Top 100+ Computer Security Interview Questions And Answers
Question 1. How Can I Secure My Client Computers Against My Users?
Answer :
One way to make it harder for the local consumer to do any harm to the gadget is to have a nearby PC without any hard disk or floppy disk. To boot, the machine will want to talk to a boot server over the network.
Question 2. What Is A Firewall?
Answer :
A Firewall is software that blocks unauthorized customers from connecting on your pc. All computers at Bank Street are blanketed by means of a firewall that is monitored and up to date by CIS.
Computer Science Engineering Interview Questions
Question three. What Is Spyware?
Answer :
Spyware is software program that is hooked up without your knowledge. The motive of Spyware is to monitor your computing sports and report this statistics returned to groups for advertising functions. Besides being an invasion of privacy, this software program can cause serious performance issues.
Question four. How Can I Avoid Computer Viruses?
Answer :
Most viruses journey via e mail or net downloads. Never open attachments from unknown senders and be very cautious whilst downloading software from internet sources.
Computer Fundamentals Tutorial
Question five. What Are Privileges (person Rights)?
Answer :
A privilege is used to control get right of entry to to a carrier or item more strictly than is regular with discretionary get right of entry to manage.
Computer Hardware Interview Questions
Question 6. What Is Computer Impersonation?
Answer :
Impersonation is the potential of a thread to execute in a security context aside from from that of the method that owns the thread. This enables a server to behave on behalf of a consumer to get admission to its very own gadgets.
Question 7. How Can I Protect My Home Computer?
Answer :
The first-rate manner to protect your personal computer is to install AntiVirus and Firewall software. CIS does not aid home computers but below are some helpful hyperlinks to facts approximately safeguarding your laptop at home.
Computer Logical Organization Tutorial Computer Fundamentals Interview Questions
Question eight. What Is An Acl (get right of entry to Control List)?
Answer :
An ACL is a list of ACEs.
Question nine. What Makes A Strong Password?
Answer :
Strong passwords are longer than six characters, incorporates letters and numbers or even capital letters. Of route a password is vain if you overlook it, however understand that the use of your birth date or name makes you an easy goal for hackers.
Computer structure Interview Questions
Question 10. How Can I Avoid Spyware?
Answer :
Most Spyware comes from unfastened internet downloads such as screensavers and PeertoPeer applications (Kazaa, LimeWire, etc). The only way to keep away from Spyware is to not installation any of those malicious packages.
Question 11. I Have Been Hearing A Lot About Firewalls, But I Am Not Sure What It Is Or If I Need It. Can You Help?
Answer :
A firewall is basically a software program program that allows you complete get entry to to the Internet and/or your community, even as restricting access on your pc device from outside intrusions.
Internet users are extremely susceptible to hackers, especially when you have cable or ADSL get entry to to the Internet. You virtually need to guard your computer device.
Once you install a firewall, you’ll be amazed at what number of tries to access your pc are blocked by means of your firewall.
Hackers can at once get entry to your computer system with the aid of installing programs along with a key logger which could read each keystroke you make. This data is recorded and despatched returned to the hacker. Private facts together with passwords and credit card numbers can effortlessly be stolen.
A key logger is a small software program application that quietly runs inside the heritage.
As these applications pretty regularly run in DOS, you'll mostin all likelihood in no way recognise it’s jogging. However, you can see if a key logger is running via pressing ‘control’ – ‘alt’ – ‘delete’ to your keyboard. This will launch a window that carries a listing of all of the programs currently going for walks on your device. Review the list and look ahead to applications you don’t recognize.
If you really need to maintain your computer secure, I propose the subsequent:
Purchase a good virus application and keep it updated
Purchase a terrific firewall application and hold it updated
Purchase a application like Pest Patrol and hold it up to date
Computer Basics Interview Questions
Question 12. What Is A Sid (safety Id)?
Answer :
SID stands for Security Identifier and is an internal cost used to uniquely perceive a consumer or a collection.
A SID contain:
User and group security descriptors
48bit ID authority
Revision degree
Variable subauthority values
Computer Science Engineering Interview Questions
Question thirteen. Use The Out Put From Any Network Security Scanner, Which Ever Network Security Scanner Is Used By The Interviewer And Ask The Interviewee To Interpret The Results.What Does The Scanner Output Say, How Would They Use The Information, And How Would They Break The Information Down For The System Administrators?
Answer :
This shall we the interviewer decide how properly the interviewee can interpret and voice returned the results of a security scan, and the way nicely they could talk. The interviewer ought to already have worked with the scanner, its output, and ought to be able to work with the interviewee to decide the finer points of the facts offered.
Question 14. What Is Srm (protection Reference Monitor)?
Answer :
The Security Reference Monitor is the kernel mode thing that does the actual get admission to validation, as well as audit era.
