Question 1.

Why Does Active Ftp Not Work With

Network Firewalls?
Answer :

When a user initiates a
connection with the FTP server, two TCP connections are
established. The second TCP connection (FTP data
connection) is initiated and established from the FTP
server. When a firewall is between the FTP client and
server, the firewall would block the connection initiated
from the FTP server since it is a connection initiated from
outside. To resolve this, Passive FTP can be used or the
firewall rule can be modified to add the FTP server as
trusted.

Question 2. Which Feature On A Network Switch Can
Be Used To Prevent Rogue Dhcp Servers?
Answer
:

DHCP Snooping

Question 3. Which Feature On A Cisco Ios Firewall
Can Be Used To Block Incoming Traffic On A Ftp
Server?
Answer :

Extended ACL.

Question 4. Name One Secure Network Protocol
Which Can Be Used Instead Of Telnet To Manage A
Router?
Answer :

SSH

Question 5. Provide A Reason As To Why Https
Should Be Used Instead Of Http?
Answer :

HTTP sends
data in clear text whereas HTTPS sends data encrypted.


W
i
r
e
l
e
s
s
T
a
 n
k
M
o
n
i
t
o
r
i
n
g

Cr
y
o
g
e
n
i
c
G
a
s
e
s
,
B
u
l
k
C
h
e
m
i
c
a
l
P
r
o
d
u
c
t
s
,
O
i
l
a
n
d
G
a
s
,
I
S
O
c
o
n
t
a
i
n
e
r
s
.
 A
d

d
a
t
a
o
n
l
i
n
e
.
c
o
m

V
i
s
i
t
S
i
t
e















Question 6. How Can You Prevent A Brute Force
Attack On A Windows Login Page?
Answer :

Setup a
account lockout for specific number of attempts, so that
the user account would be locked up automatically after
the specified number.

Question 7. In An Icmp Address Mask Request, What
Is The Attacker Looking For?
Answer :

The attacker is
looking for the subnet/network mask of the victim. This
would help the attacker to map the internal network.

Question 8. Why Is Ripv1 Insecure In A
Network?
Answer :

RIPv1 does not use a password for
authentication as with RIPv2. This makes it possible to
attackers to send rogue RIP packets and corrupt the
routing table.

Question 9. Which Feature On A Network Switch Can
Be Used To Protect Against Cam Flooding
Attacks?
Answer :

Port-Security feature can be used for
the same. In a cam flooding attack, the attacker sends a
storm of mac-addresses (frames) with different values.
The goal of the attacker is to fill up the cam table. Port-
Security can be used to limit the number of mac-
addresses allowed on the port.

Question 10. Which Protocol Does Https Uses At The
Transport Layer For Sending And Receiving
Data?
Answer :

TCP


Jobs in Qatar
All New Jobs - All Categories. Apply
Today!
 A
d

b
a
y
t
.
c
o
m

V
i
s
i
t
S
i
t
e















Question 11. ____ Typically Involves Using Client-side
Scripts Written In Javascript That Are Designed To
Extract Information From The Victim And Then Pass
The Information To The Attacker?
Answer :

Correct
Answer: Cross site scripting (XSS)

Question 12. What Is Srm (security Reference
Monitor)?
Answer :

The Security Reference Monitor is the
kernel mode component that does the actual access
validation, as well as audit generation

Question 13. In A Company Of 500 Employees, It Is
Estimated That _____ Employees Would Be Required
To Combat A Virus Attack?
Answer :

five employees.

Question 14. According To The Research Group
Postini, Over ____ Of Daily E-mail Messages Are
Unsolicited And Could Be Carrying A Malicious
Payload?
Answer :
two-thirds.
Question 15. A Software-based ____ Attempt To
Monitor And Possibly Prevent Attempts To Attack A
Local System?
Answer :

HIDS

Question 16. A Security ____ Focuses On The
Administration And Management Of Plans, Policies,
And People?
Answer :

manager.

Question 17. Under The _____ , Healthcare
Enterprises Must Guard Protected Health Information
And Implement Policies And Procedures To
Safeguard It, Whether It Be In Paper Or Electronic
Format?
Answer :
HIPAA.
Question 18. How Did Early Computer Security
Work?
Answer :

It was pretty simple- just passwords to
protect one's computer. With the innovation of the internet,
however, computers have increased security with firewalls
and hundreds of anti-virus programs.

Question 19. What Is A Firewall?
Answer :

A Firewall is
software that blocks unauthorized users from connecting
to your computer. All computers at Bank Street are
protected by a firewall which is monitored and updated by
CIS.

Question 20. Business ____ Theft Involves Stealing
Proprietary Business Information Such As Research
For A New Drug Or A List Of Customers That
Competitors Are Eager To Acquire?
Answer :
data.
Question 21. ____ Monitor Internet Traffic And Block
Access To Preselected Web Sites And Files?
Answer
:

Internet content filters.

Question 22. What Is Another Name For Unsolicited E-
mail Messages?
Answer :

spam

Question 23. The ____ Is The Link Between The
Cellular Network And The Wired Telephone World And
Controls All Transmitters And Base Stations In The
Cellular Network?
Answer :

MTSO

Question 24. ____ Technology Enables A Virtual
Machine To Be Moved To A Different Physical
Computer With No Impact To The Users?
Answer :

Live
migration

Question 25. A(n) ____ Finds Malicious Traffic And
Deals With It Immediately?
Answer :

IPS

Question 26. A ____ Virus Infects The Master Boot
Record Of A Hard Disk Drive?
Answer :

boot

Question 27. Can Police Track An Ip Address After It
Has Been Changed?
Answer :

Sometimes-for example, if
the user has a dynamic IP address, and their IP address
changes within this system as usual, it can generally be
tracked. If the user uses a proxy service to make their IP
address appear as if it is located in some random other p

Question 28. ____ Is A Software Program That
Delivers Advertising Content In A Manner That Is
Unexpected And Unwanted By The User?
Answer
:

Adware

Question 29. Encryption Under The Wpa2 Personal
Security Model Is Accomplished By ____?
Answer
:

AES-CCMP

Question 30. According To The 2007 Fbi Computer
Crime And Security Survey, The Loss Due To The
Theft Of Confidential Data For 494 Respondents Was
Approximately ____?
Answer :

$10 million.

