Network Security Interview Questions and Answers- Network Security Interview Questions for Experienced or Freshers, you are at right place In this article covers the top Network security interview questions & answers that a Network Security professional is likely to be asked in an interview.
Network Security is the process of taking physical and software preventative measures to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure, thereby creating a secure platform for computers, users and programs to perform their permitted critical functions within a secure environment. Network security consists of the policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Only network security can remove Trojan horse viruses if it’s activated. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: It secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.(wiki)
Network security combines multiple layers of defenses at the edge and in the network. Each network security layer implements policies and controls. Authorized users gain access to network resources, but malicious actors are blocked from carrying out exploits and threats.
What is a Network?
In computing, a network is a group of two or more devices that are linked in order to share resources, exchange files, or allow electronic communications.. Networks are known as a medium of connections between nodes or computers. The Internet is a global network of networks.

What are the different types of Networks?
There are several different types of networks. Computer networks can be characterized by their size, capabilities and the geographical distance they cover as well as their purpose.
Personal area network (PAN): A personal area network is a computer network organized around an individual person. Personal area networks typically involve a mobile computer, Personal area networks can be constructed with cables or wirelessly.
Local area network (LAN): This is one of the original categories of network, and one of the simplest.  LAN networks connect computers together over relatively small distances, such as within a single building or within a small group of buildings. This is often used as a computer network with a wired connection. This is perfect for internet
Metropolitan area network (MAN): This is a network which is larger than a LAN but smaller than a WAN, and incorporates elements of both. It typically spans a town or city and is owned by a single person or company, such as a local council or a large company.
Wide area network (WAN): A WAN is a geographically-dispersed collection of LANs. A network device called a router connects LANs to a WAN.
Storage area network (SAN): A type of network that specializes in file sharing and other matters in storing various software within a group of computers.
Enterprise private network (EPN): This is a software network that’s often used in businesses so that they can have privacy over files and interactions between computers.
Virtual private network (VPN): A virtual private network (VPN) is a technology that creates a safe and encrypted connection over a less secure network, such as the internet.
UUCP (Unix-to-Unix CoPy): Unix-to-Unix copy (UUCP) is a set of computer programs and protocols that allow for the remote execution of commands and the transfer of email and files between computers. Every system in a UUCP network includes neighbor systems that contain login names, passwords and phone numbers.
Inter Network: Inter Network or Internet is a combination of two or more networks. Inter network can be formed by joining two or more individual networks by means of various devices such as routers, gateways and bridges.

What is a Protocol?
A protocol is a set of rules that governs the communications between computers on a network. In order for two computers to talk to each other, they must be speaking the same language.

What is a Network Protocol?
Rules of Network Protocol include guidelines that regulate the following characteristics of a network: access method, allowed physical topologies, types of cabling, and speed of data transfer.
The most common network protocols are:
  • Ethernet
  • Local Talk
  • Token Ring
  • FDDI
  • ATM
  • Fiber optic protocol
  • Mime protocol
  • Bluetooth protocol
  • Network time protocol
  • PPP Point to Point Protocol
What is Network Topology?
Network topology refers to the physical or logical layout of a network. Network topology is the arrangement of the different networking elements like network links, computers, laptops, switches, nodes, Wi-Fi access points, devices and other network devices in a computer network.

What are the different types of network topology?
Bus topology: In this, all the nodes are connected to the single backbone or bus with some medium such as twisted pair, coaxial cable etc.
Star topology: In this, all the nodes are connected to a common device known as hub. Nodes are connected with the help of twisted pair, coaxial cable or optical fiber.
Ring topology: In this, the nodes are connected in the form of a ring with the help of twisted pair cable.
Hierarchical topology (Tree topology): It is divided into different levels connected with the help of twisted pair, coaxial cable or fiber optics
Mesh topology: In this each computer is connected to every other computer in point-to-point mode. For example, if we have four computers, we must have six links. If we have n computers, we must have n(n-1)/2 links.
Hybrid topology:  this is the combination of multiple topologies, used for constructing a single large topology. The hybrid topology is created when two different network topologies are interconnected.

What is Network Layer? And types?
The network layer is the third level of the Open Systems Interconnection Model (OSI Model) and the layer that provides data routing paths for network communication. Data is transferred in the form of packets via logical network paths in an ordered format controlled by the network layer.
Physical layer (Layer1): This layer conveys the bit stream through the network at the electrical, optical or radio level. It provides the hardware means of sending and receiving data on a carrier network.
Data-link layer (Layer 2): This layer sets up links across the physical network, putting packets into network frames.
Network layer (Layer 3): This layer handles the addressing and routing of the data). IP is the network layer for the Internet.
Transport layer (Layer 4):  This layer manages packetization of data, then the delivery of the packets, including checking for errors in the data once it arrives.
Session layer (Layer 5): This layer sets up, coordinates and terminates conversations. Services include authentication and reconnection after an interruption.
Presentation layer (Layer 6): This layer is usually part of an operating system (OS) and converts incoming and outgoing data from one presentation format to another.
Application layer (Layer 7): This is the layer at which communication partners are, network capacity is assessed, and that creates a thing to send or opens the thing received.

