Interview Questions.

Q1. What Information Active Unit Passes To The Standby Unit In Stateful Failover?

NAT trlation desk, TCP connection states, The ARP table, The Layer 2 bridge table (when walking in trparent firewall mode), ICMP connection state and so on.

Q2. What Is Access Control Lists?

Rules for packet filters (commonly routers) that outline which packets to skip and which to dam.

Q3. What Is Data Encryption?

Data encryption guarantees data protection and very vital for exclusive or critical information. It defend facts from being read, altered or forged whilst trmission.

Q4. What Is Log Retention?

How lengthy audit logs are retained and maintained.

Q5. What Features Are Not Supported In Multiple Context Mode?

VPN and Dynamic Routing Protocols.

Q6. What Is Firewall?

A firewall is a hardware or software program hooked up to offer protection to the non-public networks related to the internet. They can be applied in each hardware and A firewall is a hardware or software program mounted to provide security to the private networks related to the internet. They can be implemented in both hardware and software program, or a aggregate of each. All statistics getting into or leaving the Intranet passes via the firewall which lets in most effective the records assembly the directors’ rules to bypass via it.Software program, or a combination of both. All information getting into or leaving the Intranet passes thru the firewall which allows handiest the statistics assembly the administrators’ guidelines to pass thru it.

Q7. What Is Bastion Host?

A gadget that has been hardened to face up to assault, and that's set up on a community in one of these manner that it's miles expected to probably come beneath attack. Bastion hosts are frequently components of firewalls, or may be ``outdoor'' net servers or public get right of entry to structures. Generally, a bastion host is strolling a few form of fashionable cause operating gadget (e.G., Unix, VMS, NT, and so forth.) instead of a ROM-based or firmware running device.

Q8. What Is Perimeter-primarily based Security?

The method of securing a network by using controlling get entry to to all entry and exit points of the network.

Q9. What Is Worm?

A standalone program that, while run, copies itself from one host to some other, and then runs itself on each newly infected host. The widely reported 'Internet Virus' of 1988 changed into not a plague in any respect, but absolutely a worm.

Q10. How Asa Works In Reference To Traceroute?

ASA does now not decrement the TTL fee in traceroute as it does not need to provide its records to others for protection motive. It forwards it with out decrementing the TTL Value.

Q11. What Are The Types Of Firewalls?

Packet Filtering Firewall: This kind of Firewall detects packets and block pointless packets and makes community traffic release.

Screening Router Firewalls: It's a software base firewall available in Router gives handiest mild filtering.

Computer-based Firewall: It's a firewall stored in server with an current Operating System like Windows and UNIX.

Hardware base Firewall: Its tool like field lets in robust safety from public network. Mostly utilized by large networks.

Proxy Server: Proxy server permits all clients to get right of entry to Internet with exclusive get admission to limits. Proxy server has its personal firewall which filters the all packet from web server.

Q12. What Information Does Stateful Firewall Maintains?

Stateful firewall keeps following facts in its State table:-

Source IP cope with.

Destination IP cope with.

IP protocol like TCP, UDP.

IP protocol facts such as TCP/UDP Port Numbers, TCP Sequence Numbers, and TCP Flags.

Q13. What Is Log Processing?

How audit logs are processed, looked for key events, or summarized.

Q14. What Is Least Privilege?

Designing operational elements of a system to function with a minimum quantity of gadget privilege. This reduces the authorization degree at which various moves are executed and decreases the danger that a process or consumer with high privileges can be caused to carry out unauthorized pastime resulting in a security breach.

Q15. What Is Screened Host?

A host on a network in the back of a screening router. The diploma to which a screened host can be accessed depends at the screening guidelines inside the router.

Q16. What Is Defense In Depth?

The security approach whereby every gadget at the community is secured to the greatest possible diploma. May be used together with firewalls.

Q17. What Is The Need Of Trparent Firewall?