Question 15. What Is An Ace (get entry to Control Entry)?
Answer :
AccessControl Entries this is used to build AccessControl Lists (ACLs).
Each ACE contains the following records:
A SID, that identifies the trustee. A trustee can be a consumer account, organization account, or a logon account for a application together with a Windows NT carrier.
An get admission to mask specifying get right of entry to rights controlled by the ACE.
Flags that shows the form of ACE and flags that decide whether different items or boxes can inherit the ACE from the primary item to which the ACL is hooked up.
Computer Systems Analyst Interview Questions
Question sixteen. What Is Sam (protection Account Manager)?
Answer :
SAM stands for Security Account Manager and is the only who continues the safety database, saved within the registry below HKLMSAM. It serves the Local Security Authority (LSA) with SIDs. The SAM keeps the consumer account database.
Question 17. What Is An Access Token?
Answer :
Each technique has an related get admission to token that is used by the system to confirm whether or not the technique should be granted get admission to to a selected item or not. The get entry to token consists of a user SID, a list of organization SIDs representing the groups the user belongs to, and a listing of user rights (privileges) the person is blessed with.
Computer Operator Interview Questions
Question 18. Are There Any Known Problems With The Screen Saver / Screen Lock Program?
Answer :
Yes. In version three.Five and 3.51, if the administrator decide to kick a consumer off, then the admin has a small time window to look the content of the users modern screen and computing device.
Computer Hardware Interview Questions
Question 19. What Is Authenticode?
Answer :
Authenticode is a manner to ensure customers that code they down load from the internet has no longer been tampered with and offers the code an etched in ID of the software publisher. Microsoft is pushing this as a new way of having higher protection into software distribution over the internet
Question 20. Is It Possible To Use Packet Filters On An Nt Machine?
Answer :
NT 4 comes with builtin assist for packet filtering. It is a easy but nevertheless usable filtering function that the administrator can configure to just let some IP packets reach the real programs strolling at the gadget.
You discover configuration panel for the filtering function on “Control Panel >Network>TCP/IP>Services>Advanced>Security”
Be aware that this easy filtering mechanism isn't a substitute for a actual firewall since it cannot do advanced stuff like safety towards ipspoofing, etc.
Question 21. Can My Page File Hold Sensitive Data?
Answer :
It can. Memory pages are swapped or paged to disk when an application desires bodily reminiscence. Even although the page file (see Control Panel>System >Performance>Virtual Memory) isn't always reachable at the same time as the device is running, it can be accessed via, as an example, booting any other OS.
There is a registry key that can be created in order that the memory manager clears the web page file when the system is going down:
HKLMSYSTEMCurrentControlSetControlSession
ManagerMemoryManagementClearPageFileAtShutdown: 1
Note that the clearing of the web page report only is achieved whilst the machine is introduced down in a controlled fashion. If the machine is just switched off or delivered down in every other brute way, of course no clearing could be carried out.
Question 22. What Is A Null Session?
Answer :
A NULL consultation connection, also called Anonymous Logon, is a way of letting a not logged on consumer to retrieve facts inclusive of person names and stocks over the community. It is utilized by programs along with explorer.Exe to enumerate stocks on far flung servers. The sad component is that it shall we nonlegal users to do greater than that. Particularly exciting is remote registry get right of entry to, where the NULL consultation user has the equal permissions as constructedin group Everyone.
With SP3 for NT4.0 or a restore for NT3.51, a device administrator can restriction the NULL session get entry to, see $$$: Q143474. With this restoration, a new properlyknown SID is described, named “Authenticated Users”, which is Everyone besides NULL consultation connected users. Replacing Everyone in all ACLs on the system with this Authenticated User would be a terrific element.
To try this in a controlled fashion, you may use cacls.Exe for the record device, but should depend upon a few 0.33 birthday party product for the registry ACLs. Using explorer.Exe/winfile.Exe or regedt32.Exe will maximum sincerely wreck the gadget. The motive for that is that those tools replace the ACL in place of enhancing it.
Question 23. What Is Shutdown.Exe?
Answer :
There are a bug in the software shutdown.Exe which can be part of the NT Resource Kit. That malicious program disables the screen saver on a far off gadget
Question 24. What Servers Have Tcp Ports Opened On My Nt System? Or: Is Netstat Broken?
Answer :
Normally, the netstat software must report facts at the fame of the networking connections, routing information, and many others. With the option A or a, it need to list all TCP and UDP to be had connections and servers which might be accepting connection. On Windows NT, even though the documentation states in any other case, this is not the case.
There aren't any simple way to check what services which can be jogging with TCP ports opened to simply accept connections. Currently the handiest manner to get some information about this is to use a port scanner program and take a look at thru every TCP port at the NT gadget. This is not a fool proof way of coping with the hassle.
