Dear Readers, Welcome to Network Security Interview Questions and Answers have been designed specially to get you acquainted with the nature of questions you may encounter during your Job interview for the subject of Network Security . These Network Security Questions are very important for campus placement test and job interviews. As per my experience good interviewers hardly plan to ask any particular questions during your Job interview and these model questions are asked in the online technical test and interview of many IT companies.
This type of question is meant to see the interest of the candidate in keeping abreast in the field of network security. If the candidate puts up a blank face, it is time to call next candidate. One can specify “news alerts” or any website(s) s/he checks out for latest information about security.
The candidate may start explaining what is data encryption, how s/he would encrypt the data and then compress it for transmission. However, the actual answer would be to explain how to compress and then talk about encryption. Encrypting compressed data often leads to loss of data.
An open question, the interviewer is trying to assess the knowledge of candidate in different fields associated with web intrusion. These include: SSL; HTTP protocol; logging; alert mechanism; and signature update policies.
Though the answer is straightforward, most candidates are unaware of the term. One of the most important security issues, cross scripting refers to phishing attempts by a website that employs a java script that leads to deploying a malware without the knowledge of user.
Answer is simple. One would always sign using their key so the public key is used for encryption. Most of the candidates tend to name public key for both signing and encryption. They miss out the point that public key encryption also includes a private key.
Again, this question is employed to assess the skills and networking background of candidates. “I don’t have a network at home but I have handled networks at so and so places” is better than saying “sorry, I don’t have a network at home”. The latter would send out a signal that the candidate never had exposure to networks.
The question can also be in two parts, in which case, candidates without knowledge of CSRF would get lost. If asked combined, candidates can guess that cross site request forgery is something that relates to malicious scripting with phishing intentions. The question may also be framed as “what is cross site request”. In this case, candidates cannot even guess that it is something malicious as the word ‘forgery’ is not there.
Always remember that PING does not use any port. As PING is based upon layer 3 protocol, it never uses any computer port. A simple variation of the question could be: Does PING use UDP? Or Does PING use TCP? Again remember that UDP and TCP are layer 4 protocols and PING has nothing to do with them.
It can be phrased in many ways: what comes first – vulnerability or threat? How do you design a system with some options given? The candidate needs to answer these questions using his/her own experience and opinions. The objective is how best the candidate can explain what you asked.
These are just some of the network security interview questions that are meant to give you an idea of how a security interview goes. If you wish to share your experience or wish to add anything, please feel free to share using comments box.
Well sir, an Authentication factor is a piece of information and process used to authenticate or verify the identity of a person or other entity requesting access under security constraints. In other word, it is a process of proving the identity of a computer or computer user. For users, it generally involves a user name and password. Computers usually pass a code that identifies that they are part of a network.
A fingerprint is an impression of the friction ridges on all parts of the finger. A friction ridge is a raised portion of the epidermis on the palmer (palm) or digits i.e. fingers and toes or plantar or sole skin, consisting of one or more connected ridge units of friction ridge skin. This is also known as Epidermal Ridges which is originated by the underlying interface between the dermal papillae of the dermis and the interpapillary (rete) pegs of the epidermis.
A security is a fungible, negotiable instrument representing financial value. Securities are generally sorted out into debt securities such as banknotes, bonds and debentures and equity securities. For example: common stocks and derivative contracts such as forwards, futures, options and swaps.
A password is a secret word or string of characters that is used for authentication to prove identity or gain access to a resource. The password must be kept secret from those not allowed access.
For example: An access code is a type of password.
A Smart Card or Chip Card or Integrated Circuit Card (ICC) is any pocket-sized card with embedded integrated circuits which can process data. This implies that it can receive input which is processed by the way of the ICC applications and delivered as an output.
A hacker is a person who breaks into computers usually by gaining access to administrative controls. He uses to access the user id and password without taking the permission.
As a result of this article, you will definitely going to show best performance in the interview.
Types of LAN cables that are in use are "Cat 5" and "Cat 6". "Cat 5" can support 100 Mbps of speed and "CAT 6" can support 1Gbps of speed.
Cross cable: Its used to connect same type of devices without using a switch/hub so that they can communicate.
IPCONFIG command is used to display the IP information assigned to a computer. Fromthe output we can find out the IP address, DNS IP address, gateway IP address assigned to that computer.
BSOD stands for blue screen of Death. when there is a hardware or OS fault due to which the windows OS can run it give a blue screen with a code. Best way to resolve it is to boot the computer is "LAst known good configuration". If this doesn't work than boot the computer in safe mode. If it boots up than the problemis with one of the devices or drivers.
RIS stands for remote installation services. You save the installed image on a windows server and then we use RIS to install the configured on in the new hardware. We can use it to deploy both server and client OS. Imaging or ghosting also does the same job of capturing an installed image and then install it on a new hardware when there is a need. We go for RIS or iamging/ghosting because installing OS everytime using a CD can be a very time consuming task. So to save that time we can go for RIS/Ghosting/imaging.
Switch sends the traffic to the port to which its meant for. Hub sends the traffic to all the ports.
Switches which can be administered are calledmanageable switches. For example we can create VLAN for on such switch. On no manageable swiches we can't do so.
A resource record is an entry in a name server's database. There are several types of resource records used, including name-to-address resolution information. Resource records are maintained as ASCII files.
DNS uses UDP for communication between servers. It is a better choice than TCP because of the improved speed a connectionless protocol offers. Of course, transmission reliability suffers with UDP.
The Trivial File Transfer Protocol (TFTP) allows a local host to obtain files from a remote host but does not provide reliability or security. It uses the fundamental packet delivery services offered by UDP. The File Transfer Protocol (FTP) is the standard mechanism provided by TCP / IP for copying a file from one host to another. It uses the services offered by TCP and so is
reliable and secure. It establishes two connections (virtual circuits) between the hosts, one for data transfer and another for control information.