Question 31. ____, Also Called Add-ons, Represent A
Specific Way Of Implementing Activex And Are
Sometimes Called Activex Applications?
Answer
:

ActiveX controls.

Question 32. What Is A Sid (security Id)?
Answer :

SID
stands for Security Identifier and is an internal value used
to uniquely identify a user or a group. A SID contain * User
and group security descriptors * 48-bit ID authority *
Revision level * Variable sub authority values

Question 33. ____ Can Fully Decode Application-layer
Network Protocols. Once These Protocols Are
Decoded, The Different Parts Of The Protocol Can Be
Analyzed For Any Suspicious Behavior?
Answer
:

Protocol analyzers

Question 34. A ____ Is A Computer Program Or A Part
Of A Program That Lies Dormant Until It Is Triggered
By A Specific Logical Event?
Answer :

logic bomb

Question 35. A ____ Is A Cumulative Package Of All
Security Updates Plus Additional Features.
Answer
:

service pack

Question 36. The Goal Of ____ Is To Prevent
Computers With Suboptimal Security From Potentially
Infecting Other Computers Through The
Network?
Answer :

NAC

Question 37. ____ Is A Windows Vista And Windows
Xp Service Pack 2 (sp2) Feature That Prevents
Attackers From Using Buffer Overflow To Execute
Malware?
Answer :

DEP

Question 38. ____ Are Portable Communication
Devices That Function In A Manner That Is Unlike
Wired Telephones?
Answer :

Cell phones

Question 39. A ____ Is A Single, Dedicated Hard Disk-
based File Storage Device That Provides Centralized
And Consolidated Disk Storage Available To Lan
Users Through A Standard Network
Connection?
Answer :

NAS

Question 40. What Is Administrator Privileges When
Trying To Install A Download?
Answer :

Administrator
privileges allows the user full access to a program or
network second only to the system account. If you don't
have administrator privileges, you cannot do certain things
You may be able use a program, but not upgrade it.

Question 41. With Operating System Virtualization, A
Virtual Machine Is Simulated As A Self-contained
Software Environment By The ____ System (the
Native Operating System To The Hardware)?
Answer
:

host

Question 42. While Most Attacks Take Advantage Of
Vulnerabilities That Someone Has Already Uncovered,
A(n) ____ Occurs When An Attacker Discovers And
Exploits A Previously Unknown Flaw?
Answer :

zero
day

Question 43. ____ Enables The Attacker's Computer
To Forward Any Network Traffic It Receives From
Computer A To The Actual Router?
Answer :

IP
forwarding.

Question 44. A(n) ____ Is A Computer Programming
Language That Is Typically Interpreted Into A
Language The Computer Can Understand?
Answer
:

scripting language

Question 45. In A ____ Attack, Attackers Can
Attackers Use Hundreds Or Thousands Of Computers
In An Attack Against A Single Computer Or
Network?
Answer :

distributed

Question 46. What Is The Maximum Fine For Those
Who Wrongfully Disclose Individually Identifiable
Health Information With The Intent To Sell It?
Answer
:

$250,000

Question 47. _____ Ensures That Information Is
Correct And That No Unauthorized Person Or
Malicious Software Has Altered That Data?
Answer
:

Integrity

Question 48. The Plain Text To Be Transmitted Has A
Cyclic Redundancy Check (crc) Value Calculated,
Which Is A Check Sum Based On The Contents Of The
Text. Wep Calls This The ____ And Append It To The
End Of The Text?
Answer :

Correct Answer: integrity
check value (ICV)

Question 49. The _____ Act Is Designed To Broaden
The Surveillance Of Law Enforcement Agencies So
They Can Detect And Suppress Terrorism?
Answer
:

USA Patriot

Question 50. The Single Most Expensive Malicious
Attack Was The 2000 ____, Which Cost An Estimated
$8.7 Billion?
Answer :

Love Bug.

Question 51. Live Migration Can Be Used For ____; If
The Demand For A Service Or Application Increases,
Then Network Managers Can Quickly Move This High-
demand Virtual Machine To Another Physical Server
With More Ram Or Cpu Resources?
Answer :

load
balancing

Question 52. The ____ Are The Operating System
Settings That Impose How The Policy Will Be
Enforced?
Answer :

configuration baselines

Question 53. ____ Involves Using Someone's Personal
Information, Such As Social Security Numbers, To
Establish Bank Or Credit Card Accounts That Are
Then Left Unpaid, Leaving The Victim With The Debts
And Ruining Their Credit Rating?
Answer :

Identity theft

Question 54. Targeted Attacks Against Financial
Networks, Unauthorized Access To Information, And
The Theft Of Personal Information Is Sometimes
Known As ____?
Answer :

cybercrime

Question 55. The Goal Of ____ Is To Make It Harder To
Predict Where The Operating System Functionality
Resides In Memory?
Answer :

ASLR

Question 56. Instead Of The Web Server Asking The
User For The Same Information Each Time She Visits
That Site, The Server Can Store That User-specific
Information In A File On The User's Local Computer
And Then Retrieve It Later. This File Is Called A(n)
____?
Answer :

cookie

Question 57. One Type Of Virtualization In Which An
Entire Operating System Environment Is Simulated Is
Known As ____ Virtualization?
Answer :

operating
system

Question 58. Wep Accomplishes Confidentiality By
Taking Unencrypted Text And Then Encrypting Or
"scrambling" It Into ____ So That It Cannot Be Viewed
By Unauthorized Parties While Being
Transmitted?
Answer :

ciphertext.

