Network Security Interview questions

The following network security interview questions is a preview from the Book - Network Security interview questions and answers

Buy from Amazon

How can a brute force attack on a router be prevented

A limit for the maximum number of login attempts can be setup on the router. On exceeding the limit, the account can be locked. Logs can be setup on the router to observe the IP address from which the login attempts is generated and an access list set up to block the IP.

Name two radius servers which are used in network environment

IAS Server and FreeRadius.

A switch is configured to authenticate users with a radius server. Which port on the server would be used for radius authentication

UDP port 1812 would be used for the same.

A user needs to access a Windows PC, which is behind a NAT router in office. What method can be used to access the desktop of the PC from home

To access the desktop of a remote PC, windows remote desktop protocol can be used.Since the PC is behind a NAT router, port forwarding can be setup on the router to forward packets to the internal PC. The user at home would initiate remote desktop connection to the internet IP address of the NAT router, which would forward
the request to the internal PC.

A VPN server is to be deployed in an organization. The VPN server would be used by remote users for gaining access to the organization network. The organization has a NAT router, which is used by users inside the organization for internet sharing and has one public IP address. Can the VPN server use the same IP address, which can then be used by remote users.

The VPN server can be setup behind the NAT router and port forwarding configured to allow incoming traffic to the VPN server. The remote users would connect to the public IP address of the NAT router, which would then forward the request to the VPN server.

Which feature on a wireless access point can be used for blocking unauthorized access based on the mac-address

Mac-filtering feature on an access point can be used. The list of allowed mac-addresses can be configured using the feature.

Which field in a STP packet is manipulated in a STP BPDU attack.

The priority value in the STP header is crafted lower than the actual root bridge value, which would make the STP topology change, as lower priority value packet would be elected as the root bridge.

Which is a common feature used by stateless firewalls

Access control lists

What is TKIP and why is it used.

TKIP stands for temporal key integrity protocol. It is used by WPA, wifi protected access to provide encryption services on a wireless network.

Buy from Amazon


The above content is a preview from the Book - Network Security interview questions and answers

Ebook Store – Click Here