If we want to install a brand new firewall into an present community it may be a complicated process because of diverse troubles like IP address reconfiguration, network topology modifications, present day firewall etc. We can without problems insert a trparent firewall in an present section and manage visitors among  aspects while not having to readdress or reconfigure the devices.

Q18. What Is Ip Spoofing?

An assault whereby a device tries to illicitly impersonate another gadget with the aid of the use of its IP community deal with.

In laptop networking, the time period IP cope with spoofing or IP spoofing refers to the introduction of Internet Protocol (IP) packets with a cast supply IP deal with, referred to as spoofing, with the reason of concealing the identity of the sender or impersonating another computing device.

Q19. What If We Apply Acl As Global In Asa?

It will be carried out on all interfaces towards inbound. Global alternative is simplest in ASA eight.4 now not in ASA eight.2

Q20. What Is The Difference Between Stateful & Stateless Firewall?

Stateful firewall - A Stateful firewall is aware of the connections that skip thru it. It adds and maintains records approximately users connections in country table, referred to as a connection desk. It than makes use of this connection desk to implement the security policies for users connections. Example of stateful firewall are PIX, ASA, Checkpoint.

Stateless firewall - (Packet Filtering) Stateless firewalls alternatively, does not have a look at the state of connections however simply at the packets themselves. Example of a packet filtering firewall is the Extended Access Control Lists on Cisco IOS Routers.

Q21. What Is Cryptographic Checksum?

A one-manner characteristic carried out to a report to provide a completely unique ``fingerprint'' of the report for later reference. Checksum systems are a number one me of detecting filesystem tampering on Unix.

Q22. What Is Uthentication?

The method of determining the identity of a user that is making an attempt to access a system.

Authentication is a technique which can affirm computer identity(person call and pass and so forth)

Q23. What Features Are Supported In Multiple Context Mode?

Routing tables, Firewall functions, IPS, and Management.

Q24. Define Digital Signatures?

Digital signature is an attachment to an email correspondence used for safety reason. It is used to verify the authenticity of the sender.

Q25. Which Feature On A Firewall Can Be Used For Mitigating Ip Spoofing Attacks?

Access manipulate listing can be used for the motive.

Q26. What Is The Difference Between Gateway And Firewall?

A Gateway joins two networks together and a community firewall protects a community in opposition to unauthorized incoming or outgoing get entry to. Network firewalls can be hardware gadgets or software applications.

Q27. What Is Dns Spoofing?

Assuming the DNS name of every other machine by using both corrupting the call service cache of a victim machine, or by compromising a domain name server for a legitimate domain.

Q28. What Is Ip Splicing/hijacking?

An attack wherein an lively, mounted, consultation is intercepted and co-opted by way of the attacker. IP Splicing attacks may also occur after an authentication has been made, permitting the attacker to count on the role of an already authorized consumer. Primary protections against IP Splicing depend on encryption on the session or community layer.

Q29. Explain You Are Currently Designing Your Own Desktop Publishing Application, As You Have Not Found Any That?

You are presently designing your own Desktop Publishing software, as you haven't found any that do precisely what you need with current applications. As part of the layout you are the usage of a Controller to which you send all GUI requests. Not all items can system the equal commands. For example you could?T pick the spell take a look at tool whilst an image has the point of interest. To stop any feasible mistakes you would like to clear out some of the messages as they may be exceeded from those gadgets to.

Q30. What Is Tunneling Router?

A router or gadget capable of routing visitors by way of encrypting it and encapsulating it for trmission across an untrusted community, for eventual de-encapsulation and decryption.

Q31. What Is Screened Subnet?

A subnet behind a screening router. The diploma to which the subnet may be accessed relies upon at the screening rules in the router.

Q32. Explain Abuse Of Privilege?

When a consumer performs an movement that they have to no longer have, in line with organizational policy or law.

Q33. What Is Dual Homed Gateway?

A twin homed gateway is a machine that has  or greater community interfaces, every of which is linked to a distinctive community. In firewall configurations, a dual homed gateway normally acts to block or filter some or all of the site visitors seeking to bypass among the networks.

Q34. Explain Failover?

Failover is a cisco proprietary function. It is used to offer redundancy. It calls for two same ASAs to be connected to each different thru a dedicated failover hyperlink. Health of lively interfaces and gadgets are monitored to determine if failover has took place or not.

Q35. Which Fields In A Packet Does A Network Layer Firewall Look Into For Making Decisions?

IP and trport layer headers for statistics related to source and destination IP addresses, port numbers and many others.

Q36. What Are The Different Types Of Acl In Firewall?

1.Standard ACL

2.Extended ACL

three.Ethertype ACL (Trparent Firewall)

4.Webtype ACL (SSL VPN)

Q37. What Is The Public Key Encryption?

Public key encryption use public and private key for encryption and decryption. In this mechanism, public secret's used to encrypt messages and simplest the corresponding personal key may be used to decrypt them. To encrypt a message, a sender has to realize recipient’s public key.

Q38. Explain Active/standby Failover?

In Active/Standby Failover, one unit is the lively unit which passes traffic. The standby unit does not actively skip site visitors. When Failover takes place, the energetic unit fails over to the standby unit, which then will become lively. We can use Active/Standby Failover for ASAs in each single or multiple context mode.

Q39. What Are The Failover Requirements Between Two Devices?

Hardware Requirements: The two devices in a failover configuration ought to be the identical model, ought to have identical variety and styles of interfaces.

Software Requirements: The two gadgets in a failover configuration have to be inside the identical operating modes (routed or trparent single or a couple of context). They need to have the equal software version.

Q40. Firewalls Works At Which Layers?

Firewalls work at layer 3, 4 & 7.

Q41. Explain Security Context?

We can partition a Single ASA into more than one virtual gadgets, referred to as Security Contexts. Each Context acts as an impartial tool, with its very own safety policy, interfaces, and directors. Multiple contexts are just like having more than one standalone devices.

Q42. Explain Dmz (demilitarized Zone) Server?

If we want a few network assets inclusive of a Web server or FTP server to be available to outdoor customers we vicinity these resources on a separate network in the back of the firewall called a demilitarized quarter (DMZ). The firewall permits limited get admission to to the DMZ, but because the DMZ handiest includes the public servers, an attack there only affects the servers and does no longer affect the internal network.

Q43. Explain Ether-type Acl?

In Trparent mode, in contrast to TCP/IP visitors for which security stages are used to allow or deny site visitors all non-IP site visitors is denied by way of default. We create Ether-Type ACL to allow NON-IP traffic. We can control site visitors like BPDU, IPX and so on with Ether-Type ACL.

Q44. What Is The Difference In Acl On Asa Than On Router?

In router, if we delete one access-manage entry whole ACL can be deleted. In ASA, if we are able to delete one get entry to-manage access complete ACL will not be deleted.

Q45. Which Feature On A Cisco Firewall Can Be Used For Protection Against Tcp Syn Flood Attacks?

TCP intercept feature.

Q46. What Is Authentication Token?

A portable tool used for authenticating a consumer. Authentication tokens perform with the aid of venture/reaction, time-based totally code sequences, or other strategies. This may also consist of paper-based totally lists of one-time passwords.

Q47. What Type Of Firewall Can Be Used To Block A Web Security Threat?

A web software firewall or a layer 7 firewall can be used for the motive.

Q48. What Is Tranparent Firewall?

In Trparent Mode, ASA acts as a Layer 2 tool like a bridge or switch and forwards Ethernet frames based on vacation spot MAC-address.

Q49. Which Is The Main Field In An Ip Header , Which Is Modified By A Nat Firewall?

The source IP deal with inside the IP header.

Q50. What Is The Difference Between Stateful Failover And Stateless Failover?

Stateless Failover: When failover happens all energetic connections are dropped. Clients want to re-establish connections while the new lively unit takes over.

Stateful Failover: The active unit usually passes consistent with-connection state records to the standby unit. After a failover takes place, the equal connection facts is available at the brand new energetic unit. Clients are not required to reconnect to keep the identical communication consultation.