Network Security Interview questions

 Question1. Why Does Active Ftp Not Work With Network Firewalls?
 Answer :
 When a user initiates a connection with the FTP server, two TCP connections are
established. The second TCP connection (FTP data connection) is initiated and
established from the FTP server. When a firewall is between the FTP client and server,
the firewall would block the connection initiated from the FTP server since it is a
connection initiated from outside. To resolve this, Passive FTP can be used or the
firewall rule can be modified to add the FTP server as trusted.
 Question2. Which Feature On A Network Switch Can Be Used To Prevent
Rogue Dhcp Servers?
 Answer :
 DHCP Snooping
 Question3. Which Feature On A Cisco Ios Firewall Can Be Used To Block
Incoming Traffic On A Ftp Server?
 Answer :
 Extended ACL.
 Question4. Name One Secure Network Protocol Which Can Be Used Instead
Of Telnet To Manage A Router?
 Answer :
 SSH
 Question5. Provide A Reason As To Why Https Should Be Used Instead Of
Http?
 Answer :
 HTTP sends data in clear text whereas HTTPS sends data encrypted.
 Question6. How Can You Prevent A Brute Force Attack On A Windows Login
Page?
 Answer :
 Setup a account lockout for specific number of attempts, so that the user account would
be locked up automatically after the specified number.
 Question7. In An Icmp Address Mask Request, What Is The Attacker Looking
For?
 Answer :
 The attacker is looking for the subnet/network mask of the victim. This would help the
attacker to map the internal network.
 Question8. Why Is Ripv1 Insecure In A Network?
 Answer :
 RIPv1 does not use a password for authentication as with RIPv2. This makes it possible
to attackers to send rogue RIP packets and corrupt the routing table.
 Question9. Which Feature On A Network Switch Can Be Used To Protect
Against Cam Flooding Attacks?
 Answer :
 Port-Security feature can be used for the same. In a cam flooding attack, the attacker
sends a storm of mac-addresses (frames) with different values. The goal of the attacker
is to fill up the cam table. Port-Security can be used to limit the number of mac-
addresses allowed on the port.
 Question10. Which Protocol Does Https Uses At The Transport Layer For
Sending And Receiving Data?
 Answer :
 TCP

 Question11. ____ Typically Involves Using Client -side Scripts Written In

Javascript That Are Designed To Extract Information From The Victim And
Then Pass The Information To The Attacker?
 Answer :
 Correct Answer: Cross site scripting (XSS)
 Question12. What Is Srm (security Reference Monitor)?
 Answer :
 The Security Reference Monitor is the kernel mode component that does the actual
access validation, as well as audit generation
 Question13. In A Company Of 500 Employees, I t Is Estimated That _____
Employees Would Be Required To Combat A Virus Attack?
 Answer :
 five employees.
 Question14. According To The Research Group Postini, Over ____ Of Daily E -
mail Messages Are Unsolicited And Could Be Carrying A Malicious Payload?
 Answer :two-thirds.
 Question15. A Software-based ____ Attempt To Monitor And Possibly
Prevent Attempts To Attack A Local System?
 Answer :
 HIDS
 Question16. A Security ____ Focuses On The Administration And
Management Of Plans, Policies, And People?
 Answer :
 manager.
 Question17. Under The _____ , Healthcare Enterprises Must Guard Protected
Health Information And Implement Policies And Procedures To Safeguard It,
Whether It Be In Paper Or Electronic Format?
 Answer :HIPAA.
 Question18. How Did Early Computer Securit y Work?
 Answer :
 It was pretty simple- just passwords to protect one's computer. With the innovation of
the internet, however, computers have increased security with firewalls and hundreds
of anti-virus programs.
 Question19. What Is A Firewall?
 Answer :
 A Firewall is software that blocks unauthorized users from connecting to your computer.
All computers at Bank Street are protected by a firewall which is monitored and updated
by CIS.
 Question20. Business ____ Theft Involves Stealing Proprietary Business
Information Such As Research For A New Drug Or A List Of Customers That
Competitors Are Eager To Acquire?
 Answer :data.
 Question21. ____ Monitor Internet Traffic And Block Access To Preselected
Web Sites And Files?
 Answer :
 Internet content filters.
 Question22. What Is Another Name For Unsolicited E -mail Messages?
 Answer :
 spam
 Question23. The ____ Is The Link Between The Cellular Network And The
Wired Telephone World And Controls All Transmitters And Base Stations In
The Cellular Network?
 Answer :
 MTSO
 Question24. ____ Technology Enables A Virtual Machine To Be Moved To A
Different Physical Computer With No Impact To The Users?
 Answer :
 Live migration
 Question25. A(n) ____ Finds Malicious Traffic And Deals With It
Immediately?
 Answer :
 IPS
 Question26. A ____ Virus Infects The Master Boot Record Of A Hard Disk
Drive?
 Answer :
 boot
 Question27. Can Police Track An Ip Address After It Has Been Changed?
 Answer :
 Sometimes-for example, if the user has a dynamic IP address, and their IP address
changes within this system as usual, it can generally be tracked. If the user uses a proxy
service to make their IP address appear as if it is located in some random other p
 Question28. ____ Is A Software Program That Delivers Advertising Content
In A Manner That Is Unexpected And Unwanted By The User?
 Answer :
 Adware
 Question29. Encryption Under The Wpa2 Personal Security Model Is
Accomplished By ____?
 Answer :
 AES-CCMP
 Question30. According To The 2007 Fbi Computer Crime And Security Survey,
The Loss Due To The Theft Of Confidential Data For 494 Respondents Was
Approximately ____?
 Answer :
 $10 million.
 Question31. ____, Also Called Add-ons, Represent A Specific Way Of
Implementing Activex And Are Sometimes Called Activex Applications?
 Answer :
 ActiveX controls.
 Question32. What Is A Sid (security Id)?
 Answer :
 SID stands for Security Identifier and is an internal value used to uniquely identify a user
or a group. A SID contain * User and group security descriptors * 48-bit ID authority *
Revision level * Variable sub authority values
 Question33. ____ Can Fully Decode Application -layer Network Protocols.
Once These Protocols Are Decoded, The Different Parts Of The Protocol Can
Be Analyzed For Any Suspicious Behavior?
 Answer :
 Protocol analyzers
 Question34. A ____ Is A Computer Program Or A Part Of A Program That Lies
Dormant Until It Is Triggered By A Specific Logical Event?
 Answer :
 logic bomb
 Question35. A ____ Is A Cumulative Package Of All Security Updates Plus
Additional Features.
 Answer :
 service pack
 Question36. The Goal Of ____ Is To Prevent Computers With Suboptimal
Security From Potentially Infecting Other Computers Through The Network?
 Answer :
 NAC
 Question37. ____ Is A Windows Vista And Windows Xp Se rvice Pack 2 (sp2)
Feature That Prevents Attackers From Using Buffer Overflow To Execute
Malware?
 Answer :
 DEP
 Question38. ____ Are Portable Communication Devices That Function In A
Manner That Is Unlike Wired Telephones?
 Answer :
 Cell phones
 Question39. A ____ Is A Single, Dedicated Hard Disk -based File Storage
Device That Provides Centralized And Consolidated Disk Storage Available To
Lan Users Through A Standard Network Connection?
 Answer :
 NAS
 Question40. What Is Administrator Privileges Wh en Trying To Install A
Download?
 Answer :
 Administrator privileges allows the user full access to a program or network second only
to the system account. If you don't have administrator privileges, you cannot do certain
things You may be able use a program, but not upgrade it.