Systems Administrator Security Questions
6. What Is Computer Impersonation?
Impersonation is the ability of a thread to execute in a security context other than from that of the process that owns the thread. This enables a server to act on behalf of a client to access its own objects.
39. What Should I Think About When Using Snmp?
In other SNMP enabled machines you can configure both an write and a read community name. On a Windows NT system you can only set one. Not having a community name does not disable the service, as one might expect.
7. How Can I Protect My Home Computer?
The best way to protect your personal computer is to install AntiVirus and Firewall software. CIS does not support home computers however below are some helpful links to information about safeguarding your computer at home. Computer Logical Organization Tutorial Computer Fundamentals Interview Questions
16. Why Should You Not Restore A Dc That Was Backed Up 6 Months Ago?
When restoring a backup file, Active Directory generally requires that the backup file be no more than 180 days old. If you attempt to restore a backup that is expired, you may face problems due to lingering objects.
2. What Is A Firewall?
A Firewall is software that blocks unauthorized users from connecting to your computer. All computers at Bank Street are protected by a firewall which is monitored and updated by CIS. Computer Science Engineering Interview Questions
6. What Is Ldap?
A GLDAP (Light-Weight Directory Access Protocol) determines how an object in an Active Directory should be named. LDAP is the industry standard directory access protocol, making Active Directory widely accessible to management and query applications. Active Directory supports LDAPv2 and LDAPv3.
5. What Are Gpos (group Policy Objects)?
A Group Policy Object (GPO) is a collection of settings that control the working environment of user accounts and computer accounts. GPOs define registry-based policies, security options, software installation and maintenance options, script options, and folder redirection options. There are two kinds of Group Policy objects: Local Group Policy objects are stored on individual computers. Nonlocal Group Policy objects, which are stored on a domain controller, are available only in an Active Directory environment. Network Security Interview
22. What Is A Null Session?
A NULL session connection, also known as Anonymous Logon, is a way of letting a not logged on user to retrieve information such as user names and shares over the network. It is used by applications such as explorer.exe to enumerate shares on remote servers. The sad part is that it lets nonauthorized users to do more than that. Particularly interesting is remote registry access, where the NULL session user has the same permissions as builtin group Everyone. With SP3 for NT4.0 or a fix for NT3.51, a system administrator can restrict the NULL session access, see $$$: Q143474. With this fix, a new wellknown SID is defined, named "Authenticated Users", which is Everyone except NULL session connected users. Replacing Everyone in all ACLs on the machine with this Authenticated User would be a good thing. To do this in a controlled fashion, one can use cacls.exe for the file system, but have to rely on some third party product for the registry ACLs. Using explorer.exe/winfile.exe or regedt32.exe will most certainly break the system. The cause for this is that these tools replace the ACL instead of editing it.
3. What Is Domain Controller?
A domain controller (DC) or network domain controller is a Windows-based computer system that is used for storing user account data in a central database. It is the centrepiece of the Windows Active Directory service that authenticates users, stores user account information and enforces security policy for a Windows domain. A domain controller allows system administrators to grant or deny users access to system resources, such as printers, documents, folders, network locations, etc., via a single username and password.
2. What Is A Domain?
A domain is defined as a logical group of network objects (computers, users, devices) that share the same Active Directory database. A tree can have multiple domains. Networking Interview
11. I Have Been Hearing A Lot About Firewalls, But I Am Not Sure What It Is Or If I Need It. Can You Help?
A firewall is basically a software program that allows you full access to the Internet and/or your network, while restricting access to your computer system from outside intrusions. Internet users are extremely vulnerable to hackers, especially if you have cable or ADSL access to the Internet. You definitely need to protect your computer system. Once you install a firewall, you'll be amazed at how many attempts to access your computer are blocked by your firewall. Hackers can directly access your computer system by installing programs such as a key logger that can read every keystroke you make. This information is recorded and sent back to the hacker. Private information such as passwords and credit card numbers can easily be stolen. A key logger is a small software program that quietly runs in the background. As these programs quite often run in DOS, you will mostlikely never realize it's running. However, you can see if a key logger is running by pressing 'control' - 'alt' - 'delete' on your keyboard. This will launch a window that contains a list of all the programs currently running on your system. Review the list and watch for programs you don't recognize. If you really want to keep your computer safe, I recommend the following: Purchase a good virus program and keep it updated Purchase a good firewall program and keep it updated Purchase a program like Pest Patrol and keep it updated Computer Basics Interview Questions
14. What Are Lingering Objects?
A lingering object is a deleted AD object that still remains on the restored domain controller in its local copy of Active Directory. They can occur when changes are made to directories after system backups are created. When restoring a backup file, Active Directory generally requires that the backup file be no more than 180 days old. This can happen if, after the backup was made, the object was deleted on another DC more than 180 days ago.
