CF Interview

Question 1

What is a DDoS attack?

Answer 1

A DDoS attack is a malicious attempt to disrupt normal traffic of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.

Question 2

What is Cloudflare?

Answer 2

Cloudflare is a global network designed to make everything you connect to the Internet secure, private, fast, and reliable.
• Secure your websites, APIs, and Internet applications.
• Protect corporate networks, employees, and devices.
• Write and deploy code that runs on the network edge.

Question 3

What is CND?

Answer 3

content delivery network

A geographically distributed group of servers which work together to provide fast delivery of Internet content.

Question 4

Describe DNS

Answer 4

Domain Name System (DNS)

The Domain Name System (DNS) is the phonebook of the Internet. DNS translates domain names to IP addresses.

Question 5

Why CloudFlare?

Answer 5

I believe in Cloudflare’s mission to help build a better Internet.
I believe in Cloudflare’s superior products and the hollistic approach used to help everything that connects to the Internet more secure, private, fast, and reliable.
I believe in Cloudflare’s inclusive culture and CF Capabilites, behavior that I already live my life by.
I believe that I belong at CF.

Question 6

Tell me about a time when you had a disagreement with a co-worker?

Question 7

Can you explain the tech behind Cloudflare?

Question 8

Tell me a company you admire and why?

Question 9

Tell me something you have taken on during the pandemic.

Question 10

Cloudflare Web Application Firewall

Answer 10

The Cloudflare Web Application Firewall (WAF) provides both automatic protection from vulnerabilities and the flexibility to create custom rules. OSI layer 7 intelligent, integrated, and scalable solution to secure your web applications, without changing your existing infrastructure or sacrificing performance. The Cloudflare WAF protects against a large number of web attack vectors including file inclusion, Cross-Site Scripting attacks, SQL injections, and many other vulnerabilities.

Question 11

OWASP

Answer 11

The Open Web Application Security Project (OWASP) is an online community that produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security. The Open Web Application Security Project (OWASP) provides free and open resources. It is led by a non-profit called The OWASP Foundation. The OWASP Top 10 - 2021 is the published result of recent research based on comprehensive data compiled from over 40 partner organizations.

Question 12

Cloudflare Access

Answer 12

Cloudflare Access replaces corporate VPNs with Cloudflare’s network. Instead of placing internal tools on a private network, customers deploy them in any environment, including hybrid or multi-cloud models, and secure them consistently with Cloudflare’s network.
Prevent lateral movement and reduce VPN reliance. Free for up to 50 users.
Works with your identity providers and endpoint protection platforms to enforce default-deny, Zero Trust rules that limit access to corporate applications, private IP spaces and hostnames. Connects users faster and more safely than a VPN.

Question 13

Cloudflare Gateway

Answer 13

Cloudflare Gateway is a modern next generation firewall between your user, device or network and the public Internet. Once you setup Cloudflare Gateway, Gateway’s DNS filtering service will inspect all Internet bound DNS queries, log them and apply corresponding policies.

Question 14

Cloudflare Tunnel

Answer 14

Cloudflare Tunnel (formerly Argo Tunnel) establishes a secure outbound connection which runs in your infrastructure to connect the applications and machines to Cloudflare.

Question 15

WARP client

Answer 15

Teams customers can use the Cloudflare WARP application to connect corporate desktops to Cloudflare Gateway for advanced web filtering. The Gateway features rely on the same performance and security benefits of the underlying WARP technology, with security filtering available to the connection.

Question 16

What is UDP?

Answer 16

The User Datagram Protocol, or UDP, is a communication protocol used across the Internet for especially time-sensitive transmissions such as video playback or DNS lookups. It speeds up communications by not formally establishing a connection before data is transferred. This allows data to be transferred very quickly, but it can also cause packets to become lost in transit — and create opportunities for exploitation in the form of DDoS attacks.

Question 17

What is a network protocol?

Answer 17

In networking, a protocol is a standardized set of rules for formatting and processing data. Protocols enable computers to communicate with one another.

Question 18

autonomous systems (AS)

Answer 18

An autonomous system (AS) is a very large network or group of networks with a single routing policy. Each AS is assigned a unique ASN, which is a number that identifies the AS.

Question 19

When and where was CF launched?

Question 20

Time to live (TTL)

Answer 20

Time to live (TTL) refers to the amount of time or “hops” that a packet is set to exist inside a network before being discarded by a router. TTL is also used in other contexts including CDN caching and DNS caching.

Question 21

What is the Internet Control Message Protocol (ICMP)? (L3 Protocol)

Answer 21

ICMP: The Internet Control Message Protocol (ICMP) handles error reports and testing. A connectionless protocol, ICMP does not use a transport protocol like TCP or UDP. Rather, ICMP packets are sent over IP alone. Developers and networking engineers use ICMP for its ping and traceroute functions. Typically only one ICMP packet needs to be sent at a time. ICMP is commonly used to flood a server with too many pings to respond to, or with one large ping packet that crashes the receiving device (this is known as the “ping of death”)
ICMP ping of death attacks are not possible with modern hardware, which ignores IP packets that are too large.

