Thursday, February 7, 2013

Network Security admin Interview Question with Answer


1.Which protocol does HTTPS uses at the transport layer for sending and receiving data?
TCP.                          
2.Why does Active FTP not work with network firewalls?
When a user initiates a connection with the FTP server, two TCP connections are established. The second TCP connection (FTP data connection) is initiated and established from the FTP server. When a firewall is between the FTP client and server, the firewall would block the connection initiated from the FTP server since it is a connection initiated from outside. To resolve this, Passive FTP can be used or the firewall rule can be modified to add the FTP server as trusted.
3.Which feature on a network switch can be used to prevent rogue DHCP servers
DHCP Snooping
4.Which feature on a Cisco IOS firewall can be used to block incoming traffic on a FTP server
Extended ACL.
5.Name one secure network protocol which can be used instead of telnet to manage a router
SSH
6.Provide a reason as to why HTTPS should be used instead of HTTP.
HTTP sends data in clear text whereas HTTPS sends data encrypted.
7.How can you prevent a brute force attack on a windows login page
Setup a account lockout for specific number of attempts, so that the user account would be locked up automatically after the specified number.
8.In an ICMP address mask request, what is the attacker looking for
The attacker is looking for the subnet/network mask of the victim. This would help the attacker to map the internal network.
9.Why is Rip v1 insecure in a network
RIP v1 does not use a password for authentication as with Rip v2. This makes it possible to attackers to send rogue RIP packets and corrupt the routing table.
10.Which feature on a network switch can be used to protect against cam flooding attacks
Port-Security feature can be used for the same. In a cam flooding attack, the attacker sends a storm of mac-addresses (frames) with different values. The goal of the attacker is to fill up the cam table. Port-Security can be used to limit the number of mac-addresses allowed on the port.

11 comments:

  1. I like your approach on the topic. Your article is as interesting as your previous writings. Keep up the good work, thanks a lot.

    ReplyDelete
  2. Good advice. I'll take it into account.

    ReplyDelete
  3. I really appreciate your professional approach. These are pieces of very useful information that will be of great use for me in future.

    ReplyDelete
  4. Nice post, things explained in details. Thank You.

    ReplyDelete
  5. Good advice. I'll take it into account.

    ReplyDelete
  6. It was very useful for me. Keep sharing such ideas in the future as well. This was actually what I was looking for, and I am glad to came here! Thanks for sharing the such information with us...

    ReplyDelete
  7. Very informative, keep posting such good articles, it really helps to know about things :)

    ReplyDelete
  8. You saved my time. Thanks a million for sharing this article..

    ReplyDelete
  9. This tools are very useful for me for that really thanks for sharing with us.

    ReplyDelete
  10. It is good to see posts that give truly quality information. Your tips are extremely valuable. Thanks a lot for writing this post.Thanks a lot for sharing. Keep blogging.

    ReplyDelete
  11. Very informative, keep posting such good articles, it really helps to know about things :)

    ReplyDelete

Dear Reader, if you like My Blog content, feel free to comment on our blog posts.