What is Network security?
Network security is protection of the access to files and directories in a computer network against hacking, misuse and unauthorized changes to the system. Network security is an organization’s strategy and provisions for ensuring the security of its assets and all network traffic. Network security is manifested in an implementation of security both hardware and software technologies.

What are the different types of Network security?
Types of network security are:
  • Application security
  • Email security
  • Mobile device security
  • Web security
  • Wireless security
  • Security information and event management
  • Network segmentation
  • Physical Security
  • Intrusion prevention systems
  • WPA
  • Firewalls
  • Intrusion prevention systems
  • Behavioral analytics
  • Antivirus and antimalware software
  • Access control
What is CIA?
CIA is one of the most important model which is designed to guide policies for information security within an organization. CIA means
Confidentiality: It means that only the authorized individuals/systems can view sensitive or classified information.
Integrity:  It means ensuring the modification of assets is handled in a specified and authorized manner
Availability: a state of the system in which authorized users have continuous access to said assets

What is Cross-Site Scripting (XSS)?
Cross-Site Scripting is a widespread vulnerability that affects many web applications. The danger behind XSS is that it allows an attacker to inject content into a website and modify how it is displayed, forcing a victim’s browser to execute the code provided by the attacker while loading the page.

What is NIDS?
NIDS (Network Intrusion Detection system) is a system that attempts to detect hacking activities, denial of service attacks or port scans on a computer network or a computer itself. The NIDS monitors network traffic and helps to detect these malicious activities by identifying suspicious patterns in the incoming packets.

What is the difference between IPS and a firewall?
The primary function of a firewall is to prevent/control traffic flow from an untrusted network (outside). A firewall is not able to detect an attack in which the data is deviating from its regular pattern, whereas an IPS can detect and reset that connection as it has inbuilt anomaly detection

What is OSPF?
OSPF (Open Shortest Path First) is a link state routing protocol (LSRP) that uses the Shortest Path First (SPF) network communication algorithm (Dijkstra's algorithm) to calculate the shortest connection path between known devices. The main disadvantages of OSPF are   requires more memory to hold the adjacency (list of OSPF neighbors), topology, and routing tables, OSPF requires extra CPU processing to run the SPF algorithm and OSPF  is a complex routing protocol.

What is DAS?
Discretionary access control (DAC) is a type of security access control that grants or restricts object access via an access policy determined by an object's owner group and/or subjects.

What is NAS?
A Network Attached Storage (NAS) device is a storage device connected to a network that allows storage and retrieval of data from a centralized location for authorized network users and heterogeneous clients.

What is MAC?
In computer security, Mandatory access control (MAC) is a system-enforced method of restricting access to objects based on the sensitivity of the object and the clearance of the user. B

What is Domain Controller (DC)?
Domain controller (DC) is a server that responds to security authentication requests within a Windows Server domain. Domain controller is a system where Active Directory is installed in which every object is stored & having roll is to provide the access of services to client who are request to access the services over domain.

What is Cookie?
A cookie is text file stored on your hard drive (more precisely in your browser folder) when you visit a website.

What are types of Cookies?
Session cookies: In this cookies mainly used by online shops and allow you to keep items in your basket when shopping online. These cookies expire when the browser is closed
Permanent cookies: these remain in operation, even when you have closed the browser. They remember your login details and password so you don’t have to type them in every time you use the site. The law concerning permanent cookies stipulates that they need to be deleted after a period of six months
Third-party cookies: In this cookies are installed by third parties with the aim of collecting certain information to carry out various research into behavior, demographics etc.

What is encryption?
In cryptography, encryption is the process of encoding a message or information in such a way that only authorized parties can access it and those who are not authorized cannot

What is Data encryption?
Data encryption translates data into another form, or code, so that only people with access to a secret key (decryption key) or password can read it. Or Data encryption ensures data safety and very important for confidential or critical data. It protect data from being read, altered or forged while transmission.
What is the Public Key Encryption?
Public-key encryption is a cryptographic system that uses two keys -- a public key known to everyone and a private or secret key known only to the recipient of the message. Public key encryption use public and private key for encryption and decryption. In this mechanism, public key is used to encrypt messages and only the corresponding private key can be used to decrypt them. To encrypt a message, a sender has to know recipient’s public key.

What is IPS?
IPS (Intrusion Prevention System) is a network security/threat prevention technology that examines network traffic flows to detect and prevent vulnerability exploits. An Intrusion Prevention System can play a good role to protect against various network security attacks such as brute force attacks, Denial of Service (DoS) attacks, and vulnerability detection. Moreover, an IPS also ensures prevention against protocol exploits.

