Computer security Interview Preparation Guide Download PDF
Computer security Interview Questions and Answers will guide you now that Computer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, so learn more about Computing Security,Information Security, NT security, Web Security and Network Security with the help of this Computer security Interview Questions with Answers guide
89 Computer security Questions and Answers:
1 :: What is a Firewall?
A Firewall is software that blocks unauthorized users from connecting to your computer. All computers at Bank Street are protected by a firewall which is monitored and updated by CIS.
2 :: What is Spyware?
Spyware is software that is installed without your knowledge. The purpose of Spyware is to monitor your computing activities and report this data back to companies for marketing purposes. Besides being an invasion of privacy, this software can cause serious performance issues.
3 :: How can I avoid computer viruses?
Most viruses travel through email or internet downloads. Never open attachments from unknown senders and be very cautious when downloading software from internet sources.
4 :: What is computer impersonation?
Impersonation is the ability of a thread to execute in a security context other than from that of the process that owns the thread. This enables a server to act on behalf of a client to access its own objects.
5 :: What are privileges (user rights)?
A privilege is used to control access to a service or object more strictly than is normal with discretionary access control.
6 :: What is this (X) IDS signature mean?
Pull some random URL from a log, or show them an actual snort signature to see if they really understand what the IDS system (if they are going to be a packet head as part of their job). Most good IDS folks will be able to answer this one. My favorite example is one that everyone has seen for years now, Code Red:
GET /default.ida? NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801
%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%
u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0
Or my other favorite one is NetBIOS, right, unless you see a lot of winnuke anyone running a NetBIOS IDS signature on their network is looking at a mushroom cloud of activity, because windows works that way. This is a good leading question on when this signature would be used, where it would be used, and can give the interviewer a lot of good information on how the person thinks about IDS and what the IDS system is showing them. The leading part of this is that many of the windows vulnerabilities like MS06-040 should be monitored by a NetBIOS rule, and the trick is getting the interviewer down to the point where they are actually thinking about the ramifications and architectures of the rule. As an interview question this one can not be beat, but the interviewer must understand enough about how it works to keep the conversation going, otherwise the interviewer is going to get stuck really quickly if the interviewee knows what they are talking about.
GET /default.ida? NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801
%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%
u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0
Or my other favorite one is NetBIOS, right, unless you see a lot of winnuke anyone running a NetBIOS IDS signature on their network is looking at a mushroom cloud of activity, because windows works that way. This is a good leading question on when this signature would be used, where it would be used, and can give the interviewer a lot of good information on how the person thinks about IDS and what the IDS system is showing them. The leading part of this is that many of the windows vulnerabilities like MS06-040 should be monitored by a NetBIOS rule, and the trick is getting the interviewer down to the point where they are actually thinking about the ramifications and architectures of the rule. As an interview question this one can not be beat, but the interviewer must understand enough about how it works to keep the conversation going, otherwise the interviewer is going to get stuck really quickly if the interviewee knows what they are talking about.
7 :: What is an ACL (Access Control List)?
An ACL is a list of ACEs.
8 :: What makes a strong password?
Strong passwords are longer than six characters, contains letters and numbers and even capital letters. Of course a password is useless if you forget it, but remember that using your birth date or name makes you an easy target for hackers.
9 :: How can I avoid Spyware?
Most Spyware comes from free internet downloads such as screensavers and Peer-to-Peer programs (Kazaa, LimeWire, etc). The only way to avoid Spyware is to not install any of these malicious programs.
10 :: How can I protect my home computer?
The best way to protect your personal computer is to install Anti-Virus and Firewall software. CIS does not support home computers however below are some helpful links to information about safeguarding your computer at home.