1. How to you keep yourself updated on network security -or- Where do you get updates on security?
This type of question is meant to see the interest of the candidate in keeping abreast in the field of network security. If the candidate puts up a blank face, it is time to call next candidate. One can specify “news alerts” or any website(s) s/he checks out for latest information about security.
2. If you need to encrypt and compress data for transmission, how would you achieve it?
The candidate may start explaining what is data encryption, how s/he would encrypt the data and then compress it for transmission. However, the actual answer would be to explain how to compress and then talk about encryption. Encrypting compressed data often leads to loss of data.
3. What factors would you consider before deploying a web intrusion detection system?
An open question, the interviewer is trying to assess the knowledge of candidate in different fields associated with web intrusion. These include: SSL; HTTP protocol; logging; alert mechanism; and signature update policies.
4. What is Cross site scripting?
Though the answer is straightforward, most candidates are unaware of the term. One of the most important security issues, cross scripting refers to phishing attempts by a website that employs a java script that leads to deploying a malware without the knowledge of user.
5. How does the HTTP handle state?
The answer is that HTTP cannot handle states. However, there is a hack. It employs use of cookies to handle the state.
6. In context of public key encryption, if you are using both signature and encryption features, what key will you use for encryption and which one will you use for signing?
Answer is simple. One would always sign using their key so the public key is used for encryption. Most of the candidates tend to name public key for both signing and encryption. They miss out the point that public key encryption also includes a private key.
7. What type of network do you use at home?
Again, this question is employed to assess the skills and networking background of candidates. “I don’t have a network at home but I have handled networks at so and so places” is better than saying “sorry, I don’t have a network at home”. The latter would send out a signal that the candidate never had exposure to networks.
8. What is Cross Site Request Forgery and how to defend against it?
The question can also be in two parts, in which case, candidates without knowledge of CSRF would get lost. If asked combined, candidates can guess that cross site request forgery is something that relates to malicious scripting with phishing intentions. The question may also be framed as “what is cross site request”. In this case, candidates cannot even guess that it is something malicious as the word ‘forgery’ is not there.
9. Name the port used by PING.
Always remember that PING does not use any port. As PING is based upon layer 3 protocol, it never uses any computer port. A simple variation of the question could be: Does PING use UDP? Or Does PING use TCP? Again remember that UDP and TCP are layer 4 protocols and PING has nothing to do with them.
10. Security Life Cycle.
It can be phrased in many ways: what comes first – vulnerability or threat? How do you design a system with some options given? The candidate needs to answer these questions using his/her own experience and opinions. The objective is how best the candidate can explain what you asked.
These are just some of the network security interview questions that are meant to give you an idea of how a security interview goes. If you wish to share your experience or wish to add anything, please feel free to share using comments box.
11. Define the meaning of an Authentication.
Well sir, an Authentication factor is a piece of information and process used to authenticate or verify the identity of a person or other entity requesting access under security constraints. In other word, it is a process of proving the identity of a computer or computer user. For users, it generally involves a user name and password. Computers usually pass a code that identifies that they are part of a network.
12. What is the sense of a fingerprint?
A fingerprint is an impression of the friction ridges on all parts of the finger. A friction ridge is a raised portion of the epidermis on the palmer (palm) or digits i.e. fingers and toes or plantar or sole skin, consisting of one or more connected ridge units of friction ridge skin. This is also known as Epidermal Ridges which is originated by the underlying interface between the dermal papillae of the dermis and the interpapillary (rete) pegs of the epidermis.
13. What a security mean in your sense?
A security is a fungible, negotiable instrument representing financial value. Securities are generally sorted out into debt securities such as banknotes, bonds and debentures and equity securities. For example: common stocks and derivative contracts such as forwards, futures, options and swaps.
14. What is a Password?
A password is a secret word or string of characters that is used for authentication to prove identity or gain access to a resource. The password must be kept secret from those not allowed access.
For example: An access code is a type of password.
15. What is a Smart Card or Chip Card or Integrated Circuit Card (ICC)?
A Smart Card or Chip Card or Integrated Circuit Card (ICC) is any pocket-sized card with embedded integrated circuits which can process data. This implies that it can receive input which is processed by the way of the ICC applications and delivered as an output.
16. Finally, who is a hacker?
A hacker is a person who breaks into computers usually by gaining access to administrative controls. He uses to access the user id and password without taking the permission.
As a result of this article, you will definitely going to show best performance in the interview.
17. What are the types of LAN cables used? What is a cross cable?
Types of LAN cables that are in use are "Cat 5" and "Cat 6". "Cat 5" can support 100 Mbps of speed and "CAT 6" can support 1Gbps of speed.
Cross cable: Its used to connect same type of devices without using a switch/hub so that they can communicate.
18. What is IPCONFIG command? Why it is used?
IPCONFIG command is used to display the IP information assigned to a computer. Fromthe output we can find out the IP address, DNS IP address, gateway IP address assigned to that computer.
19. What is BSOD? What do you do when you get blue screen in a computer? How do you troubleshoot it?
BSOD stands for blue screen of Death. when there is a hardware or OS fault due to which the windows OS can run it give a blue screen with a code. Best way to resolve it is to boot the computer is "LAst known good configuration". If this doesn't work than boot the computer in safe mode. If it boots up than the problemis with one of the devices or drivers.
20. What is RIS? What is Imaging/ghosting?
RIS stands for remote installation services. You save the installed image on a windows server and then we use RIS to install the configured on in the new hardware. We can use it to deploy both server and client OS. Imaging or ghosting also does the same job of capturing an installed image and then install it on a new hardware when there is a need. We go for RIS or iamging/ghosting because installing OS everytime using a CD can be a very time consuming task. So to save that time we can go for RIS/Ghosting/imaging.
21. What is the difference between a switch and a hub?
Switch sends the traffic to the port to which its meant for. Hub sends the traffic to all the ports.
22. What are manageable and non manageable switches?
Switches which can be administered are calledmanageable switches. For example we can create VLAN for on such switch. On no manageable swiches we can't do so.
23. What is a DNS resource record
A resource record is an entry in a name server's database. There are several types of resource records used, including name-to-address resolution information. Resource records are maintained as ASCII files.
24. What protocol is used by DNS name servers
DNS uses UDP for communication between servers. It is a better choice than TCP because of the improved speed a connectionless protocol offers. Of course, transmission reliability suffers with UDP.
25. What is the difference between TFTP and FTP application layer protocols
The Trivial File Transfer Protocol (TFTP) allows a local host to obtain files from a remote host but does not provide reliability or security. It uses the fundamental packet delivery services offered by UDP. The File Transfer Protocol (FTP) is the standard mechanism provided by TCP / IP for copying a file from one host to another. It uses the services offered by TCP and so is
reliable and secure. It establishes two connections (virtual circuits) between the hosts, one for data transfer and another for control information.