Question 59. ____ Authentication Is Based Upon The
Fact That Only Pre-approved Wireless Devices Are
Given The Shared Key?
Answer :

Shared key

Question 60. ____ Work To Protect The Entire Network
And All Devices That Are Connected To It?
Answer
:

NIPS

Question 61. Flash Memory Is A Type Of ____, Non
Volatile Computer Memory That Can Be Electrically
Erased And Rewritten Repeatedly?
Answer :

EEPROM

Question 62. What Is The Primary Function Of A
Firewall?
Answer :

Its primary function is to prevent
accesses from untrusted (or undesired) external systems
to internal systems and services, and to prevent internal
users and systems to access external untrusted or
undesired systems and services. More generally, its pur

Question 63. ____ Hinges On An Attacker Being Able
To Enter An Sql Database Query Into A Dynamic Web
Page?
Answer :

SQL injection

Question 64. ____ Are Designed To Inspect Traffic,
And Based On Their Configuration Or Security Policy,
They Can Drop Malicious Traffic?
Answer :

NIPS

Question 65. An Attacker Could Alter The Mac
Address In The Arp Cache So That The
Corresponding Ip Address Would Point To A Different
Computer, Which Is Known As ____?
Answer :

ARP
poisoning.

Question 66. Creating And Managing Multiple Server
Operating Systems Is Known As ____
Virtualization?
Answer :

server

Question 67. A ____ Is A Program Advertised As
Performing One Activity But Actually Does Something
Else?
Answer :

Trojan

Question 68. A(n) ____ Attack Makes A Copy Of The
Transmission Before Sending It To The
Recipient?
Answer :

replay

Question 69. ____ Is An Image Spam That Is Divided
Into Multiple Images?
Answer :

GIF layering

Question 70. A Computer ____ Is A Program That
Secretly Attaches Itself To A Legitimate "carrier,"
Such As A Document Or Program, And Then Executes
When That Document Is Opened Or Program Is
Launched?
Answer :

virus

Question 71. _____ Ensures That Only Authorized
Parties Can View Information?
Answer :

Confidentiality

Question 72. Coppa Requires Operators Of Online
Services Or Web Sites Designed For Children Under
The Age Of _____ To Obtain Parental Consent Prior
To The Collection, Use, Disclosure, Or Display Of A
Child's Personal Information?
Answer :

13

Question 73. ____ Is A Process Of Ensuring That Any
Inputs Are "clean" And Will Not Corrupt The
System?
Answer :

Input validation

Question 74. In Order To Avoid Detection Some
Viruses Can Alter How They Appear. These Are
Known As ____ Viruses?
Answer :

metamorphic

Question 75. ____ Is A Language Used To View And
Manipulate Data That Is Stored In A Relational
Database?
Answer :

SQL

Question 76. What Is The Most Secure Operating
System?
Answer :

Security is a difficult and sometimes
controversial thing to analyze. The only truly "secure"
operating systems are those that have no contact with the
outside world. The firmware in your DVD player is a good
example. Among all modern general purpose op.

Question 77. What Do You Do If Spybot Will Not
'immunize'?
Answer :

redownload spybot.

Question 78. The Goal Of A ____ Is To Hide The Ip
Address Of Client Systems Inside The Secure
Network?
Answer :

proxy server

Question 79. ____ Uses "speckling" And Different
Colors So That No Two Spam E-mails Appear To Be
The Same?
Answer :

Geometric variance

Question 80. What Is Sam (security Account
Manager)?
Answer :

SAM stands for Security Account
Manager and is the one who maintains the security
database, stored in the registry under HKLMSAM. It
serves the Local Security Authority (LSA) with SIDs. The
SAM maintains the user account database.

Question 81. Today's Computer Systems Have A(n)
____ Chip In Which The Contents Can Be Rewritten To
Provide New Functionality?
Answer :

PROM

Question 82. ____ Is A Means Of Managing And
Presenting Computer Resources By Function Without
Regard To Their Physical Layout Or Location?
Answer
:

Virtualization

Question 83. A ____ Virus Can Interrupt Almost Any
Function Executed By The Computer Operating
System And Alter It For Its Own Malicious
Purposes?
Answer :

resident

Question 84. Why Is Wep Security Not Recommended
For Wireless Networks?
Answer :

WEP security is easily
compromised - usually in 60 seconds or less. Part of the
problem is that WEP security was developed for backward
compatibility with older devices and is a less strong
security measure.

Question 85. Besides Default Rule Sets, What
Activities Are Actively Monitored By Your Ids?
Answer
:

IDSs come with default rule sets to look for common
attacks. These rule sets must also be customized and
augmented to look for traffic and activities specific to your
organization’s security policy. For example, if your
organization’s security policy prohibits peer-to-peer
communications, then a rule should be created to watch
for that type of activity. In addition, outbound traffic should
be watched for potential Trojans and backdoors.

Question 86. What Type Of Traffic Are You Denying At
The Firewall?
Answer :

There should be a default deny
rule on all firewalls to disallow anything that is not explicitly
permitted. This is more secure than explicitly denying
certain traffic because that can create holes and
oversights on some potentially malicious traffic.

Question 87. Where Is Your Organization's Security
Policy Posted And What Is In It?
Answer :

There should
be an overall policy that establishes the direction of the
organization and its security mission as well as roles and
responsibilities. There can also be system-specific policies
to address for individual systems. Most importantly, the
policies should address the appropriate use of computing
resources. In addition, policies can address a number of
security controls from passwords and backups to
proprietary information. There should be clear procedures
and processes to follow for each policy. These policies
should be included in the employee handbook and posted
on a readily accessible intranet site.

