer :

    The three main tenets of security overall area: Confidentiality Availability Integrity.

  164. Question 141. What Type Of Remote Access Is Allowed?

    Answer :

    Remote access should be tightly controlled, monitored, and audited. It should only be provided over a secure communication channel that uses encryption and strong authentication, such as an IPSEC VPN. Desktop modems (including applications such as PCAnywhere), unsecured wireless access points, and other vulnerable methods of remote access should be prohibited.

  165. Question 142. How Do You Secure A Wireless Network?

    Answer :

    Most wireless routers allow you to encrypt using a passphrase. When you do choose a password, make sure that it uses uppercase, lowercase, numbers, and special characters. You will want to stay away from any words or phases that can be found in the dictionary. And set it for WPA2

  166. Question 143. What Is An Arp And How Does It Work?

    Answer :

    ARP(ADDRESS RESOLUTION PROTOCOL) is a network layer protocol which associates the physical hardware address of a network node(commonly known as a MAC ADDRESS) to its ip address. now an ARP creates a table known as ARP CACHE/TABLE that maps ip addresses to the hardware addresses of nodes on the local network.

    if based on the ip address it sees that it has the node’s mac address in its ARP TABLE then transmitting to that ip address is done quicker because the destination is known and voila network traffic is reduced.

  167. Question 144. Explain What Are Digital Signatures And Smart Cards?

    Answer :

    Digital signature : Information that is encrypted with an entity private key and is appended to a message to assure the recipient of the authenticity and integrity of the message. The digital signature proves that the message was signed by the entity that owns, or has access to, the private key or shared secret symmetric key.

    smart cards : Smart cards help businesses evolve and expand their products and services in a rapidly changing global market. In addition to the well known commercial applications (banking, payments, access control, identification, ticketing and parking or toll collection), in recent years, the information age has introduced an array of security and privacy issues that have called for advanced smart card security applications (secure logon and authentication of users to PC and networks, storage of digital certificates, passwords and credentials, encryption of sensitive data, wireless communication subscriber authentication, etc.)

  168. Question 145. Explain Difference Between Broadcast Domain And Collision Domain?

    Answer :

    Broadcast Domain

    send the packet to all the Present Network

    IT may be send by the person

    it may broadcast by the switch when the address not found in the Network.

    For breaking broadcast domain We can Use Router

    Collision Domain:

    Switch has no collision as compare to hun (layer on Device Broadcast Domain is the area where when one device in the network sends the data or packet it will received by all the devices present over the network.

  169. Question 146. What Is Kerberos Protocol?

    Answer :

    Kerberos is an authentication protocol, it is named after a dog who is according to the Greek mythology, – is said to stand at the gates of Hades.In the terms of computer networking it is a collection of software used in large networks to authenticate and establish a user’s claimed identity. It is developed by MIT and using a combination of encryption as well as distributed databases so that the user can log in start a session.

    It has some disadvantages though. As I said Kereberos had been developed by MIT under the project Athena, – Kerberos is designed to authenticate the end users on the servers.

  170. Question 147. Explain How Does Trace Route Work? Now How Does Trace Route Make Sure That The Packet Follows The Same Path That A Previous (with Ttl – 1) Probe Packet Went In?

    Answer :

    First of all see traceroute works using ICMP packets. First source sends an ICMP packet with Time to Live (TTL) field as 1 to the destination address. Now intermediate router receives the packet and sees that TTL field has expired, so it sends a ICMP TTL expired reply. Now the source machine again sends the ICMP packet with TTL field as 2. This time second intermediate router replies. This process is repeated till destination is reached. That way the source can get the entire route upto destination.

  171. Question 148. Explain What Are All The Technical Steps Involved When The Data Transmission From Server Via Router?

    Answer :

    When a packet is sent out of a server, It has source and Destination IP, source and destination Port no and source and destination Mac ID, first it is sent to the switch, The switch checks the packet whether the MAC ID is in the MAC-Address-Table if not it broad casts the message if the destination IP is not in the same segment Then it forward the packet to the gateway (normally the router or firewall). then the router/firewall checks its routing table and access lists if it has the information about the destination IP and if it has access to the destination IP it forwards it to the next hop, and if any one of the condition fails it just drops the packet.

  172. Question 149. Explain For A Small Lan Which Class Of Addressing Is Used?

    Answer :

    For small lan we use class-c address Explanation:In class C ip address the first three bytes out of four are for network address while the last byte is for host address which can range from 1-254 which is smallest lan possible whereas class B has two bytes and class A has three bytes reserved for host address which increases number of hosts in those classes.

  173. Question 150. Explain What Does Cia Stand For In Security Management?

    Answer :

     Confidentiality, Integrity and Availability CIA means Certified Internal Auditor. globally accepted and recognized certificate in the field of internal audits.

  174. Question 151. Explain In Mobile And Computer And Home Is It Possible That We See And Listen Person Voice And Activity Carefully For Destroying Their Privacy?

    Answer :

    Yes, it can be possible by third party software in computer and 3g in mobile.In computer third software like skype can be better media of communication method.