Question 22

Smurf Attack

Answer 22

In a Smurf attack, the attacker sends an ICMP packet with a spoofed source IP address. Networking equipment replies to the packet, sending the replies to the spoofed IP and flooding the victim with unwanted ICMP packets. Like the ‘ping of death,’ today the Smurf attack is only possible with legacy equipment.
Network layer attack

Question 23

A ping flood or ICMP flood

Answer 23

A ping flood or ICMP flood is when the attacker attempts to overwhelm a targeted device with ICMP echo-request packets. The target has to process and respond to each packet, consuming its computing resources until legitimate users cannot receive service.
Network layer attack

Question 24

Ping of death attack

Answer 24

A ping of death attack is when the attacker sends a ping larger than the maximum allowable size for a packet to a targeted machine, causing the machine to freeze or crash. The packet gets fragmented on the way to its target, but when the target reassembles the packet into its original maximum-exceeding size, the size of the packet causes a buffer overflow.

The ping of death attack is largely historical at this point. However, older networking equipment could still be susceptible to it.
Network layer attack

Question 25

IP (L3 Protocol)

Answer 25

The Internet Protocol (IP) routes and addresses packets of data so that they arrive at the correct destination. Every device that connects to the Internet has an IP address, and the IP protocol attaches the correct IP address to each data packet – like addressing a letter to someone.

Question 26

IPsec (L3 Protocol)

Answer 26

IPsec is actually a suite of several protocols, not a single protocol. IPsec is the encrypted version of IP used by VPNs, similar to the difference between HTTPS and HTTP.
Attackers can use IPsec to flood the target with junk data or overly large security certificates.

Question 27

MAC Address (media access control)

Answer 27

a MAC address is a unique identifier hardwired into every Internet-capable device, like a fingerprint

Question 28

ARP: The Address Resolution Protocol (L3 Protocol)

Answer 28

ARP: The Address Resolution Protocol is for use within a single network only. Computers use this protocol to map IP addresses to MAC addresses within the network.
ARP only operates within a local network, so an attacker would first need to connect to the local network before carrying out the DDoS attack.

Question 29

IGMP: Internet Group Message Protocol

L3 Protocol

Answer 29

The Internet Group Message Protocol manages IP multicast groups, enabling multiple devices within a network to receive the same IP traffic.

Question 30

The Internet of Things (IOT)

Answer 30

The Internet of Things (IOT) is the collection of internet-connected gadgets such as cameras, refrigerators, and smart speakers.
Internet of Things is a catchall phrase for all the various internet-connected devices that are not traditional computers. This includes everything from fitness trackers and smart watches to smart refrigerators, headphones, cameras, washing machines, cars, traffic lights, airplane engines, and home security systems.

Question 31

Packet (in Networking)

Answer 31

In networking, a packet is a small segment of a larger message. Each packet contains both data and information about that data. The information about the packet’s contents is known as the “header,” and it goes at the front of the packet so that the receiving machine knows what to do with the packet

Question 32

Packet Switching (in Networking)

Answer 32

A techinique for how packets are sent across the Internet. Intermediary routers and switches are able to process packets independently from each other, without accounting for their source or destination. This is by design so that no single connection dominates the network.

Question 33

Protocol (in Networking)

Answer 33

In networking, a protocol is a standardized way of doing certain actions and formatting data so that two or more devices are able to communicate with and understand each other.

Question 34

Routers

Answer 34

A router is a device that connects two or more IP networks or subnetworks.
Routers forward packets to different computer networks based on their destination. Routers are like the traffic cops of the Internet, making sure that Internet traffic goes to the right networks.

Question 35

Switches

Answer 35

A network switch forwards data packets between devices. Switches send packets directly to devices, rather than sending them to networks like a router does.
Switches connect devices that share a single network. They use packet switching to forward packets to the correct devices. They also receive outbound packets from those devices and pass them along to the right destination.

Question 36

Web Servers

Answer 36

Web servers are specialized high-powered computers that store and serve content (webpages, images, videos) to users, in addition to hosting applications and databases. Servers also respond to DNS queries and perform other important tasks to keep the Internet up and running. Most servers are kept in large data centers, which are located throughout the world.

Question 37

HTTP

Answer 37

The Hypertext Transfer Protocol is used to load pages on the Internet using hyperlinks.

Question 38

TLS (Transport Layer Security)

Answer 38

TLS is a security protocol that provides privacy and data integrity for Internet communications. Implementing TLS is a standard practice for building secure web apps.

Question 39

Ports (in Networking)

Answer 39

Ports are virtual places within an operating system where network connections start and end. They help computers sort the network traffic they receive.