Question 88. What Is Security Policy In A Distributed
Network Environment?
Answer :

The security policy
anything really, whatever your admin enforces. Everything
from what programs you are allowed to what wallpaper
you have can be controlled through GPO's. Usually you
will find the common one are that every computer has to
get updates, every computer has to have an AV

Question 89. What Is Preprocessing In Ids?
Answer
:

Before analysis all the captured data needs to be
organized in a particular format or pattern for the
classification purpose this whole process of organizing
data is known as preprocessing. In this process data that
is collected from the IDS or IPS sensors needs to be put
into some canonical format or a structured database
format based on the preprocessing. Once the data is
formatted it is further broken down into classifications,
which totally depends on the analysis scheme used. Once
the data is classified, it is concatenated and used along
with predefined detection templates in which the variables
 are replaced with real-time data.

Question 90. What Are The Tolerable Levels Of Impact
Your Systems Can Have?
Answer :

An organization must
understand how an outage could impact the ability to
continue operations. For example, you must determine
how long systems can be down, the impact on cash flow,
the impact on service level agreements, and the key
resources that must be kept running.

Question 91. How Are Subnets Used To Improve
Network Security?
Answer :

Subnets improve network
security and performance by arranging hosts into different
logical groups. Subnetting is required when one network
address needs to be distributed across multiple network
segments. Subnetting is required when a company uses
two or more types of network technologies like Ethernet
and Token Ring.

Question 92. What Does Your Network/security
Architecture Diagram Look Like?
Answer :

The first
thing you need to know to protect your network and
systems is what you are protecting. You must know:
The physical topologies
Logical topologies (Ethernet, ATM, 802.11, VoIP, etc.)
Types of operating systems
Perimeter protection measures (firewall and IDS placement,
etc.)
Types of devices used (routers, switches, etc.)
Location of DMZs
IP address ranges and subnets
Use of NAT In addition, you must know where the diagram is
stored and that it is regularly updated as changes are
made.

Question 93. What Security Measures Are In Place For

In-house Developed Applications?
Answer :

Any
development that is taking place in house should include
security from the beginning of the development process.
Security needs to be a part of standard requirements and
testing procedures. Code reviews should be conducted by
a test team to look for vulnerabilities such as buffer
overflows and backdoors. For security reasons, it is not a
good idea to subcontract development work to third
parties.

Question 94. Why Is 802.11 Wireless More Of A
Security Problem Than Any Other Type Of
Network?
Answer :

Wireless is typically less secure
because it uses radio waves for transmission. In other
words, you have your data "floating" in airspace which
makes it more susceptible to being compromised
(hacked). With a wired connection someone cannot "steal"
your data frames (packets) unless they physically connect
to the network cabling. Additionally, the level of security
built into wireless technology is less advanced than that of
wired networks. This is mainly due to the fact that 802.11
is a relatively newer protocol standard. Manufacturers
(both hardware and software) are developing better
security for wireless systems and it is possible to harden
the security of a WLAN by using the current security
protocols along with using some third-party software. For
additional specific information read the RFC standards for
802.11.

Question 95. What Resources Are Located On Your
Internal Network?
Answer :

In addition to internal web,
mail, and DNS servers, your internal network could also
include databases, application servers, and test and
development servers.

Question 96. What Is Your Backup Policy?
Answer
:

VPNs should be used for remote access and other
sensitive communication. IPSEC is a great choice for this
purpose. Strong encryption protocols such as 3DES and
AES should be used whenever possible. Web access to
sensitive or proprietary information should

Question 97. You Are Working On A Router That Has
Established Privilege Levels That Restrict Access To
Certain Functions. You Discover That You Are Not
Able To Execute The Command Show Running-
configuration. How Can You View And Confirm The
Access Lists That Have Been.
Answer :

show ip interface
Ethernet 0 The only command that shows which access
lists have been applied to an interface is show ip interface
Ethernet 0. The command show access-lists displays all
configured access lists, and show ip access-lists displays
all configured IP access lists, but neither command
indicates whether the displayed access lists have been
applied to an interface.

Question 98. What Is The Defining Difference Between
Computer Security And Information Security?
Answer
:

Ar 25-2

Question 99. How Are You Monitoring For Trojans
And Back Doors?
Answer :

In addition to periodic
vulnerability scanning, outgoing traffic should be inspected
before it leaves the network, looking for potentially
compromised systems. Organizations often focus on
traffic and attacks coming into the network and forget
about monitoring outgoing traffic. Not only will this detect
compromised systems with Trojans and backdoors, but it
will also detect potentially malicious or inappropriate
insider activity.

Question 100. What Types Of Idss Does Your
Organization Use?
Answer :

To provide the best level of
detection, an organization should use a combination of
both signature-based and anomaly-based intrusion
detection systems. This allows both known and unknown
attacks to be detected. The IDSs should be distributed
throughout the network, including areas such as the
Internet connection, the DMZ, and internal networks.

Question 101. How Does An Encryption Help Security
Of An Network?
Answer :

One of the key objectives of
computer security is confidentiality - information is only
available to those who are supposed to have access to it.
Encryption helps protect confidentiality of information
transmitted over a network by (if it works as intended)
making it difficult or impossible for someone who is not
authorized to have the information to make sense of it if
they intercept the information in transit. In cases of data
stored on a network, if it is stored in encrypted form, it can
make it difficult or impossible for an attacker to get
anything useful from the encrypted file.