What is Tracert?
Tracert is a Windows utility program that can used to trace the route taken by data from the router to the destination network. It also shows the number of hops taken during the entire transmission route.

What is an IP address?
An IP address is a virtual number assigned to a computer. It’s the address used by the TCP/IP protocol to identify a machine on the network. A computer must have a unique IP address or a conflicting IP error will occur.

What is a rogue DHCP server?
A rogue DHCP server can redirect IP address assignments to allow the hacker to identify and redirect the client computer to another network segment. The hacker can then sniff network traffic from the target machine

What is AH?
The Authentication Header (AH) protocol provides connectionless integrity, data origin authentication, and an optional anti-replay service.

Which IP protocol does AH and ESP headers use in IPSEC?
ESP and AH uses IP protocol 50 and 51 respectively.

What is Kerberos protocol?
Kerberos is a protocol for authenticating service requests between trusted hosts across an untrusted network, such as the internet. Kerberos is built in to all major operating systems, including Microsoft Windows, Apple OS X, FreeBSD and Linux.

What is ARP?
ARP (Address Resolution Protocol) is a protocol used for mapping an IP address to a computer connected to a local network LAN. Since each computer has a unique physical address called a MAC address, the ARP converts the IP address to the MAC address. This ensures each computer has a unique network identification.

What is GRE?
GRE (Generic Routing Encapsulation) is a protocol that encapsulates packets in order to route other protocols over IP networks.

What is AAA means?
AAA (Authentication, Authorization and Accounting) used to control user’s rights to access network resources and to keep track of the activity of users over a network. The current standard by which devices or applications communicate with an AAA server is the Remote Authentication Dial-In User Service (RADIUS).

What is TKIP?
TKIP (Temporal Key Integrity Protocol) is used by WPA, Wi-Fi protected access to provide encryption services on a wireless network.

What does crypto ACL do?
 Crypto ACL identifies the traffic that should be encrypted. A crypto ACL is not a classification in terms of standard or extended ACL. 

Which field in a STP packet is manipulated in a STP BPDU attack?
The priority value in the STP header is crafted lower than the actual root bridge value, which would make the STP topology change, as lower priority value packet would be elected as the root bridge.

What is IP Spoofing?
IP spoofing attack enables an attacker to replace its identity as trusted for attacking host.
How does PAT/NAT work?
NAT means Network Address Translation , NAT helps the Private IP to route over the public Internet, its translate private IP to a public IP by one to one or many to one, PAT means Port Address Translation ,its translate based on source port

What is Digital Signatures?
Digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software or digital document. Digital signature is an attachment to an electronic message used for security purpose. It is used to verify the authenticity of the sender.

What is a firewall?
A firewall is a device or service that acts as a gate keeper, deciding what enters and exits the network. It analyzes the traffic it sees passing through it by checking the packet headers and data. Based on its configuration, the firewall then decides accordingly whether to deny or allow traffic to pass through.

What is SSL?
SSL (Secure Sockets Layer) is the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two systems, preventing criminals from reading and modifying any information transferred, including potential personal details.

What is TLS?
TLS (Transport Layer Security) is a cryptographic protocol that provides secure communication over the Internet. TLS protocol aims primarily to provide privacy and data integrity between two communicating computer applications.

What is HTTPS?
Hyper Text Transfer Protocol Secure (HTTPS) is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to. TLS and SSL are most widely recognized as the protocols that provide secure HTTP (HTTPS) for Internet transactions between Web browsers and Web servers.

Does HTTPS use TCP or SSL at the transport layer for data transfer?
HTTPS uses TCP at the transport layer. SSL is used for data encryption.

What are some common HTTP attacks?
Here some common attacks of HTTP Attacks:
  • URL interpretation
  • SQL injection
  • Input Validation
  • Impersonation
  • Buffer overflow
  • Session Hijacking
  • Cross-Site Scripting
What are the most important steps you would recommend for securing a new web server?
Here the list of follows are:
  • Update/Patch the web server software
  • Update Permissions/Ownership of files
  • Delete default data/scripts
  • Remove or protect hidden files and directories
  • Web Application and Web Server Security
  • Minimize the server functionality disable extra modules
  • Increase logging verboseness
  • Configured to display generic error messages
  • Make sure Input Validation is enforced within the code: Security QA testing
  • Implement a software security policy
What are the attributes of Security Testing?
There are following seven attributes of Security Testing:
  • Availability
  • Authentication
  • Authorization
  • Confidentiality
  • Integrity
  • Non-repudiation
  • Resilience
Which feature on a network switch can be used to prevent rogue DHCP servers?
DHCP Snooping
Request to Download PDF


Vestibulum bibendum felis sit amet dolor auctor molestie. In dignissim eget nibh id dapibus. Fusce et suscipit orci. Aliquam sit amet urna lorem. Duis eu imperdiet nunc, non imperdiet libero.

Post A Comment: