Network Security Interview Questions and Answers

Q1. What are the different layers of OSI?

  • Data link layer
  • Transport layer
  • Application layer
  • Session layer
  • Data link layer
  • Presentation layer

Q2. What is intranet?
It is a private network based on TCP/IP protocols accessible only by the company’s members or someone with authorization

Q3. What is Data encryption?
Data encryption ensures data safety and very important for confidential or critical data. It protect data from being read, altered or forged while transmission.

Q4. What is the difference between VPN and VLAN?
VPN: Creating a secured tunnel of communication over internet to a remote host.
VLAN: Sub division of a network, generally done for mapping hosts of same department

Q5. Which layers are referred as network support layers?

  • Data link layer
  • Physical layer
  • Network layer

Q6. What is RIP?
RIP stands for Routing Information Protocol, is a simple protocol used to exchange information between the routers.

Q7. What is meant by port blocking within LAN ?
Port blocking is stopping the source to not to access the destination node via ports as application works on the ports so ports are blocked to restricts the access  filling up the security holes in the network infrastructure. blocking can be performed on the firewall & on a router itself via an ex. Acl.

Q8. What are the differences among encoding, encryption and hashing?
Encoding: Basically encoding is used to protect the integrity of data as it crosses through communication network to keep its original message upon arriving. It is primarily an insecure function because it is easily reversible.
Encryption: Encryption is basically designed for confidentiality and data integrity and reversible only if you have the appropriate key
Hashing: With hashing the operation is one-way i.e. non-reversible. It takes an input (or ,message ) and returns a fixed-size string, which is called the hash value.

Q9. Which protocols uses application layer?

  • SMTP
  • DNS
  • FTP

Q10. Difference between routing protocol and routed protocol?
Routed protocols are the protocols that used with mostly Application, Presentation layers .. etc in other words they deal with your os system and how your PC , Ip phone … etc will receive the data.
Routing protocols are the protocols that are used by the routers to communicate with each others like OSOP, RIP , EIGRP , ISIS … etc

Q11. What are the factors that affect the performance of the network?

  • Type of transmission media
  • Software
  • Number of users
  • Hardware

Q12. Name the types of errors?
There are two types of errors:

  • Single bit error
  • Burst error

Q13. What are Brute Force Attacks?
Brute forcing is a mechanism which is used by an attacker to break the encryption of data by applying a set of various key. Cryptanalyst has a set of number of keys and apply them one by one to the encryption algorithm until he get the right key.


Q14. In An Icmp Address Mask Request, What Is The Attacker Looking For?
The attacker is looking for the subnet/network mask of the victim. This would help the attacker to map the internal network.

Q15. How do you use RSA for both authentication and secrecy?
RSA is a public key encryption algorithm. The RSA algorithms are based on the mathematical part that it is easy to find and multiply large prime numbers together, but it is extremely difficult to factor their product.For authentication: One can encrypt the hash (MD4/SHA) of the data with a private key. This is known as digital signature.
For Secrecy: Secrecy/confidentiality is achieved by encrypting the data with public key and decrypting with private key.

Q16. Which Feature On A Network Switch Can Be Used To Protect Against Cam Flooding Attacks?
Port-Security feature can be used for the same. In a cam flooding attack, the attacker sends a storm of mac-addresses (frames) with different values. The goal of the attacker is to fill up the cam table. Port-Security can be used to limit the number of mac-addresses allowed on the port.

 Q17. What is Authentication Header and how it provides the protection to IP header?
Basically Authentication Header protects IP header and provides the complete authenticity to the IP packets.AH may work in two ways: transport mode and tunnel mode.
In tunnel mode; AH protects the IP header using two IP header layers inner and outer. Inner IP header is used to contain the source and destination addresses, and the outer IP header is used to contain the security gateway information.

Q18. What is the Public Key Encryption?
Public key encryption use public and private key for encryption and decryption. In this mechanism, public key is used to encrypt messages and only the corresponding private key can be used to decrypt them. To encrypt a message, a sender has to know recipient’s public key.

Q19. What is Digital Signatures ?
Digital signature is an attachment to an electronic message used for security purpose. It is used to verify the authenticity of the sender

Q20. Which Protocol Does Https Uses At The Transport Layer For Sending And Receiving Data?

Q21. What does CIA stand for in security management?
Confidentiality, integrity and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization. The model is also sometimes referred to as the AIC triad (availability, integrity and confidentiality) to avoid confusion with the Central Intelligence Agency

Q22. What Is A Firewall?
A Firewall is software that blocks unauthorized users from connecting to your computer. All computers at Bank Street are protected by a firewall which is monitored and updated by CIS.

Q23. Why Does Active Ftp Not Work With Network Firewalls?
When a user initiates a connection with the FTP server, two TCP connections are established. The second TCP connection (FTP data connection) is initiated and established from the FTP server. When a firewall is between the FTP client and server, the firewall would block the connection initiated from the FTP server since it is a connection initiated from outside. To resolve this, Passive FTP can be used or the firewall rule can be modified to add the FTP server as trusted.

Q24. What Is A Sid (security Id)?
SID stands for Security Identifier and is an internal value used to uniquely identify a user or a group. A SID contain * User and group security descriptors * 48-bit ID authority * Revision level * Variable sub authority values

Q25. What Is Administrator Privileges When Trying To Install A Download?
Administrator privileges allows the user full access to a program or network second only to the system account. If you don’t have administrator privileges, you cannot do certain things You may be able use a program, but not upgrade it.

Q26. Can Police Track An Ip Address After It Has Been Changed?
Sometimes-for example, if the user has a dynamic IP address, and their IP address changes within this system as usual, it can generally be tracked. If the user uses a proxy service to make their IP address appear as if it is located in some random other p

Q27. How Did Early Computer Security Work?
It was pretty simple- just passwords to protect one’s computer. With the innovation of the internet, however, computers have increased security with firewalls and hundreds of anti-virus programs.

Review Date
Reviewed Item
Great work. The content is so good
Author Rating