Tech Mock Interview Questions

Question 1

Question #1: What is the Active Directory (AD)?

Answer 1

Answer: The Active Directory is a management tool that controls users and groups within the Windows operating system. It also enables the setting of permissions. It allows the server to function as a Domain Controller.

Question 2

What’s the difference between a Domain and a Workgroup?

Answer 2

Answer: A Domain is a type of dedicated server that stores and manages all the devices within a network while a Workgroup is a standalone device located inside the network. Devices inside the network are assigned to the Workgroup.

Question 3

Question #3: What is a Group Policy Object (GPO)?

Answer 3

Answer: A Group Policy Object (GPO) is a set of rules that’s built-in to the Windows operating system.

Question 4

Question #4: What does the Event Viewer do?

Answer 4

Answer: The Event Viewer provides detailed information about events within a group policy. It can be accessed to inspect changes to the Group Policy Object.

Question 5

Question #5: What’s the purpose of the Server Message Block (SMB)?

Answer 5

Answer:The purpose of the Server Message Block (SMB) is to allow network devices to share resources over the network. It’s a protocol that requires and uses two forms of authentication: Technical Interview Questions: Entry level Kerberos & NTLM.

Question 6

Question #6: What kind of firewall does Windows use?

Answer 6

Answer: Windows uses a built-in firewall that is host-based and stateful, meaning it inspects and analyzes each packet as it arrives and leaves the system.

Question 7

Question #7: What is RAID?

Answer 7

Answer: RAID (Redundant Array of Independent Disks) is a helpful tool that allows the setup of hard drives that provide redundancy in case of a drive failure.

Question 8

Question #1: What’s the difference between a LAN and a WAN?

Answer 8

Answer: A LAN (Local Area Network) is a network that’s built around a group of devices within a small geographical area such as homes, small businesses, or buildings. On the other hand, a WAN (Wide Area Network) is a network that’s composed of several LANs connected to one another and is not bound by a geographical area.

Question 9

Question #2: What is the OSI (Open System Interconnection) model?

Answer 9

Answer: The OSI (Open System Interconnection) model is a conceptual model that defines the architecture of a network into a progressive seven-layer framework.

Question 10

Question #3: What’s a MAC (Media Access Control) address?

Answer 10

Answer: A MAC (Media Access Control) address is a unique identifier that belongs to the network card of a specific device. It serves as that device’s hardware ID on the network.

Question 11

Question #4: What’s the difference between a router and a switch?

Answer 11

Answer: A switch is a device that allows multiple end devices to connect to the network and communicate with each other while a router allows communication of end devices between different Networks.

Question 12

Question #5: What is a VLAN (Virtual Local Area Network)?

Answer 12

Answer: A VLAN (Virtual Local Area Network) is a virtual subnetwork that’s used to group end devices that communicate frequently in the same network.

Question 13

Question #6: What is an ACL (Access Control List)?

Answer 13

Answer: An ACL (Access Control List) is a set of rules to filter

Question 14

Question #7: What is NAT (Network Address Translation)?

Answer 14

Answer: NAT (Network Address Translation) is a protocol that converts private addresses to public and vice versa. This allows communication between end devices and the Internet and it’s carried out by the router.

Question 15

Question #1: What does cloud computing mean?

Answer 15

Answer: Cloud Computing refers to a service that’s carried out by a host over the Internet or off premises, therefore being in the “Cloud”.

Question 16

Question #2: What is IaaS (Infrastructure as a Service)?

Answer 16

Answer: IaaS (Infrastructure as a Service) is a type of cloud service that provides access to resources over the Internet such as hardware, virtualization, and networking.

Question 17

Question #3: What are the three types of Cloud Deployment Models?

Answer 17

Answer: The three types of Cloud Deployment Models are Public, Private, and Hybrid.

Question 18

Question #4: What is virtualization and how does it affect Cloud services?

Answer 18

Answer: Virtualization is the process of creating virtual or logical resources from physical resources. It sets the groundwork for cloud computing as it allows for the creation of a pool of resources that can be shared among devices and services.

Question 19

Question #5: What’s a container?

Answer 19

Answer: A container is a unit of software that packages up all the code and resources that an application needs to run.

Question 20

Question #6: Name ways to secure the Cloud on the network.