  175. Question 152. Explain What Is The Role Of Single Sign On In Authentication Technologies?

    Answer :

    Single sign-on (SSO) is mechanism whereby a single action of user authentication and authorization can permit a user to access all computers and systems where he has access permission, without the need to enter multiple passwords. Single sign-on reduces human error, a major component of systems failure and is therefore highly desirable but difficult to implement.

    single sign on is an authentication mechanism with session or cookie preservation, where in user is prompted only only once in a particular session with a computer s/he uses, and the same credentials are used across multiple platform for accessing different applications. it is like logging into your computer by authenticating to the domain controller and be able to access multiple intranet site. second example could to login to a single website, and have same authentication used for different applications like forums, image gallery and email etc.

  176. Question 153. Explain How Do We Use Rsa For Both Authentication And Secrecy?

    Answer :

    RSA is based upon public key/private key concept. For authentication one can encrypt the hash (MD5/SHA) of the data with his private key. This is known as digital signature. And secrecy is achieved by encrypting the data with the public key of the target user. Generally we dont use RSA for encryption because of key size (1024 bits). Rather a symmetric session key (128/256 bit) is established between communicating parties and is used for encryption.

    RSA — Authentication can be achieved by using nonce value (prime number).

    Eg: A wanna communicate with B

    The val An1 is encrypted with private key of A and then with pub key of B. so B can decrypt it and then B should send back the An1 to A stating it none other than B

    Secrecy is also maintained because they use their own private keys for decryption

  177. Question 154. What Is Difference Between Discretionary Access Control And Mandatory Access Control?

    Answer :

    DAS (discretionary access control) is used by itself according to it it is access and controlled while mas it has to be compulsory give the access controlled.

    MAC is designed and enforced in the initial stages and can not be changed by entity; from a laymen angle: OS writing to BIOS is not allowed. DAC is designed in such a way that access shall be granted based on the discretion; ex. database table access.

  178. Question 155. Explain What Is Difference Between Arp & Rarp? How Both Of These Protocols Will Work, And Where It Will Use?

    Answer :

    ARP -Meaning of ARP “Address Resolution Protocol”, is used to map ip Network addresses to the hardware (Media Access Control sub layer) addresses used by the data link protocol. The ARP protocol operates between the network layer and the data link layer in the Open System Interconnection (osi) model.

    RARP-RARP (Reverse Address Resolution Protocol) is a protocol by which a physical machine in a local area network can request to learn its IP address from a gateway server’s Address Resolution Protocol (ARP) table or cache. A network administrator creates a table in a local area network’s gateway router that maps the physical machine (or Media Access Control – MAC address) addresses to corresponding Internet Protocol addresses. When a new machine is set up, its RARP client program requests from the RARP server on the router to be sent its IP address. Assuming that an entry has been set up in the router table, the RARP server will return the IP address to the machine which can store it for future use. RARP is available for Ethernet, Fiber Distributed-Data Interface, and token ring LANs.

  179. Question 156. Explain What Is Meant By Port Blocking Within Lan?

    Answer :

    Restricting the users from accessing a set of services within the local area network is called port blocking.

    we,ll give you the fine example its nothing but we have to block the switch port with particular maC address..for example we have 8-port switch ,in that first port we connected a machine that belongs to this mac address {4e5a.23bf.34ae.9a4c} and we block the switch port with this mac address for instance you unplug the original host and plug the other one now your new machine will be prevented from accessing switch port thats the idea…. so if u enabling port blocking command in a switch only particular machine or intended machine allow to use access ,other machine will be restricted… port blocking is used for security purpose…otherwise some intruders enter into your company and destroy your lan with single laptop thats it

  180. Question 157. Explain How Do We Do Authentication With Message Digest(md5)? (usually Md Is Used For Finding Tampering Of Data)

    Answer :

    The unique number will be generated by MD5, if it is tamped with someone, the value will be changed so you know you are tampered

  181. Question 158. The Unique Number Will Be Generated By Md5, If It Is Tamped With Someone, The Value Will Be Changed So You Know You Are Tampered?

    Answer :

    1. OSPF has two primary characteristics. The first is that the protocol is open, which means that its specification is in the public domain. The OSPF specification is published as Request For Comments (RFC) 1247.
    2. The second principal characteristic is that OSPF is based on the SPF algorithm, which sometimes is referred to as the Dijkstra algorithm, named for the person credited with its creation.

    3. OSPF is a link-state routing protocol that calls for the sending of link-state advertisements (LSAs) to all other routers within the same hierarchical area. Information on attached interfaces, metrics used, and other variables is included in OSPF LSAs. As OSPF routers accumulate link-state information, they use the SPF algorithm to calculate the shortest path to each node.
    4. Ospf: Open Shortest Path First. It Uses SPF(Dijkstra) algorithm and selects the Loop free path. It is a purely classless Routing protocol(ie sends mask along with the ip address) It supports SLSM, VLSM, Discontinuous Networks. and the hope count is Unlimited. It is Having Complex Configuration Including Area, Process id, Wild card mask. The metric used is bandwidth(10 raise to 8/ Bandwidth). Administrative Distance is 110