5. What Are Privileges (user Rights)?
A privilege is used to control access to a service or object more strictly than is normal with discretionary access control. Computer Hardware Interview Questions
26. What Is Proxy Server?
A proxy server is a computer that acts as a gateway between a local network (e.g., all the computers at one company or in one building) and a larger-scale network such as the Internet. Proxy servers provide increased performance and security. In some cases, they monitor employees' use of outside resources. Windows Server Support Interview
15. What Is An Ace (access Control Entry)?
AccessControl Entries that is used to build AccessControl Lists (ACLs). Each ACE contains the following information: A SID, that identifies the trustee. A trustee can be a user account, group account, or a logon account for a program such as a Windows NT service. An access mask specifying access rights controlled by the ACE. Flags that indicates the type of ACE and flags that determine whether other objects or containers can inherit the ACE from the primary object to which the ACL is attached. Computer Systems Analyst Interview Questions
1. What Is Active Directory?
Active Directory provides a centralised control for network administration and security. Server computers configured with Active Directory are known as domain controllers. Active Directory stores all information and settings for a deployment in a central database, and allows administrators to assign policies and deploy and update software.
22. Is Team-work Part Of A System Administrator's Typical Day?
Administrators are typically called in to offer technical support for teams working on a project. Support might mean technical troubleshooting or the development and explanation of technological strategy with regards to the project goals and means.
8. What Is An Acl (access Control List)?
An ACL is a list of ACEs.
21. What Role Do Characteristics Such As Assertiveness And Problem Solving Play In The Career Of A System Administrator?
Analytical thinking and problem solving is crucial to be able to analyze software or hardware malfunction. They are also necessary to be able to improve or upgrade systems so that they suit company needs. Assertiveness also plays a role because administrators have to make decisions. They decide on solutions, security measures, and things like system upgrades.
26. What Is Cryptoapi?
CryptoAPI is a set of encryption APIs that allow developers to develop applications that work securely over nonsecure networks, such as the Internet. CryptoAPI is shipped with NT version 4 and the Internet Explorer 3.0. Version 2.0 of CryptoAPI comes with SP3 for NT4.
27. Differentiate Between Firewall/antivirus?
Antivirus: The prime job of an anivirus is protect your system from computer viruses. Your computer may be standalone or part of network or connected to Internet you need an antivirus program. It actively monitors when you are using your system for any virus threat from different sources. if it found one it tries to clean or quarantine the virus ultimately keeping your system and data safe. Firewall: Firewall is in other hand a program which protects your system from outsider/intruder/hacker attacks. These attacks may not be virus type. In some cases hackers can take control of your system remotely and steal your data or important information from system. If your system is directly connected to internet or a large network than you can install a software firewall in your PC to protect your self from unauthorized access. Firewall is available either in software or in hardware form. For a single PC you may need a software firewall while a large corporate implements hardware firewall to protect all of their systems from such attacks. Windows Administration Interview
Why do I want to work here?
As iv'e stated, I am a patriot and have quite the admiration for american justice. I want to serve my country using the skills that I have. I am a big fan of this nations fundamental ideals, and long to find a way to support that. I also have been striving to get into a systems administration role, which would serve to help me transition into a hardcore security role. This will serve those goals greatly.
19. What Is Authenticode?
Authenticode is a way to ensure users that code they download from the net has not been tampered with and gives the code an etched in ID of the software publisher. Microsoft is pushing this as a new way of getting better security into software distribution over the net
17. How Do You Backup Ad?
Backing up Active Directory is essential to maintain the proper health of the AD database. Windows Server 2003: You can backup Active Directory by using the NTBACKUP tool that comes built-in with Windows Server 2003 or use any 3rd-party tool that supports this feature. Windows Server 2008: In Server 2008, there isn't an option to backup the System State data through the normal backup utility. We need to use the command line to backup Active Directory. 1. Open up your command prompt by clicking Start, typing "cmd" and then hit Enter. 2. In your command prompt, type "wbadmin start systemstatebackup -backuptarget:e:" and press Enter. 3. Input "y" and press Enter to start the backup process. When the backup process has finished you should get a message that the backup completed successfully. If it did not complete properly you will need to troubleshoot. Network Administrator Interview
What are your hobbies outside of work
Backpacking, Marksmanship, and Trail running. I started looking for constructive hobbies shortly before getting out of high school, and have really grown fond of these 3.
Why should we chose you for this job?
Because I have experience managing people and systems. I'm actively pursuing mastery of Information Security through school, certifications, and with articles in my free time. I also have experience explaining some complex computer processes to a variety of end users. Beyond that, I am a patriot with a huge admiration for our American justice system. I want to serve people, serve a team, and serve my country. I can do all of those things here, and I will do them well.
Tell me about an achievement you are proud of
Current project approaching conclusion - Dropbox previous projects - - - Wifi in the AOC becoming a GTA promotion to head lab manager organizing and facilitating events (coding camp and smash tournament) Scouting, recruiting, encouraging, and eventually leaving the lab team in good hands
27. Are Cgi Scripts Insecure?
CGI scripts are a major source of security holes. Although the CGI (Common Gateway Interface) protocol is not inherently insecure, CGI scripts must be written with just as much care as the server itself. Unfortunately some scripts fall short of this standard and trusting Web administrators install them at their sites without realizing the problems. Computer architecture Interview Questions
What are your main strengths
Communication and project management. The ability to take on new concepts with a positive attitude. (quickbooks, dropbox, teaching, giving speeches, building teams, etc) In terms of job specific, communicating with vendors, sourcing appropriate hardware and software, windows support, desktop support, and networking. I have a good grasp of fundamental computer security, and am working hard to apply those skills to my profession.
13. Why Do We Use Dhcp?
Dynamic Host Configuration Protocol assigns dynamic IP addresses to network devices allowing them to have a different IP address each time they are connected to the network.
17. What Is An Access Token?
Each process has an associated access token which is used by the system to verify whether the process should be granted access to a particular object or not. The access token consists of a user SID, a list of group SIDs representing the groups the user belongs to, and a list of user rights (privileges) the user is blessed with. Computer Operator Interview Questions
11. What Are Main Email Servers And Which Are Their Ports?
Email servers can be of two types: Incoming Mail Server (POP3, IMAP, HTTP): The incoming mail server is the server associated with an email address account. There cannot be more than one incoming mail server for an email account. In order to download your emails, you must have the correct settings configured in your email client program. Outgoing Mail Server (SMTP): Most outgoing mail servers use SMTP (Simple Mail Transfer Protocol) for sending emails. The outgoing mail server can belong to your ISP or to the server where you setup your email account. The main email ports are: POP3 - port 110 IMAP - port 143 SMTP - port 25 HTTP - port 80 Secure SMTP (SSMTP) - port 465 Secure IMAP (IMAP4-SSL) - port 585 IMAP4 over SSL (IMAPS) - port 993 Secure POP3 (SSL-POP) - port 995 Red Hat Linux System Administration Interview
40. What Ports Must I Enable To Let Nbt (netbios Over Tcp/ip) Through My Firewall?
First of all, you should really, really reconsider if this is such a good idea to let NBT traffic through your firewall. Especially if the firewall is between your internal network and Internet. The problem with NBT is that at once you open it up through the firewall, people will have potential access to all NetBios services, not just a selection of them, such as printing. The following is a list of the ports used by NBT: netbiosns 137/tcp NETBIOS Name Service netbiosns 137/udp NETBIOS Name Service netbiosdgm 138/tcp NETBIOS Datagram Service netbiosdgm 138/udp NETBIOS Datagram Service netbiosssn 139/tcp NETBIOS Session Service netbiosssn 139/udp NETBIOS Session Service Computer Operator Interview Questions
34. What Is The Security Threat Level Today At The Internet Storm Center (isc)?
For the interviewer the URL is http://isc.sans.org and is usually green. The reason for asking the question is to find out if the candidate is on top of what the internet looks like today. You can substitute the ISS rating one through five http://www.iss.net which is usually one, but most security folks know about the ISC and will spend time there.
12. What Do Forests, Trees, And Domains Mean?
Forests, trees, and domains are the logical divisions in an Active Directory network. A domain is defined as a logical group of network objects (computers, users, devices) that share the same active directory database. A tree is a collection of one or more domains and domain trees in a contiguous namespace linked in a transitive trust hierarchy. At the top of the structure is the forest. A forest is a collection of trees that share a common global catalog, directory schema, logical structure, and directory configuration. The forest represents the security boundary within which users, computers, groups, and other objects are accessible. Networking Interview
9. What Is Garbage Collection?
Garbage collection is the online defragmentation of the Active Directory which happens every 12 hours. Windows Administration Interview
4. What Is Group Policy?
Group Policy allows you to implement specific configurations for users and computers. Group Policy settings are contained in Group Policy objects (GPOs), which are linked to the following Active Directory service containers: sites, domains, or organizational units (OUs). Networking Tutorial
What are your salary expectations?
I have seen the going pay range for this position expect to fall appropriately within the upper half of that range.
Do you prefer working by yourself or with a team?
I really thrive in a team environment. Good workers thrive in an environment where people can work together, hold each other accountable, and encourage each other.
Where do you see yourself in 5 years
I see myself purchasing an honorable 50 acres and raising a family on it. To achieve this, I hope to build a healthy relationship, based off mutual equity with a company that reflects some of my passions. I would like to build into a management position at that company.
What are your weaknesses
I wait too long to ask for help. I can manage project A with no problem, and project B, and project C too. I like to take responsibility for these things in entirety, and so when I start to struggle with the load I can be slow to share the burden. I am always working on this area of myself, and have improved upon it by updating supervisors, keeping lists, and setting realistic progress dates. These tools have helped me to define when it is appropriate to reach out and request some assistance.
25. What Is Loop Back?
Loopback address is 127.0.0.1, An address that sends outgoing signals back to the same computer for testing.
18. What Experience Do You Have With Hardware Components?
Installation and replacement are some of the most frequently performed operations with hardware. Sometimes a system administrator might need to rebuild a hardware component. Network Security Interview
21. Can My Page File Hold Sensitive Data?
It can. Memory pages are swapped or paged to disk when an application needs physical memory. Even though the page file (see Control Panel>System >Performance>Virtual Memory) is not accessible while the system is running, it can be accessed by, for example, booting another OS. There is a registry key that can be created so that the memory manager clears the page file when the system goes down: HKLMSYSTEMCurrentControlSetControlSession ManagerMemoryManagementClearPageFileAtShutdown: 1 Note that the clearing of the page file only is done when the system is brought down in a controlled fashion. If the machine is just switched off or brought down in any other brute way, of course no clearing will be performed.
10. How Can I Avoid Spyware?
Most Spyware comes from free internet downloads such as screensavers and PeertoPeer programs (Kazaa, LimeWire, etc). The only way to avoid Spyware is to not install any of these malicious programs.
4. How Can I Avoid Computer Viruses?
Most viruses travel through email or internet downloads. Never open attachments from unknown senders and be very cautious when downloading software from internet sources. Computer Fundamentals Tutorial
Tell us about yourself
My name is Justin, and I'm a graduate teaching assistant living in Clarksville Tennessee. I majored in systems development and minored in information security. I have over 3 years of management experience and just under 3 years of hardware and software management experience. I'm passionate about serving others and benefiting a team, and have chosen computer science as the avenue to facilitate that passion.
Why are you leaving your current job?
My position at the church has always been more of a long term internship. I was brought in to set up systems and keep them running. I have done that, and I have discussed moving into a real full time position with them. The church has been nothing but supportive in this process. It is natural progression for me, and i'm splitting with the church on good terms.
20. Is It Possible To Use Packet Filters On An Nt Machine?
NT 4 comes with builtin support for packet filtering. It is a simple but still usable filtering function that the administrator can configure to just let some IP packets reach the actual applications running on the system. You find configuration panel for the filtering function on "Control Panel >Network>TCP/IP>Services>Advanced>Security" Be aware that this simple filtering mechanism is not a substitute for a real firewall since it cannot do advanced stuff like protection against ipspoofing, etc.