Question 40

1.1.1.1

Answer 40

1.1.1.1 is a public DNS resolver operated by Cloudflare that offers a fast and private way to browse the Internet. Unlike most DNS resolvers, 1.1.1.1 does not sell user data to advertisers. In addition, 1.1.1.1 has been measured to be the fastest DNS resolver available.

Question 41

DNS cache poisoning | DNS spoofing

Answer 41

Attackers can poison a DNS cache by tricking DNS resolvers into caching false information, with the result that the resolver sends the wrong IP address to clients, and users attempting to navigate to a website will be directed to the wrong place.

Question 42

DNS tunneling

Answer 42

This attack uses other protocols to tunnel through DNS queries and responses. Attackers can use SSH, TCP, or HTTP to pass malware or stolen information into DNS queries, undetected by most firewalls.

Question 43

DNS hijacking

Answer 43

In DNS hijacking the attacker redirects queries to a different domain name server. This can be done either with malware or with the unauthorized modification of a DNS server. Although the result is similar to that of DNS spoofing, this is a fundamentally different attack because it targets the DNS record of the website on the nameserver, rather than a resolver’s cache

Question 44

API (Application Programming Interface)

Answer 44

An application programming interface is a connection between computers or between computer programs. It is a type of software interface, offering a service to other pieces of software.

Question 45

MTU (maximum transmission unit)

Answer 45

Maximum transmission unit (MTU) is a measurement in bytes of the largest data packets that an Internet-connected device can accept.
MTU is measured in bytes — a “byte” is equal to 8 bits of information, meaning 8 ones and zeroes. 1,500 bytes is the maximum MTU size.
MTU almost always is used in reference to layer 3* packets, or packets that use the Internet Protocol (IP). MTU measures the packet as a whole, including all headers and the payload. This includes the IP header and the TCP (Transport Control Protocol) header, which usually add up to 40 bytes in length.

Question 46

MSS (maximum segment size)

Answer 46

MSS, or maximum segment size, is the largest data payload that a device will accept from a network connection.
MSS is used by TCP at layer 4 of the Internet, the transport layer, instead of layer 3
While packets that exceed a router’s MTU are either fragmented or dropped, packets that exceed the MSS are always dropped.

Question 47

Path MTU discovery (PMTUD)

Answer 47

Path MTU discovery, or PMTUD, is the process of discovering the MTU of all devices, routers, and switches on a network path.

Question 48

Anycast

Answer 48

Anycast is a network addressing and routing method in which incoming requests can be routed to a variety of different locations.

Question 49

BGP: The Border Gateway Protocol (BGP)

routing protocol

Answer 49

The Border Gateway Protocol (BGP) routing protocol is used to announce which networks control which IP addresses, and which networks connect to each other. (The large networks that make these BGP announcements are called autonomous systems.) BGP is a dynamic routing protocol.

Question 50

OSPF: The Open Shortest Path First

routing protocol

Answer 50

OSPF: The Open Shortest Path First (OSPF) protocol is commonly used by network routers to dynamically identify the fastest and shortest available routes for sending packets to their destination.

Question 51

RIP: The Routing Information Protocol

routing protocol

Answer 51

RIP: The Routing Information Protocol (RIP) uses “hop count” to find the shortest path from one network to another, where “hop count” means number of routers a packet must pass through on the way. (When a packet goes from one network to another, this is known as a “hop.”)

Question 52

LAN (local area network)

Answer 52

A LAN, or local area network, is a group of connected computing devices within a localized area that usually share a centralized Internet connection.

Question 53

wide area network (WAN)

Answer 53

A wide area network (WAN) is any network that extends over a large geographic area, usually connecting multiple local area networks (LANs).

Question 54

SD-WAN (software-defined wide area network)

Answer 54

A software-defined wide area network (SD-WAN) connects local area networks (LANs) across large distances using controlling software that works with a variety of networking hardware.

Question 55

metropolitan area network (MAN)

Answer 55

A metropolitan area network (MAN) is smaller than a wide area network (WAN) but larger than a local area network (LAN).

Question 56

campus area network (CAN)

Answer 56

Most often used on college and university campuses, a campus area network (CAN) is a computer network that connects multiple buildings within a large property.

Question 57

personal area network (PAN)

Answer 57

A personal area network (PAN) connects electronic devices close to the user, such as a wireless mouse, a keyboard, and a computer.

Question 58

NaaS (network-as-a-service)

Answer 58

Network-as-a-service (NaaS) is a cloud service model in which customers rent networking services from a cloud vendor instead of setting up their own network infrastructure.

Question 59

Competitiors

Answer 59

Radware, Akamai Technologies, And Imperva

Amazon Web Services and A10 Networks are Strong Performers; and Google, Microsoft, Alibaba Cloud, Neustar, and Lumen