Answer 20

Answer: Some of the different ways to secure the Cloud service on the network are by isolating the different types of zones, by applying end-to-end encryption, or to use encapsulation protocols.

Question 21

Question #7: What is the Internet of Things (IoT)?

Answer 21

Answer: The Internet of Things (IoT) refers to the technology that allows devices to connect, communicate, and be operated from the Internet utilizing the cloud computing infrastructure.

Question 22

Question #1: What is the kernel?

Answer 22

Answer: The kernel establishes the communication between the software and hardware and serves as the core of an operating System.

Question 23

Question #2: Where are system logs stored in Linux?

Answer 23

Answer: System logs are stored in the /var folder within the operating system directories.

Question 24

Question #3: Which user has the highest privileges in Linux?

Answer 24

Answer: Root users or system users have the highest privileges within the Linux operating system.

Question 25

Question #4: What does the “sudo” command do?

Answer 25

Answer: The sudo command grants root privileges/ permissions to non root users.

Question 26

Question #5: What is SCP (Secure Copy Protocol)?

Answer 26

Answer: The SCP (Secure Copy Protocol) is a security protocol that allows for the secure transferring of files between remote or local hosts and is installed on Linux distributions by default; it’s based on the SSH protocol.

Question 27

Question #6: What is Bash Scripting?

Answer 27

Answer: Bash Scripting refers to utilizing a series of commands stored in a bash text file to run a particular command or action.

Question 28

Question #7: Why is Grub important in Linux?

Answer 28

Answer: Grub is important in Linux because it’s the bootloader that allows for the operating system to run. Without it the Linux kernel cannot communicate properly and start the system.

Question 29

Question #1: What is the difference between ping and traceroute?

Answer 29

Answer: The ping command tests network communication by sending packets to a host while the traceroute command counts and displays the hops from the host to each of its destinations.

Question 30

Question #2: What’s the difference between a Virtual IP and a regular IP address?

Answer 30

Answer: A Virtual IP is an IP address that’s not associated with a particular end device and is assigned by a user/administrator while a regular IP address is assigned to a specific device in the network by the router.

Question 31

Question #3: What’s the purpose of the DMZ (Demilitarized Zone)?

Answer 31

Answer: The purpose of the DMZ (Demilitarized Zone) is to protect the internal network by forming a physical or logical layer that includes only specific externally dependent services.

Question 32

Question #4: What’s the difference between an IDS and an IPS?

Answer 32

Answer: An IDS (Intrusion Detection System) is a system that is commonly passive and alerts of malicious network traffic while an IPS (Intrusion Prevention System) is a system that constantly monitors and blocks malicious network traffic.

Question 33

Question #5: What are the components of AAA in Networking?

Answer 33

Answer: The components of AAA stand for Authentication which verifies a user’s identity, Authorization which enforces a user’s permissions, and Accounting which tracks a user’s activity.

Question 34

Question #6: What is ARP (Address Resolution Protocol)?

Answer 34

Answer: ARP (Address Resolution Protocol) is a protocol that translates IP addresses into MAC addresses.

Question 35

Question #7: What’s the difference between stateful and stateless?

Answer 35

Answer: Stateful requires a server to store state and session information while stateless permits or denies packets based on their source or destination IP.

Question 36

Question #1: What is an Endpoint Security Solution?

Answer 36

Answer: An Endpoint Security Solution is a suite of tools that helps protect endpoint devices such as computers, network devices, or workstations.

Question 37

Question #2: What’s the difference between a false positive and a false negative result?

Answer 37

Answer: A false positive means that the result indicates a false outcome that’s not true while a false negative means that the result was calculated incorrectly and it’s actually true.

Question 38

Question #3: What does “Zero-Day” stand for?

Answer 38

Answer: “Zero-Day” stands for a vulnerability or flaw that a system or application has that can be exploited before a vendor can patch it.

Question 39

Question #4: What’s a Honeypot?

Answer 39

Answer: A Honeypot is a device that’s used as a decoy in an accessible running network system in order to lure attackers or outside threats.

Question 40

Question #5: What’s the difference between whitelisting and blacklisting?

Answer 40

Answer: Whitelisting means that there are no restrictions to the data or access; the resource is trusted while blacklisting establishes restrictions on the access and data; it’s not fully trusted.

