Network Security Interview Questions & Answers
Q: – What is Data encryption?
Data encryption ensures data safety and very important for confidential or critical data. It protect data from being read, altered or forged while transmission.
Q: – What is the Public Key Encryption?
Public key encryption use public and private key for encryption and decryption. In this mechanism, public key is used to encrypt messages and only the corresponding private key can be used to decrypt them. To encrypt a message, a sender has to know recipient’s public key.
Q: – What is Digital Signatures ?
Digital signature is an attachment to an electronic message used for security purpose. It is used to verify the authenticity of the sender.
Q: – What are Brute Force Attacks?
Brute forcing is a mechanism which is used by an attacker to break the encryption of data by applying a set of various key. Cryptanalyst has a set of number of keys and apply them one by one to the encryption algorithm until he get the right key.
In this example a cryptanalyst may apply bruteforcing to the value of msgID and read the user’s data.
In this the browser requesting for Displaymsg.asp page and sending msgID 87951 to the web server.
Q: – How do you use RSA for both authentication and secrecy?
RSA is a public key encryption algorithm. The RSA algorithms are based on the mathematical part that it is easy to find and multiply large prime numbers together, but it is extremely difficult to factor their product.
For authentication: One can encrypt the hash (MD4/SHA) of the data with a private key. This is known as digital signature.
For Secrecy: Secrecy/confidentiality is achieved by encrypting the data with public key and decrypting with private key.
Q: – If you are a victim of Denial of Service (Dos) then what you do?
The function of a denial of service attack is to flood its target machine with too much traffic and prevents it from being acc essible to any other requests or providing services.
To prevent DoS attacks firewall can be configured as a relay; in this approach the firewall responds on behalf of the internal host. During the attack, the firewall responds to the SYN sent by the attacker; since the ACK never arrives, the firewall terminates the connection.
By Keeping protocols and Antivirus software up-to-date, we can prevent to be a victim of DoS. A regular scanning of the machine is also necessary in order to detect any anomalous behavior.
Q: – What are the differences among encoding, encryption and hashing?
Encoding: Basically encoding is used to protect the integrity of data as it crosses through communication network to keep its original message upon arriving. It is primarily an insecure function because it is easily reversible.
Encryption: Encryption is basically designed for confidentiality and data integrity and reversible only if you have the appropriate key.
Hashing: With hashing the operation is one-way i.e. non-reversible. It takes an input (or ,message ) and returns a fixed-size string, which is called the hash value.
Q: – if We have to generate a hash function then what characteristics are needed in a secure hash function?
A secure hash function should have the following characteristics:
- The output generated by a hash function should be of a fixed length.
- It should be very easy to find out a hash function for a given message.
- If a hash value is given of a message than it is almost impossible to get that message.
- The two different messages should not have the same hash value; it is against the hash function property.
Q: – What is Authentication Header and how it provides the protection to IP header?
Basically Authentication Header protects IP header and provides the complete authenticity to the IP packets.
AH may work in two ways: transport mode and tunnel mode.
In tunnel mode; AH protects the IP header using two IP header layers inner and outer. Inner IP header is used to contain the source and destination addresses, and the outer IP header is used to contain the security gateway information.
Submitted By:-Martha Email-ID: – firstname.lastname@example.org