Interview Questions & Answers | Information Security | Set 2


Q1. What is the goal of information security  within an organization?

Ans: Goal of Information Security is to address CIA triad. CIA stands for Confidentiality, Integrity and Availability.
Confidentiality: It limits access to information. It is implemented by Encryption, Access Controls and other security measures.
Integrity: It is the assurance that the information is not altered. It is implemented by using Hashing, Digital signatures, Certificates and Non-repudiation.
Availability: It is a guarantee of reliable access to the information by authorized people. It is implemented by creating redundancy (like DR site) and fault tolerance.

Q2. How would you harden user authentication?

Ans: By using two-factor authentication, we can harden user authentication.
Two-factor authentication use “what they have” AND “what they know”.
“what they have” AND “what they know” generally refers to security token and password.

Q3. What are the steps to secure a server?

Ans: Steps to secure a server :

  1. Implementation of SSH Keys.
  2. Update patches and regular vulnerability assessment of Routers, Firewalls and other network devices.
  3. Implement VPNs and Private Networking to create secure connections between remote computers and servers.
  4. Public Key Infrastructure and SSL/TLS Encryption
  5. Service Auditing helps in knowing services running on systems, which ports using for communication, and what protocols are accepted. This data helps network administrator to configure Firewall.
  6. File Auditing and Intrusion Detection Systems

File auditing helps in comparing the current system against a record of the files
An Intrusion Detection System (IDS), helps in monitoring a system or network for unauthorized activity.

 

Q4. List out some important encryption techniques.

Ans: Encryption techniques are:

  1. Triple DES
  2. RSA
  3. Blowfish
  4. Twofish
  5. AES

Q5. How do you determine a vulnerability’s severity?

Ans: Generally link severity with business risk. If you think vulnerability is not actually exploitable, but fix also take not much effort, it is good to fix those vulnerabilities. Try to find risk associated with business, if you found business may get hurt because of vulnerability,  severity will be high and vice versa.

Q6. How do you find security flaws in source code – manual analysis, automated tools, or both? 

Ans: It is very difficult to analyze thousands of lines of source code without using any automated tools. To find security flaws in source code, generally, both manual analysis and automated tools use by a security analyst.

Q7. List out top 10 Web security vulnerabilities.

Ans: OWASP TOP 10:

  1. SQL Injection Attacks
  2. Broken Authentication & Session Management
  3. Cross-Site Scripting (XSS) Attacks
  4. Insecure Direct Object References
  5. Security Misconfiguration
  6. Sensitive Data Exposure
  7. Missing Function Level Access Control
  8. Cross Site Request Forgery Attacks
  9. Using Components with Known Vulnerabilities Components
  10. Unvalidated Redirects and Forwards

Q8. What is DDoS and what tools use for DDoS attack ?

Ans: DDoS stands for Distributed Denial of Service.
DDoS is a type of DOS attack where multiple compromised system attack on the application hosted servers and exhaust all resources.
Tools use for DDoS are LOIC, hyenae, HULK etc.

Q9. What’s more secure, SSL or TLS?

Ans: SSL and TLS are both cryptographic protocols that provide authentication and data encryption between servers, machines and applications operating over a network. Both use similar ciphers and message digests.

SSL v3.0
Was exploited by the POODLE attack and is now obsolete. Must not be used

TLS v1.2
The newest TLS protocol

Enables better use of more secure ciphers
Features enhanced negotiation of the encrypted connections

Q10. What is DNS monitoring?

Ans: DNS monitoring uses network monitoring tools to test connectivity between your authoritative name servers and local recursive servers.
DNS monitoring allows you to test that:

  • Your DNS server resolves correctly the URL that you have provided to expected IPs.
  • Your provided URL is resolved correctly to expected IPs by your specified common DNS server.

Subscribe us to receive more such articles updates in your email.

If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!

Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.

Comments:

Your email address will not be published. Required fields are marked *

 
error: