नवीन पोस्ट..

Complete Blender Course for Beginners – Creating a Knife Set.

Image
  Complete Blender Course for Beginners – Creating a Knife Set Complete Blender Course for Beginners – Creating a Knife Set What You will Learn :- Use Blender 3.2 and in general understand it's interface 3D Modeling UV Unwrapping Create materials with free PBR textures Lighting using Easy-HDRI You learn retopoligy for small parts of the models GET ON UDEMY JOIN OUR TELEGRAM CHANNEL 

CCNA security Interview Questions And Answers

CCNA security Interview Questions

What do you see as the objective of information security within a business or organization?

A: Network security should:

  • Ensure uninterrupted network availability to all users
  • Prevent unauthorized network access
  • Preserve the privacy of all users
  • Defend the networks from malware, hackers, and DDoS attacks
  • Protect and secure all data from corruption and theft

Q: How do you define risk, vulnerability, and threat, in the context of network security?

A: A risk is defined as the result of a system being secure but not secured sufficiently, thereby increasing the likelihood of a threat. A vulnerability is a weakness or breach in your network or equipment (e.g. modems, routers, access points). A threat is the actual means of causing an incident; for instance, a virus attack is deemed a threat.

CCNA security Interview Questions And Answers


Q: What are the possible results of an attack on a computer network?

A: Possible results include:

  • Loss or corruption of sensitive data that is essential for a company’s survival and success
  • Diminished reputation and trust among customers
  • The decline in value with shareholders
  • Reduced brand value
  • Reduction in profits

Q: What do you use on your own personal network?

A: An interviewer will want to know what sort of security measures you use on your own home devices. After all, if you’re a hotshot network security expert, clearly that must be reflected in the network that means the most to you; your personal system! An employer can tell a lot about your network savviness by analyzing what measures you use for your devices.

Q: Speaking of your home network, do you have a Wireless Access Point, and if so, how do you defend it?

A: There are many methods of protecting a WAP, but the three most popular are: employing MAC address filtering, using WPA2, and not broadcasting the SSID. This is yet another attempt by an employer to see what matters to you personally in terms of security. After all, people tend to prefer the best things for themselves!

Q: How informed do you keep yourself on network security-related news, and how often do you check out these stories? Where do you get your security news from?

A: Network security incidents are big news today, and there have been many high-profile news stories about data breaches and hackers in the past few years. An employer is going to want to know how well-informed you are on the latest security news and incidents. HINT: If you don’t make it a practice of keeping abreast of the latest network security-related news, you better start now!
In terms of news sources, your best bets are Team Cymru, Twitter, or Reddit. Make sure to check the sources of accuracy, though.

Q: What are the best defenses against a brute force login attack?

A: There are three major measures you can take to defend against a brute force login attack. For starters, there’s an account lockout. Offending accounts are locked out until such time as the administrator decides to open it again. Next comes the progressive delay defense. Here, the account stays locked for a given number of days after a few unsuccessful login attempts are made. Finally, there’s the challenge-response test, which heads off automatic submissions employed on the login page.

Q: Explain the difference between symmetric and asymmetric encryption.

A: Long story short, symmetric encryption uses the same key for both encryption and decryption, whereas asymmetric encryption employs different keys for the two processes. Symmetric is faster for obvious reasons but requires sending the key through an unencrypted channel, which is a risk.

Q: Explain the difference between a white and black hat hacker.

A: Black and white hat hackers are different sides of the same coin. Both groups are skilled and talented in gaining entry into networks and accessing otherwise protected data. However, black hats are motivated by political agendas, personal greed, or malice, whereas white hats strive to foil the former. Many white hats also conduct tests and practice runs on network systems, to ascertain the effectiveness of security.

Q: Define the salting process and what it’s used for.

A: Salting is the process wherein you add special characters to a password in order to make it stronger. This increases password strength in two ways: it makes it longer and it adds another set of characters that a hacker would have to guess from. It’s a good measure to take for users who tend to habitually make weak passwords, but overall it’s a low-level defense since many experienced hackers are already familiar with the process and take it into account.

CCNA security Interview Questions And Answers


Q: How do you deal with “Man In The Middle” attacks?

A:  A Man in the Middle attack happens when there is a third party that’s monitoring and controlling a conversation between two parties, with the latter completely unaware of the situation. There are two ways of dealing with this attack. First of all, stay off of open Wi-Fi networks. Second, both parties should employ end-to-end encryption.

Q: Which is the better security measure, HTTPS, or SSL?

A:  HTTPS (Hypertext Transfer Protocol Secure) is HTTP combined with SSL, encrypting a user’s browsing activity and making it safer. SSL (Secure Sockets Layer) is a protocol that protects Internet conversations between two or more parties. Though it’s close, SSL wins out in terms of sheer security, though any of these are valuable things to know for the purposes of web development.

Q: Name the three means of user authentication.

A: There is biometrics (e.g. a thumbprint, iris scan), a token, or a password. There is also two-level authentication, which employs two of those methods.

Q: Which is a more secure project: open-source or proprietary?

A: This is a trick question; don’t be fooled! A project’s security is determined by the quality of security measures used to protect it, the number of users/developers with access, and the overall size of the project. The kind of project is irrelevant.

Q: If you work with a Linux server, what are the three significant steps you must take in order to secure it?

A: In order to secure your Linux server, you must do the following, in order:

  • Audit. Scan the system using Lynis. Each category gets scanned separately, and a hardening index is generated for the next step.
  • Hardening. Once auditing is done, hardening is done, based on the level of security to be employed.
  • Compliance. This is an ongoing step, as the system is checked daily.

Q: You discover an active problem on your organization’s network, but it’s out of your sphere of influence. There’s no doubt that you can fix it, though; so what do you do?

A: While the first impulse may be to immediately fix the problem, you need to go through the proper channels. Things may be as they are for a reason. Use e-mail to notify the person in charge of that department, expressing your concerns, and asking for clarification. Make sure your boss is CC’ed into the email chain, and make sure that you save a copy for yourself, in case you need to refer to it later.

Q: What’s the most effective measure to take against a CSRF?

A: A Cross-Site Request Forgery (CSRF) attack causes a currently authenticated end-user to execute unauthorized commands on a web application. There are two effective defensive measures. First of all, use different names for each field of a form, as it increases user anonymity. Second, include a random token with each request.

Q: You get a phone call from a very influential executive high up on the organizational chart. He or she tells you to bend company policy to suit them and let them use their home device to do company work. What do you do?

A: This is another case of letting someone higher than you make the decision. Send the question/request up to your manager and let them sort it out. This is far outside of your realm. Let your boss deal with the higher-up.

Happy Learning.......

Q: Which is worse in terms of Firewall detection, and why? A false positive or a false negative?

A: A false negative is worse by far. A false positive is simply a legitimate result that just got incorrectly flagged. While it’s irksome, it’s by no means fatal or difficult to correct. But a false negative means that something bad has slipped through the firewall undetected, and that means a host of problems down the road.

Q: Why are internal threats usually more effective than external threats?

A: It all comes down to a question of physical location. A disgruntled soon to be ex-employee, a hacker posing as a deliveryman, even just a careless curious user, all end up having better access to the system due to them being on-site. Being “inside” physically makes it easier to get inside virtually.


Comments

Popular posts from this blog

Fortinet Internet Threat Perspectives Quiz Answers Fortinet NSE 1 Information Security Awareness Fortinet - Everything Trending

Ethical Hacking: SQL Injection for Beginners

CCNA Interview Basic Questions And Answers