Question 102. How Can An Operating Systems Help
Administrators Control A Network And Manage
Security?
Answer :

To Abe able to manage and control a
network properly, your computer would have to have
server preferences. Server Operating Systems such as
Microsoft Server 2008 can be used for security
management over a network, but requires a fair bit of
insight to operate and are mostly used by IT professionals
only. Group Policy Controls, an Advanced firewall with by
the minute updates, Network Access Protection, Network
Policy and access System. Windows 7 has a few network
security capabilities built in...

Question 103. How Often Are You Performing
Vulnerability Scanning?
Answer :

An organization should
be performing vulnerability scanning as often as possible,
depending on the size of the network. The scanning
should be scheduled to allow adequate time to review the
reports, discover anything that has changed, and mitigate
the vulnerability.

Question 104. Why Is Your Federal System A Double
Security?
Answer :

because it contains top secret
information.

Question 105. How Often Are Your Systems
Patched?
Answer :

Systems should be patched every time
a new patch is released. Many organizations don’t patch
regularly and tend to not patch critical systems because
they don’t want to risk downtime. However, critical
systems are the most important to patch. You must
schedule regular maintenance downtime to patch
systems. As vulnerabilities are discovered, attackers often
release exploits even before system patches are
available. Therefore, it is imperative to patch systems as
soon as possible.

Question 106. What Is Availability For Ia
Security?
Answer :

One of the basic themes of IA is that it
is composed of three principles - which have the
memorable acronym CIA. C = confidentiality: only those
who should be able to see the data can see it. I = integrity:
the data is only changed by those authorized to change it
and is not being corrupted accidentally or intentionally. A =
availability: users can access the data when they want to
or need to.

Question 107. What Are The Specific Threats To Your
Organization?
Answer :

In addition to identifying the
critical business systems and processes, it is important to
identify the possible threats to those systems as well as
the organization as a whole. You should consider both
external and internal threats and attacks using various
entry points (wireless, malicious code, subverting the
firewall, etc.). Once again, this will assist in implementing
the appropriate security protections and creating business
continuity and disaster recovery plans

Question 108. How Does Symmetric Key Encryption
Work?
Answer :

Symmetric encryption requires that both
parties (sender and receiver) know and have the exact
same encryption key. This key is used both for encrypting
and decrypting the data. Using the same encryption
algorithm means that only those individuals that know or
have the same key will be able to read any messages
encrypted by the symmetric key.

Question 109. What Is Ring Protection In Sdh?
Answer
:

Ring protection is a system where multiplexers are
connected in a ring topology. If a single span fails traffic
switches around the other side of the ring.

Question 110. What Physical Security Controls Are In
Place In Your Organization?
Answer :

Physical security
is a large area that must be addressed by an organization.
Examples of physical controls includes physical access
controls (signs, locks, security guards, badges/PINs, bag
search/scanning, metal detectors), CCTV, motion
detectors, smoke and water detectors, and backup power
generators.

Question 111. What Is Meant By The Term Securing
Your Perimeter Network Security?
Answer :

your
perimeter network is the network you operate such as you
have the internet and your network your network is your
perimeter

Question 112. Is Stand Alone Computer
Secure?
Answer :

Of course viruses can be spread
through floppy disks, usb keys or other methods so being
a standalone computer not connected to any network
doesn't mean the computer can not be infected though the
information cannot be leaked via the network to external
persons. However, there is also physical security of the
computer itself, and that where it gets interesting
depending on who and what your trying to secure the pc
from. If for instance the pc is sitting in a public area, and
you are not worried just about external threats but also
potential employee data theft then one should assume no
information on the pc is secure even if the pc is
standalone.

Question 113. Which Layer Is Done By Congestion
Control?
Answer :

at the network layer, congestion control
mechanism takes place.

Question 114. What Types Of Attacks Are You
Seeing?
Answer :

Typically an organization sees a
constant stream of port scan attacks. These are a regular
occurrence on the Internet as a result of attackers and
worms. An organization should not be seeing many
substantial attacks such as compromises, backdoors, or
exploits on systems. This would indicate that the security
defenses are weak, patching may not be occurring, or
other vulnerabilities exist.

Question 115. How Can A Switch Help Reduce
Network Security Problems?
Answer :

Switches use
routing table which does allow to brandband your
connection requests how hubs do. It protects you from
sniffing programs.

Question 116. What Is Security?
Answer :

Security is the
degree of protection to safeguard a nation, union of
nations, persons or person against danger, damage, loss,
and crime. Security as a form of protection are structures
and processes that provide or improve security as a
condition. The Institute for Security and Open
Methodologies (ISECOM) in the OSSTMM 3 defines
security as "a form of protection where a separation is
created between the assets and the threat". This includes
but is not limited to the elimination of either the asset or
the threat.

Question 117. How Are You Protecting Against Social
Engineering And Phishing Attacks?
Answer :

The best
way to protect against social engineering and phishing
attacks is to educate the users. Employees should attend
security awareness training that explains these types of
attacks, what to expect, and how to respond. There should
also be a publicly posted incidents email address to report
suspicious activity.

Question 118. What Is The Need For Network
Security?
Answer :

The need for network security is quite
obvious, (no offense to the asker), but, it is simply thus:
There are criminal activities in every field, computers
being no exception. People like to store private
information on computers. If a criminal was able to slip
onto your network, they would be able to access any
unguarded computer, and retrieve information off of it
once they have access. Make sure you keep AT LEAST
ONE password on every computer you own, multiple
different ones if it allows it. 

Question 119. Difference Between Network And
Operating System Security?
Answer :

Network security
concentrates on the packets of information flowing
between computer systems. Operating System security
controls access to resources on the server itself.
Therefore, the two are looking at different things in terms
of security.

Question 120. What Is Your Wireless
Infrastructure?
Answer :

Part of knowing your network
architecture includes knowing the location of wireless
networks since they create another possible entry point for
an attacker. You must also confirm whether they are being
used for sensitive data and are they secured as best as
possible.