23. Differentiate Between Ntfs & Fat?
NTFS is the current file system used by Windows. It offers features like security permissions (to limit other users' access to folders), quotas (so one user can't fill up the disk), shadowing (backing up) and many other features that help Windows. FAT32 is the older Microsoft filesystem, primarily used by the Windows 9X line and Window could be installed on a FAT32 parition up to XP. In comparision, FAT32 offers none of what was mentioned above, and also has a maximum FILE (not folder) size of 4GB, which is kind of small these days, especially in regards to HD video. Hadoop Administration Interview
24. What Servers Have Tcp Ports Opened On My Nt System? Or: Is Netstat Broken?
Normally, the netstat program should report information on the status of the networking connections, routing information, etc. With the option A or a, it should list all TCP and UDP available connections and servers that are accepting connection. On Windows NT, even though the documentation states otherwise, this is not the case. There are no simple way to check what services that are running with TCP ports opened to accept connections. Currently the only way to get some information about this is to use a port scanner program and test through each TCP port on the NT machine. This is not a fool proof way of dealing with the problem. This is a serious problem if you plan to have NT based computers in the firewall environment. You cannot easily hardened them to become bastion hosts, since you are not confident what types of network services that might be reachable from the outside. It is a confirmed bug in Windows NT 3.5, 3.51 and 4.0. I do not expect Microsoft to fix it soon enough. Update: netstat.exe is fixed as of NT4 SP3, but it still shows some strange behavior. For example, on a moderately loaded machine, you can find numerous duplicates of open connections. Computer Fundamentals Interview Questions
36. How Do I Get My Computer C2 Level Security, Or, What Is C2config?
On the CDROM that is included in the NT Resource Kit, there is a program called c2config that can be used for tighten the security of a NT based computer. Be aware, that c2config will not work well on systems with localized environment, e.g. a german NT that uses ACLs in german, not in english. Computer Systems Analyst Interview Questions
1. How Can I Secure My Client Computers Against My Users?
One way to make it harder for the local user to do any harm to the system is to have a local PC without any hard disk or floppy disk. To boot, the system will need to talk to a boot server over the network.
16. What Is Sam (security Account Manager)?
SAM stands for Security Account Manager and is the one who maintains the security database, stored in the registry under HKLMSAM. It serves the Local Security Authority (LSA) with SIDs. The SAM maintains the user account database.
12. What Is A Sid (security Id)?
SID stands for Security Identifier and is an internal value used to uniquely identify a user or a group. A SID contain: User and group security descriptors 48bit ID authority Revision level Variable subauthority values Computer Science Engineering Interview Questions
43. How Do I Secure Windows 2000 And Iis 5.0?
Security is a huge concern for anyone involved in business processes, management, and administration. A good resource of information on maintaining security in Windows 2000 and IIS is the security section of the Windows 2000 site. Also see Internet Information Services (IIS) on the Microsoft TechNet site, where you can find information on securing IIS servers in addition to resources that will help you maintain a secure system and stay current with any releases, updates, and tools.
44. Are Server side Includes Insecure?
Server side includes, snippets of server directives embedded in HTML documents, are another potential hole. A subset of the directives available in serverside includes instruct the server to execute arbitrary system commands and CGI scripts. Unless the author is aware of the potential problems it's easy to introduce unintentional side effects. Unfortunately, HTML files containing dangerous serverside includes are seductively easy to write. Some servers, including Apache and NCSA, allow the Web master to selectively disable the types of includes that can execute arbitrary commands.
what motivates you?
Serving others. I get a thrill from being helpful and maintaining systems in a productive way.
3. What Is Spyware?
Spyware is software that is installed without your knowledge. The purpose of Spyware is to monitor your computing activities and report this data back to companies for marketing purposes. Besides being an invasion of privacy, this software can cause serious performance issues.
28. What Is Apipa?
Stands for Automatic Private IP Addressing APIPA is a DHCP fail over mechanism for local networks. With APIPA, DHCP clients can obtain IP addresses when DHCP servers are non-functional. APIPA exists in all modern versions of Windows except Windows NT. When a DHCP server fails, APIPA allocates IP addresses in the private range 169.254.0.1 to 169.254.255.254.