Question 41

Question #6: What is steganography?

Answer 41

Answer: Steganography is the art or practice of hiding information within files such as files within files.

Question 42

Question #7: What’s the difference between a SIEM and a SOAR?

Answer 42

Answer: A SIEM is a product or service that can be used to analyze logs or events and collects security incidents such as breaches, data theft, and suspicious behavior. SOAR is a category of products or services designed to minimize the need for human presence during incident response cases.

Question 43

Question #1: What is source code?

Answer 43

Answer: Source Code is the text that’s contained within a program. It’s a collection of instructions written in a particular programming language.

Question 44

Question #2: How’s Python different from other programming languages?

Answer 44

Answer: Python is a very adaptable programming language because it’s supported in many operating systems, it’s the easiest to learn, and it’s supported by a vast collection of libraries.

Question 45

Question #3: What are Loops?

Answer 45

Answer: Loops are sequences of instructions that are placed in statements within code blocks to enable the repetition of those Statements.

Question 46

Question #4: What’s the difference between a Compiler and an Interpreter Language?

Answer 46

Answer: A Compiler takes an entire program and translates all of it into object code while an interpreter executes instructions without converting them to object code.

Question 47

Question #5: What are functions?

Answer 47

Answer: Functions are instructions that are used to define a block of code that’s reusable without the need to rewrite it each time.

Question 48

Question #6: What’s the difference between a class and an object?

Answer 48

Answer: A Class is a code template that serves as the blueprint for an object; it defines its properties. An Object is an abstract data type/ variable that can contain attributes and methods.

Question 49

Question #7: What’s a socket and how does it apply to Python?

Answer 49

Answer: A socket is the endpoint of communication between a client and a server and they are relevant to Python because they can be imported and modified within the code to allow communication between clients and servers.

Question 50

Question #1: What’s the CIA Triangle?

Answer 50

Answer: The CIA Triangle are three principles that form the cornerstone of any organization’s security infrastructure. These are: Confidentiality, Integrity, and Availability.

Question 51

Question #2: What’s malware?

Answer 51

Answer: Malware is a term that refers to various types of malicious software designed to cause damage.

Question 52

Question #3: What’s Nmap?

Answer 52

Answer: Nmap is a free open-source network mapper tool that’s used for network discovery and security auditing.

Question 53

Question #4: What’s a Man-in-the-Middle-Attack?

Answer 53

Answer: A Man-in-the-Middle-Attack is a type of attack that’s used to eavesdrop on private communication and is carried out secretly in the background. It also allows for control over the network traffic.

Question 54

Question #5: What’s ARP Poisoning?

Answer 54

Answer: ARP Poisoning is when an attacker sends falsified ARP messages over the network to link the attacker’s MAC address with the IP address of a legitimate computer or server on the network.

Question 55

Question #6: What’s Social Engineering?

Answer 55

Answer: Social Engineering is a type of psychological manipulation that’s used to extract information or convince people to perform actions that break an organization’s security practices.

Question 56

Question #7: What’s Metasploit?

Answer 56

Answer: Metasplopit is a tool that’s used to scan for weaknesses in a system. It can be used by ethical hackers as well as malicious Actors.

Question 57

Question #1: What’s the difference between Digital Forensics & Incident Response?

Answer 57

Answer: Digital Forensics involves examining and analyzing clues after a cyber attack while preserving the evidence. On the other hand, Incident Response carries out actions to deal with the damage during and after a security breach or attack in an effort to reduce damage and recovery costs.

Question 58

Question #2: What’s Wireshark?

Answer 58

Answer: Wireshark is a network tool that operates on data that’s already captured. It analyzes network traffic and can be used for carrying out network forensics.

Question 59

Question #3: What’s Live Forensics?

Answer 59

Answer: Live Forensics is an analysis of system data while the device is powered on. It’s done to acquire volatile data that would be lost if the device was powered off.

Question 60

Question #4: What’s the difference between Static and Live Malware Analysis?

Answer 60

Answer: Static Malware Analysis is an analysis that’s carried out to identify whether the evidence is actually malware or a false positive. Live Malware Analysis is an analysis that’s done to monitor the behavior and impact of a malware on the system; it’s carried out by executing the malware