This is a serious problem in case you plan to have NT based computer systems in the firewall environment. You can not without difficulty hardened them to grow to be bastion hosts, since you are not confident what types of network services that is probably handy from the outside.
It is a confirmed computer virus in Windows NT three.5, three.Fifty one and four.0. I do now not count on Microsoft to fix it soon sufficient.
Update: netstat.Exe is constant as of NT4 SP3, however it still shows some bizarre behavior. For example, on a moderately loaded device, you can find numerous duplicates of open connections.
Computer Fundamentals Interview Questions
Question 25. What Are The Security Issues Related To Odbc Usage?
Answer :
There are numerous safety issues related to ODBC utilization :
Add hooks
Tracing ODBC connections
Any call with indirections, including calls to ODBC records assets, are viable to intercept by using attaching to premade hooks. By tracing ODBC connections, which is a totally legitime component to do in the course of software improvement, you could get access to touchy data, consisting of user name for the linked database.
Question 26. What Is Cryptoapi?
Answer :
CryptoAPI is a hard and fast of encryption APIs that allow builders to develop programs that paintings securely over noncomfy networks, such as the Internet. CryptoAPI is sent with NT version four and the Internet Explorer 3.Zero. Version 2.Zero of CryptoAPI comes with SP3 for NT4.
Question 27. Are Cgi Scripts Insecure?
Answer :
CGI scripts are a main source of security holes. Although the CGI (Common Gateway Interface) protocol is not inherently insecure, CGI scripts must be written with simply as a good deal care because the server itself. Unfortunately a few scripts fall short of this popular and trusting Web directors installation them at their websites without knowing the issues.
Computer structure Interview Questions
Question 28. What Do You See As Challenges To Successfully Deploying/monitoring Web Intrusion Detection?
Answer :
We are attempting to look if the applicant has a extensive know-how of internet security monitoring and IDS problems consisting of:
Limitations of NIDS for web tracking (SSL, semantic troubles with understanding HTTP)
Proper logging – growing the verboseness of logging (Mod_Security audit_log)
Remote Centralized Logging
Alerting Mechanisms
Updating Signatures/Policies
Question 29. What Do You See As The Most Critical And Current Threats Affecting Internet Accessible Websites?
Answer :
To gauge the applicant’s know-how of modern internet associated threats. Topics along with Denial of Service, Brute Force, Buffer Overflows, and Input Validation are all relevant subjects. Hopefully they may point out facts provided by means of net security corporations together with the Web Application Security Consortium (WASC) or the Open Web Application Security Project (OWASP).
Question 30. What Is The Hfnetchk Security Tool?
Answer :
The HFNetChk Security Tool is a device launched with the aid of Microsoft that aids gadget directors within the venture of maintaining protection across Windowsprimarily based servers? it's far a commandline device that enables the administrator to test the patch reputation of all the machines in a network from a important vicinity. The HFNetChk Security Tool page on TechNet gives extra statistics and instructions for down load.
Question 31. What Is The Urlscan Security Tool?
Answer :
Urlscan is a effective IIS protection device that works at the side of the IIS Lockdown Tool to provide IIS Web web page administrators the capability to restrict positive HTTP requests that the server will system, and consequently prevents probably dangerous requests from achieving the server and inflicting harm. The URLScan Security Tool web page on Microsoft TechNet describes its capabilities and utilization, gives answers to common questions, and information steps for download and set up.
Question 32. What Are The Most Important Steps You Would Recommend For Securing A New Web Server? Web Application?
Answer :
Web Server Security:
Update/Patch the net server software
Minimize the server functionality – disable extra modules
Delete default facts/scripts
Increase logging verboseness
Update Permissions/Ownership of documents
Web Application Security:
Make positive Input Validation is enforced inside the code – Security QA checking out
Configured to show commonplace mistakes messages
Implement a software protection policy
Remove or guard hidden documents and directories
Question 33. What Are Some Examples Of You How You Would Attempt To Gain Access?
Answer :
They can also attempt default usernames/passwords or strive SQL Injection queries that provide an SQL actual statement (inclusive of – ‘ OR 1=1#). If they provide SQL examples, then offer them the following Error document statistics and ask them what this indicates.
ODBC Error Code = 37000 (Syntax errors or access violation)
[Microsoft][ODBC SQL Server Driver][SQL Server]Line four: Incorrect syntax close to ‘=’.