9. What Makes A Strong Password?
Strong passwords are longer than six characters, contains letters and numbers and even capital letters. Of course a password is useless if you forget it, but remember that using your birth date or name makes you an easy target for hackers. Computer architecture Interview Questions
20. What Are The Personal Characteristics Of A System Administrator?
System administrators are experts at handling hardware and software. They are quick with both their hands and their head. They can work alone, but they know when and how to communicate with others, whether to report problems, learn information needed to fix problems, or instruct employees regarding technical issues. Database Administration Interview
7. Where Is The Ad Database Stored?
The AD database is stored in C:WindowsNTDSNTDS.DIT. Network Security Tutorial Active Directory Interview
30. What Is The Hfnetchk Security Tool?
The HFNetChk Security Tool is a tool released by Microsoft that aids system administrators in the task of maintaining security across Windowsbased servers; it is a commandline tool that enables the administrator to check the patch status of all the machines in a network from a central location. The HFNetChk Security Tool page on TechNet provides more information and instructions for download.
Challenging situation how did you overcome
The Konica Minolta printer issue -setting up the SMTP Server -working with dropbox -setting up the wifi in the AOC
41. What Is The Microsoft Baseline Security Analyzer?
The Microsoft Baseline Security Analyzer (MBSA) is a graphical and commandline interface developed by Microsoft that can perform local or remote scans of Windows systems, assessing any missing hotfixes and vulnerabilities in certain Microsoft products.
8. What Is The Sysvol Folder?
The SYSVOL folder stores the server copy of the domain's public files that must be shared for common access and replication throughout a domain. All AD databases are stored in a SYSVOL folder and it's only created in an NTFS partition. The Active Directory Database is stored in the %SYSTEM ROOT%NDTS folder.
14. What Is Srm (security Reference Monitor)?
The Security Reference Monitor is the kernel mode component that does the actual access validation, as well as audit generation.
30. What Is The Windows Registry?
The Windows Registry, usually referred to as "the registry," is a collection of databases of configuration settings in Microsoft Windows operating systems.
23. What Is Shutdown.exe?
There are a bug in the utility shutdown.exe that are part of the NT Resource Kit. That bug disables the screen saver on a remote machine
38. What Are Giant Packets? Or, Is Windows Nt Susceptible To The Ping Attack?
There are mixed reports whether or not NT is vulnerable to this attack. By using ping to send a large packet to certain systems, they might hang or crash. Windows NT 3.51 seem to be vulnerable to this attack. A knowledge base article, Q132470, describes symptoms in Windows NT 3.51, and also include a pointer to a patch for this problem
25. What Are The Security Issues Related To Odbc Usage?
There are several security issues related to ODBC usage : Add hooks Tracing ODBC connections Any call with indirections, such as calls to ODBC data sources, are possible to intercept by attaching to premade hooks. By tracing ODBC connections, which is a completely legitime thing to do during software development, you can get access to sensitive data, such as user name for the connected database.
19. Give An Example Of Systems You Have Been Working With As An Administrator?
These typically are: Windows and Linux, which support either Asset Management or GIS. Typical duties include engineering, support and maintenance, and research for the purpose of innovation and upgrading.
33. What Are Some Examples Of You How You Would Attempt To Gain Access?
They may attempt default usernames/passwords or attempt SQL Injection queries that provide an SQL true statement (such as - ' OR 1=1#). If they provide SQL examples, then offer them the following Error document information and ask them what this indicates. ODBC Error Code = 37000 (Syntax error or access violation) [Microsoft][ODBC SQL Server Driver][SQL Server]Line 4: Incorrect syntax near '='. Data Source = "ECommerceTheArchSupport2" SQL = "SELECT QuickJump_Items.ItemId FROM QuickJump_Items WHERE QuickJump_Items.ItemId <> 0 AND QuickJumpId =" The error occurred while processing an element with a general identifier of (CFQUERY), occupying document position (1:1) to (1:42) in the template file K:InetPubclientsloginhttpailment.cfm The specific sequence of files included or processed is: K:INETPUBCLIENTSLOGINHTTPAILMENT.CFM This error message indicates that the target web application if running Microsoft SQL and discloses directory structures Computer Basics Interview Questions
13. Use The Out Put From Any Network Security Scanner, Which Ever Network Security Scanner Is Used By The Interviewer And Ask The Interviewee To Interpret The Results.what Does The Scanner Output Say, How Would They Use The Information, And How Would They Break The Information Down For The System Administrators?
