Pages

Tuesday, March 17, 2015

Network Security Interview questions

Interview question 1
Why does Active FTP not work with network firewalls?
When a user initiates a connection with the FTP server, two TCP connections are established. The second TCP connection (FTP data connection) is initiated and established from the FTP server. When a firewall is between the FTP client and server, the firewall would block the connection initiated from the FTP server since it is a connection initiated from outside. To resolve this, Passive FTP can be used or the firewall rule can be modified to add the FTP server as trusted.

Interview question 2.
Which feature on a network switch can be used to prevent rogue DHCP servers?
DHCP Snooping

Interview Question 3.
Which feature on a Cisco IOS firewall can be used to block incoming traffic on a FTP server?
Extended ACL.

Interview Question 4.
Name one secure network protocol which can be used instead of telnet to manage a router?
SSH

Interview Question 5.
Provide a reason as to why HTTPS should be used instead of HTTP?
HTTP sends data in clear text whereas HTTPS sends data encrypted.

Interview Question 6.
How can you prevent a brute force attack on a windows login page?
Setup a account lockout for specific number of attempts, so that the user account would be locked up automatically after the specified number.

Interview Question 7.
In an ICMP address mask request, what is the attacker looking for?
The attacker is looking for the subnet/network mask of the victim. This would help the attacker to map the internal network.

Interview Question 8.
Why is Rip v1 insecure in a network?
RIP v1 does not use a password for authentication as with Rip v2. This makes it possible to attackers to send rogue RIP packets and corrupt the routing table.

Interview Question 9.
Which feature on a network switch can be used to protect against cam flooding attacks?
Port-Security feature can be used for the same. In a cam flooding attack, the attacker sends a storm of mac-addresses (frames) with different values. The goal of the attacker is to fill up the cam table. Port-Security can be used to limit the number of mac-addresses allowed on the port.

Interview Question10.
Which protocol does HTTPS uses at the transport layer for sending and receiving data?
TCP.

                                                            

No comments:

Post a Comment