Data Source = “ECommerceTheArchSupport2”
SQL = “SELECT QuickJump_Items.ItemId FROM QuickJump_Items WHERE
QuickJump_Items.ItemId <> zero AND QuickJumpId =”
The errors passed off while processing an detail with a preferred identifier of (CFQUERY), occupying document position (1:1) to (1:42) within the template report K:InetPubclientsloginhttpailment.Cfm
The unique series of documents included or processed is:
K:INETPUBCLIENTSLOGINHTTPAILMENT.CFM
This errors message suggests that the goal web utility if going for walks Microsoft SQL and discloses listing structures
Computer Basics Interview Questions
Question 34. What Is The Security Threat Level Today At The Internet Storm Center (isc)?
Answer :
For the interviewer the URL is http://isc.Sans.Org and is usually green. The reason for asking the question is to discover if the candidate is on pinnacle of what the net looks like nowadays. You can replacement the ISS score one thru five http://www.Iss.Internet that's normally one, but most protection oldsters realize approximately the ISC and will spend time there.
Question 35. Explain About User Security?
Answer :
Users are liable to some of attacks, such as dictionary password guessing. In Windows NT, one way to protect towards the ones forms of assaults is to set the quantity of failed logins before disabling the account transient or till the system supervisor manually enables it once more.
Question 36. How Do I Get My Computer C2 Level Security, Or, What Is C2config?
Answer :
On the CDROM this is blanketed within the NT Resource Kit, there's a software called c2config that may be used for tighten the safety of a NT based laptop.
Be aware, that c2config will no longer work well on systems with localized surroundings, e.G. A german NT that makes use of ACLs in german, now not in english.
Computer Systems Analyst Interview Questions
Question 37. Is Nt Susceptible To Syn Flood Attacks?
Answer :
Yes. To my expertise, all IP primarily based systems are feasible sufferers for the attack.
Question 38. What Are Giant Packets? Or, Is Windows Nt Susceptible To The Ping Attack?
Answer :
There are mixed reviews whether or not or not NT is vulnerable to this attack. By the usage of ping to ship a huge packet to sure systems, they may hang or crash.
Windows NT 3.51 seem to be prone to this attack. A information base article, Q132470, describes symptoms in Windows NT three.Fifty one, and additionally encompass a pointer to a patch for this problem
Question 39. What Should I Think About When Using Snmp?
Answer :
In other SNMP enabled machines you could configure each an write and a read network name. On a Windows NT gadget you may simplest set one. Not having a community name does not disable the service, as one might expect.
Question forty. What Ports Must I Enable To Let Nbt (netbios Over Tcp/ip) Through My Firewall?
Answer :
First of all, you should simply, absolutely reconsider if that is any such excellent concept to permit NBT site visitors thru your firewall. Especially if the firewall is between your internal network and Internet.
The problem with NBT is that straight away you open it up via the firewall, people could have ability get entry to to all NetBios offerings, no longer just a selection of them, along with printing.
The following is a listing of the ports utilized by NBT:
netbiosns 137/tcp NETBIOS Name Service
netbiosns 137/udp NETBIOS Name Service
netbiosdgm 138/tcp NETBIOS Datagram Service
netbiosdgm 138/udp NETBIOS Datagram Service
netbiosssn 139/tcp NETBIOS Session Service
netbiosssn 139/udp NETBIOS Session Service
Computer Operator Interview Questions
Question forty one. What Is The Microsoft Baseline Security Analyzer?
Answer :
The Microsoft Baseline Security Analyzer (MBSA) is a graphical and commandline interface evolved via Microsoft that could perform nearby or far off scans of Windows structures, assessing any missing hotfixes and vulnerabilities in positive Microsoft products.
Question 42. What Is The Iis Lockdown Tool?
Answer :
This tool is a part of the IIS Lockdown Wizard and it really works via turning off unnecessary capabilities of the IIS server and thereby reducing the assault floor available to an attacker. This tool additionally works along side URLscan to offer multiple layers of defense and protection. See the IIS Lockdown Tool web page on TechNet describes its functions and characteristics in addition to offers steps for download and setup.
Question 43. How Do I Secure Windows 2000 And Iis 5.Zero?
Answer :
Security is a large difficulty for everyone involved in business tactics, management, and management. A appropriate useful resource of data on maintaining protection in Windows 2000 and IIS is the safety section of the Windows 2000 website. Also see Internet Information Services (IIS) on the Microsoft TechNet web page, where you can locate facts on securing IIS servers in addition to sources to help you keep a cozy gadget and live cutting-edge with any releases, updates, and equipment.
Question 44. Are Server facet Includes Insecure?
Answer :
Server side includes, snippets of server directives embedded in HTML documents, are another potential hole. A subset of the directives to be had in serveraspect includes teach the server to execute arbitrary system commands and CGI scripts. Unless the author is aware about the capacity troubles it’s clean to introduce accidental facet effects. Unfortunately, HTML documents containing dangerous serverside consists of are seductively easy to write. Some servers, which includes Apache and NCSA, permit the Web master to selectively disable the varieties of includes that could execute arbitrary commands.