Question 121. What Desktop Protections Are
Used?
Answer :

Desktops should have a combination of
anti-virus software, personal firewall, and host-based
intrusion detection. Each of these software packages must
be regularly updated as new signatures are deployed.
They must also be centrally managed and controlled.

Question 122. What Is The Difference Between An
Exploit And Vulnerability In Information
Security?
Answer :

A vulnerability is a weak point in a
system. This implies a risk, especially to confidential
information. An exploit is a means of taking advantage of
the vulnerability and using it to take advantage of a
system or network. Just because something has been
identified as a vulnerability doesn't mean that it has been
used to compromise a system. The presence of the exploit
means someone has successfully used that weakness
and taken advantage of it.

Question 123. What Applications And Services Are
Specifically Denied By Your Organization's Security
 Policy?
Answer :

Your organization’s security policy
should specify applications, services, and activities that
are prohibited. These can include, among others:
Viewing inappropriate material
Spam
Peer-to-peer file sharing
Instant messaging
Unauthorized wireless devices
Use of unencrypted remote connections such as Telnet and
FTP

Question 124. What Is Message Control

System?
Answer :

A method for controlling messages in a
software system. The method activates a report-handling
module when a subroutine has a message to send. The
subroutine passes an identification to the report-handling
module. The subroutine then passes a message and
message level to the report handling module. The report-
handling module then determines the message level to be
reported for that subroutine, the process from which that
subroutine is sending messages and the message level to
be reported for that process. If the message level of the
message compares correctly to the message level of the
subroutine and the process, the message is reported.

Question 125. How Do You Stop A Computer To
Broadcast?
Answer :

Three basic ways: On most laptops
there is a switch on the front On most towers there is a
USB stick to unplug On all computers WIFI and Blue-tooth
can be disabled from "my computer".

Question 126. How Is Your Wireless Infrastructure
Secured?
Answer :

Wireless access must at least use
WEP with 128-bit encryption. Although this provides some
security, it is not very robust, which is why your wireless
network should not be used for sensitive data. Consider
moving to the 802.11i standard with AES encryption when
it is finalized

Question 127. How Do You Remove Network Security
Keys?
Answer :

go to your router options on your
computer and it should say remove

Question 128. How Often Is Your Disaster Recovery
Plan Tested?
Answer :

The plan is no good unless it is
tested at least once a year. These tests will iron out
problems in the plan and make it more efficient and
successful if/when it is needed. Testing can include
walkthroughs, simulation, or a full out implementation.

Question 129. Where, When, And What Type Of
Encryption Is Used?
Answer :

VPNs should be used for
remote access and other sensitive communication. IPSEC
is a great choice for this purpose. Strong encryption
protocols such as 3DES and AES should be used
whenever possible. Web access to sensitive or proprietary
information should be protected with 128-bit SSL. Remote
system administration should use SSH. Sometimes file
system encryption is also used to protect stored data.

Question 130. How Often Are Logs Reviewed?
Answer
:

Logs should be reviewed every day. This includes IDS
logs, system logs, management station logs, etc. Not
reviewing the logs is one of the biggest mistakes an
organization can make. Events of interest should be
investigated daily. It can be a very tedious task for a single
person to do this job as their only assignment (unless they
really enjoy it). It is better to have a log review rotation
system amongst the security team.

Question 131. What Is Network Security?
Answer
:

Network security[1] consists of the provisions and policies
adopted by a network administrator to prevent and monitor
unauthorized access, misuse, modification, or denial of a
computer network and network-accessible resources.
Network security involves the authorization of access to
data in a network, which is controlled by the network
administrator. Users choose or are assigned an ID and
password or other authenticating information that allows
 them access to information and programs within their
authority. Network security covers a variety of computer
networks, both public and private, that are used in
everyday jobs conducting transactions and
communications among businesses, government
agencies and individuals. Networks can be private, such
as within a company, and others which might be open to
public access. Network security is involved in
organizations, enterprises, and other types of institutions.
It does as its title explains: It secures the network, as well
as protecting and overseeing operations being done. The
most common and simple way of protecting a network
resource is by assigning it a unique name and a
corresponding password.

Question 132. How Do You Prevent Ddos
Attack?
Answer :

You do not have much choice, only
correctly configured firewall/iptables (which is not a trivial
task to do) can help you to prevent it. But there is no
100%

Question 133. What Is Included In Your Disaster
Recovery Plan?
Answer :

Your disaster recovery plan
(DRP) should include recovery of data centers and
recovery of business operations. It should also include
recovery of the accrual physical business location and
recovery of the business processes necessary to resume
normal operations. In addition, the DRP should address
alternate operating sites.

Question 134. What Is Your Organization's Password
Policy?
Answer :

A password policy should require that a
password:
Be at least 8 characters long
Contain both alphanumeric and special characters
Change every 60 days
Cannot be reused after every five cycles
Is locked out after 3 failed attempts In addition, you should be
performing regular password auditing to check the
 strength of passwords; this should also be
documented in the password policy.

Question 135. What Resources Are Located On Your

Dmz?
Answer :

Only systems that are semi-public should
be kept on the DMZ. This includes external web servers,
external mail servers, and external DNS. A split-
architecture may be used where internal web, mail, and
DNS are also located on the internal network.

Question 136. Are You Performing Content Level
Inspections?
Answer :

In addition to the content level
inspection performed by the IDS, specific content
inspections should also be performed on web server traffic
and other application traffic. Some attacks evade
detection by containing themselves in the payload of
packets, or by altering the packet in some way, such as
fragmentation. Content level inspection at the web server
or application server will protect against attacks such as
those that are tunneled in legitimate communications,
attacks with malicious data, and unauthorized application
usage.

Question 137. What Are Your Critical Business
Systems And Processes?
Answer :

Identifying your
critical business systems and processes is the first step an
organization should take in order to implement the
appropriate security protections. Knowing what to protect
helps determine the necessary security controls. Knowing
the critical systems and processes helps determine the
business continuity plan and disaster recovery plan
process. Critical business systems and processes may
include an ecommerce site, customer database
information, employee database information, the ability to
answer phone calls, the ability to respond to Internet
queries, etc.

Question 138. What Is An Ip Grabber?
Answer :

An ip
grabber is a program that will find the ip address of
another computer. Often used by hackers.

Question 139. What Is The Difference Between
Network Security And Cryptography?
Answer
:

Cryptography is the deliberate attempt to obscure or
scramble the information so that only an authorized
receiver can see the message. Network security may
employ cryptography, but has many other tools to secure
a network, including firewalls, auditing, Intrusion Detection
Systems, and so forth. Cryptography would be used only
when trying to keep messages secret when sending them
across a network or keeping information secret in a file.

Question 140. What Are The Three Legs Of Network
Security?
Answer :

The three main tenets of security
overall area: Confidentiality Availability Integrity.

Question 141. What Type Of Remote Access Is
Allowed?
Answer :

Remote access should be tightly
controlled, monitored, and audited. It should only be
provided over a secure communication channel that uses
encryption and strong authentication, such as an IPSEC
VPN. Desktop modems (including applications such as
PCAnywhere), unsecured wireless access points, and
other vulnerable methods of remote access should be
prohibited.

Question 142. How Do You Secure A Wireless
Network?
Answer :

Most wireless routers allow you to
encrypt using a passphrase. When you do choose a
password, make sure that it uses uppercase, lowercase,
numbers, and special characters. You will want to stay
away from any words or phases that can be found in the
dictionary. And set it for WPA2

Question 143. What Is An Arp And How Does It
Work?
Answer :

ARP(ADDRESS RESOLUTION
PROTOCOL) is a network layer protocol which associates
the physical hardware address of a network
node(commonly known as a MAC ADDRESS) to its ip
address. now an ARP creates a table known as ARP
CACHE/TABLE that maps ip addresses to the hardware
addresses of nodes on the local network.
if based on the ip
address it sees that it has the node's mac address in its
ARP TABLE then transmitting to that ip address is done
quicker because the destination is known and voila
network traffic is reduced.

Question 144. Explain What Are Digital Signatures
And Smart Cards?
Answer :

Digital signature :
Information that is encrypted with an entity private key and
is appended to a message to assure the recipient of the
authenticity and integrity of the message. The digital
signature proves that the message was signed by the
entity that owns, or has access to, the private key or
shared secret symmetric key.
smart cards : Smart cards
help businesses evolve and expand their products and
services in a rapidly changing global market. In addition to
the well known commercial applications (banking,
payments, access control, identification, ticketing and
parking or toll collection), in recent years, the information
age has introduced an array of security and privacy issues
that have called for advanced smart card security
applications (secure logon and authentication of users to
PC and networks, storage of digital certificates, passwords
and credentials, encryption of sensitive data, wireless
communication subscriber authentication, etc.)

Question 145. Explain Difference Between Broadcast
Domain And Collision Domain?
Answer :

Broadcast
Domain
send the packet to all the Present Network
IT may
be send by the person
it may broadcast by the switch
when the address not found in the Network.
For breaking
broadcast domain We can Use Router
Collision
Domain:
Switch has no collision as compare to hun (layer
on Device Broadcast Domain is the area where when one
device in the network sends the data or packet it will
received by all the devices present over the network.

Question 146. What Is Kerberos Protocol?
Answer
:

Kerberos is an authentication protocol, it is named after a
dog who is according to the Greek mythology, - is said to
stand at the gates of Hades.In the terms of computer
networking it is a collection of software used in large
networks to authenticate and establish a user's claimed
identity. It is developed by MIT and using a combination of
encryption as well as distributed databases so that the
user can log in start a session.
It has some disadvantages
though. As I said Kereberos had been developed by MIT
under the project Athena, - Kerberos is designed to
authenticate the end users on the servers.

Question 147. Explain How Does Trace Route Work?
Now How Does Trace Route Make Sure That The
Packet Follows The Same Path That A Previous (with
Ttl - 1) Probe Packet Went In?
Answer :

First of all see
traceroute works using ICMP packets. First source sends
an ICMP packet with Time to Live (TTL) field as 1 to the
destination address. Now intermediate router receives the
packet and sees that TTL field has expired, so it sends a
ICMP TTL expired reply. Now the source machine again
sends the ICMP packet with TTL field as 2. This time
second intermediate router replies. This process is
repeated till destination is reached. That way the source
can get the entire route upto destination.

Question 148. Explain What Are All The Technical
Steps Involved When The Data Transmission From
Server Via Router?
Answer :

When a packet is sent out of
a server, It has source and Destination IP, source and
destination Port no and source and destination Mac ID,
first it is sent to the switch, The switch checks the packet
whether the MAC ID is in the MAC-Address-Table if not it
broad casts the message if the destination IP is not in the
same segment Then it forward the packet to the gateway
(normally the router or firewall). then the router/firewall
checks its routing table and access lists if it has the
information about the destination IP and if it has access to
the destination IP it forwards it to the next hop, and if any
one of the condition fails it just drops the packet.

Question 149. Explain For A Small Lan Which Class Of
Addressing Is Used?
Answer :

For small lan we use
class-c address Explanation:In class C ip address the first
three bytes out of four are for network address while the
last byte is for host address which can range from 1-254
which is smallest lan possible whereas class B has two
bytes and class A has three bytes reserved for host
address which increases number of hosts in those
classes.

