Networking & Security Flashcards
What port does ping work over?
A trick question, to be sure, but an important one. If they start throwing out port numbers you may want to immediately move to the next candidate. Hint: ICMP is a layer 3 protocol (it doesn’t work over a port) A good variation of this question is to ask whether ping uses TCP or UDP. An answer of either is a fail, as those are layer 4 protocols.
Do you prefer filtered ports or closed ports on your firewall?
Look for a discussion of security by obscurity and the pros and cons of being visible vs. not. Basically anything intelligent in terms of discussion. There can be many signs of maturity or immaturity in this answer.
How exactly does traceroute/tracert work at the protocol level?
This is a fairly technical question but it’s an important concept to understand. It’s not natively a “security” question really, but it shows you whether or not they like to understand how things work, which is crucial for an Infosec professional. If they get it right you can lighten up and offer extra credit for the difference between Linux and Windows versions.
The key point people usually miss is that each packet that’s sent out doesn’t go to a different place. Many people think that it first sends a packet to the first hop, gets a time. Then it sends a packet to the second hop, gets a time, and keeps going until it gets done. That’s incorrect. It actually keeps sending packets to the final destination; the only change is the TTL that’s used. The extra credit is the fact that Windows uses ICMP by default while Linux uses UDP.
What are your favorite security assessment tools? Why?
You want to hear things like Metasploit, Responder, Empire, and maybe Kali, Nessus, etc. What you don’t want to hear is Kali by itself, with no specifics. As with most of these questions, the goal is to get them talking so you can expose their knowledge, passion, or lack thereof.
How does a buffer overflow work?
Hopefully they can describe the high-level, but ask them to go into as much detail as they can.
How can one defend against buffer overflows?
Look for answers around modern languages and frameworks, and built-in OS protections that exist in various operating systems.
What are Linux’s strengths and weaknesses vs. Windows?
Look for biases. Does he absolutely hate Windows and refuse to work with it? This is a sign of an immature hobbyist who will cause you problems in the future. Is he a Windows fanboy who hates Linux with a passion? If so just thank him for his time and show him out. Linux is everywhere in the security world.