This lets the interviewer determine how well the interviewee can interpret and voice back the results of a security scan, and how well they can communicate. The interviewer should already have worked with the scanner, its output, and should be able to work with the interviewee to determine the finer points of the data presented.
42. What Is The Iis Lockdown Tool?
This tool is part of the IIS Lockdown Wizard and it works by turning off unnecessary features of the IIS server and thereby reducing the attack surface available to an attacker. This tool also works in conjunction with URLscan to provide multiple layers of defense and protection. See the IIS Lockdown Tool page on TechNet describes its features and characteristics as well as provides steps for download and setup.
29. What Do You See As The Most Critical And Current Threats Affecting Internet Accessible Websites?
To gauge the applicant's knowledge of current web related threats. Topics such as Denial of Service, Brute Force, Buffer Overflows, and Input Validation are all relevant topics. Hopefully they will mention information provided by web security organizations such as the Web Application Security Consortium (WASC) or the Open Web Application Security Project (OWASP).
31. What Is The Urlscan Security Tool?
Urlscan is a powerful IIS security tool that works in conjunction with the IIS Lockdown Tool to give IIS Web site administrators the ability to restrict certain HTTP requests that the server will process, and thus prevents potentially harmful requests from reaching the server and causing damage. The URLScan Security Tool page on Microsoft TechNet describes its features and usage, provides answers to common questions, and details steps for download and installation.
35. Explain About User Security?
Users are susceptible to a number of attacks, such as dictionary password guessing. In Windows NT, one way to protect against those types of attacks is to set the number of failed logins before disabling the account temporary or until the system manager manually enables it again.
24. What Is Voip?
VOIP :Short for Voice Over Internet Protocol, a category of hardware and software that enables people to use the Internet as the transmission medium for telephone calls by sending voice data in packets using IP rather than by traditional circuit transmissions. Active Directory Interview
28. What Do You See As Challenges To Successfully Deploying/monitoring Web Intrusion Detection?
We are attempting to see if the applicant has a wide knowledge of web security monitoring and IDS issues such as: Limitations of NIDS for web monitoring (SSL, semantic issues with understanding HTTP) Proper logging - increasing the verboseness of logging (Mod_Security audit_log) Remote Centralized Logging Alerting Mechanisms Updating Signatures/Policies
32. What Are The Most Important Steps You Would Recommend For Securing A New Web Server? Web Application?
Web Server Security: Update/Patch the web server software Minimize the server functionality - disable extra modules Delete default data/scripts Increase logging verboseness Update Permissions/Ownership of files Web Application Security: Make sure Input Validation is enforced within the code - Security QA testing Configured to display generic error messages Implement a software security policy Remove or protect hidden files and directories
10. When Do We Use Wds?
Windows Deployment Services is a server role used to deploy Windows operating systems remotely. WDS is mainly used for network-based OS installations to set up new computers.
29. What Is Wins Server?
Windows Internet Name Service (WINS) servers dynamically map IP addresses to computer names (NetBIOS names). This allows users to access resources by computer name instead of by IP address. If you want this computer to keep track of the names and IP addresses of other computers in your network, configure this computer as a WINS server. If you do not use WINS in such a network, you cannot connect to a remote network resource by using its NetBIOS name.
15. How Can We Remove Lingering Objects?
Windows Server 2003 and 2008 have the ability to manually remove lingering objects using the console utility command REPADMIN.EXE. HP-ux 11iv3 system administration Interview
18. Are There Any Known Problems With The Screen Saver / Screen Lock Program?
Yes. In version 3.5 and 3.51, if the administrator decide to kick a user off, then the admin has a small time window to see the content of the users current screen and desktop. Computer Hardware Interview Questions
37. Is Nt Susceptible To Syn Flood Attacks?
Yes. To my knowledge, all IP based systems are possible victims for the attack.
why is there a gap in your work history?
there isn't.