Question 150. Explain What Does Cia Stand For In
Security Management?
Answer :

 Confidentiality, Integrity
and Availability CIA means Certified Internal Auditor.
globally accepted and recognized certificate in the field of
internal audits.

Question 151. Explain In Mobile And Computer And
Home Is It Possible That We See And Listen Person
Voice And Activity Carefully For Destroying Their
Privacy?
Answer :

Yes, it can be possible by third party
software in computer and 3g in mobile.In computer third
software like skype can be better media of communication
method.

Question 152. Explain What Is The Role Of Single Sign
On In Authentication Technologies?
Answer :

Single
sign-on (SSO) is mechanism whereby a single action of
user authentication and authorization can permit a user to
access all computers and systems where he has access
permission, without the need to enter multiple passwords.
Single sign-on reduces human error, a major component
of systems failure and is therefore highly desirable but
difficult to implement.
single sign on is an authentication
mechanism with session or cookie preservation, where in
user is prompted only only once in a particular session
with a computer s/he uses, and the same credentials are
used across multiple platform for accessing different
applications. it is like logging into your computer by
authenticating to the domain controller and be able to
access multiple intranet site. second example could to
login to a single website, and have same authentication
used for different applications like forums, image gallery
and email etc.

Question 153. Explain How Do We Use Rsa For Both
Authentication And Secrecy?
Answer :

RSA is based
upon public key/private key concept. For authentication
one can encrypt the hash (MD5/SHA) of the data with his
private key. This is known as digital signature. And
secrecy is achieved by encrypting the data with the public
key of the target user. Generally we dont use RSA for
encryption because of key size (1024 bits). Rather a
symmetric session key (128/256 bit) is established
between communicating parties and is used for
encryption.
RSA -- Authentication can be achieved by
using nonce value (prime number).
Eg: A wanna
communicate with B
The val An1 is encrypted with private
key of A and then with pub key of B. so B can decrypt it
and then B should send back the An1 to A stating it none
other than B
Secrecy is also maintained because they use
their own private keys for decryption

Question 154. What Is Difference Between
Discretionary Access Control And Mandatory Access
Control?
Answer :

DAS (discretionary access control) is
used by itself according to it it is access and controlled
while mas it has to be compulsory give the access
controlled.
MAC is designed and enforced in the initial
stages and can not be changed by entity; from a laymen
angle: OS writing to BIOS is not allowed. DAC is designed
in such a way that access shall be granted based on the
discretion; ex. database table access.

Question 155. Explain What Is Difference Between Arp
& Rarp? How Both Of These Protocols Will Work, And
Where It Will Use?
Answer :

ARP -Meaning of ARP
"Address Resolution Protocol", is used to map ip Network
addresses to the hardware (Media Access Control sub
layer) addresses used by the data link protocol. The ARP
protocol operates between the network layer and the data
link layer in the Open System Interconnection (osi)
model.
RARP-RARP (Reverse Address Resolution
Protocol) is a protocol by which a physical machine in a
local area network can request to learn its IP address from
a gateway server's Address Resolution Protocol (ARP)
table or cache. A network administrator creates a table in
a local area network's gateway router that maps the
physical machine (or Media Access Control - MAC
address) addresses to corresponding Internet Protocol
addresses. When a new machine is set up, its RARP
client program requests from the RARP server on the
router to be sent its IP address. Assuming that an entry
has been set up in the router table, the RARP server will
return the IP address to the machine which can store it for
future use. RARP is available for Ethernet, Fiber
Distributed-Data Interface, and token ring LANs.

Question 156. Explain What Is Meant By Port Blocking
Within Lan?
Answer :

Restricting the users from
accessing a set of services within the local area network is
called port blocking.
we,ll give you the fine example its
nothing but we have to block the switch port with particular
maC address..for example we have 8-port switch ,in that
first port we connected a machine that belongs to this mac
address {4e5a.23bf.34ae.9a4c} and we block the switch
port with this mac address for instance you unplug the
original host and plug the other one now your new
machine will be prevented from accessing switch port
thats the idea.... so if u enabling port blocking command in
a switch only particular machine or intended machine
allow to use access ,other machine will be restricted... port
blocking is used for security purpose...otherwise some
intruders enter into your company and destroy your lan
 with single laptop thats it

Question 157. Explain How Do We Do Authentication
With Message Digest(md5)? (usually Md Is Used For
Finding Tampering Of Data)
Answer :

The unique
number will be generated by MD5, if it is tamped with
someone, the value will be changed so you know you are
tampered

Question 158. The Unique Number Will Be Generated
By Md5, If It Is Tamped With Someone, The Value Will
Be Changed So You Know You Are
Tampered?
Answer :

OSPF has two primary characteristics. The first is that the
protocol is open, which means that its specification is
in the public domain. The OSPF specification is
published as Request For Comments (RFC) 1247.
The second principal characteristic is that OSPF is based on
the SPF algorithm, which sometimes is referred to as
the Dijkstra algorithm, named for the person credited
with its creation.
OSPF is a link-state routing protocol that calls for the sending
of link-state advertisements (LSAs) to all other
routers within the same hierarchical area. Information
on attached interfaces, metrics used, and other
variables is included in OSPF LSAs. As OSPF
routers accumulate link-state information, they use
the SPF algorithm to calculate the shortest path to
each node.
Ospf: Open Shortest Path First. It Uses SPF(Dijkstra) algorithm
and selects the Loop free path. It is a purely classless Routing
protocol(ie sends mask along with the ip address) It supports
SLSM, VLSM, Discontinuous Networks. and the hope count is
Unlimited. It is Having Complex Configuration Including Area,
Process id, Wild card mask. The metric used is bandwidth(10
raise to 8/ Bandwidth). Administrative Distance is 110