Cybersecurity > Technical Interview Questions > Flashcards
Technical Interview Questions Flashcards
AAA
Authentication, Authorization, Accounting
ACK
ACKnowledge; part of the transmission control protocol (TCP) handshake
ACL
Access Control Lists
AD
Advanced Directory
AP
Access Point
APT
Advanced Package Tool
ARP
Address Resolution Protocol
Bash
Bourne Again Shell, a pun on Steven Bourne, the inventor of the Bourne shell (sh)
BIOS
Basic Input/Output System
BYOD
Bring Your Own Device
CAM
Content Addressable Memory
Chmod
Change Mode
CLI
Command Line Interface
CPU
Central Processing Unit
CVEs
Common Vulnerabilities and Exposures
DMZ
Demilitarized Zone
FTP
File Transfer Protocol
GPO
Group Policy Object
GRUB
GRand Unified Bootloader
GUI
Graphical User Interface
HD
Hard Drive
HTTPS
Hypertext Transfer Protocol Secure
IaaS
Infrastructure as a Service
IDS
Intrusion Detection System
IoT
Internet of Things
IP
Internet Protocol
IPS
Intrusion Protection System
ISP
Internet Service Provider
LAN
Local Area Network
MAC address
Media Access Control address
MITM attack
Man-In-The-Middle attack
NAT
Network Address Translation
Nmap
Network Mapper
NTLM
New Technology LAN Manager (Windows)
OSI
Open System Interconnection
PCI
Peripheral Component Interconnect
PSU
Power Supply Unit
RAID
Redundant Array of Independent Disks
SCP
Secure Copy Protocol
SEM
Security Event Manager
SIEM
Security Information and Event Management
SMB
Server Message Block
SOAR
Security Orchestration, Automation, and Response
SQL injection
Structured Query Language injection
SSD
Solid-State Drive
SSH
Secure Shell
SSL
Secure Sockets Layer
Sudo as in sudo command
Super User Do
SYN
SYNchronize
SYN-ACK
SYNchronize-ACKnowledge
TCP
Transmission Control Protocol
TLS
Transport Layer Security
UDP
User Datagram Protocol
URL
Uniform Resource Locator
USB
Universal Serial Bus
VLAN
Virtual Local Area Network
VPN
Virtual Private Network
WAN
Wide Area Network
What is the active directory (AD)?
The active directory is a management tool that controls users and groups within the Windows operating system. It also enables the ability to set permissions and allows the server to function as a domain controller.
What is the difference between a domain and a workgroup?
A domain is a dedicated server that stores and manages all the devices within a network, while a workgroup is a standalone device located inside the network. Devices inside the network are assigned to the workgroup.
What is a group policy object (GPO)?
A group policy object is a set of rules built into the Windows operating system.
What does the event viewer do?
The event viewer provides detailed information about events within a group policy. It can be accessed to inspect changes to the group policy object.
What is the purpose of the server message block (SMB)?
The server message block allows network devices to share resources over the network. It is a protocol that requires and uses two forms of authentication: Kerberos & NTLM.
What kind of firewall does Windows use?
Windows uses a built-in firewall that is host-based and stateful, which means that it inspects and analyzes each packet as it arrives and leaves the system.
What is the redundant array of independent disks (RAID)?
The redundant array of independent disks is a helpful tool that allows the setup of hard drives that provide redundancy in case of a drive failure.
How do you set up a virtual server operating system on a blank machine or device? Provide three steps including precautions.
To set up a virtual server on a device, do the following:
1. Ensure the end device has enough resources to run the operating system.
2. Load the operating system to a bootable media such as a USB flash drive or a physical disk. Boot up the blank machine. If the system does not recognize the bootable media, use the system?s BIOS to change the boot-up preferences.
3. Wait for the system to run the media and follow the onscreen steps to install the software on the device.
How do you access Windows logs in Windows Server?
To access Windows log files in Windows Server, do the following:
1. Access the event viewer.
2. Type event viewer in the search bar and launch the program, or select Tools in the Server Manager menu to access the event viewer.
3. Once you launch the event viewer, logs for different categories are visible on the left side including applications, services, or the Windows operating system (OS).
You boot a computer; it makes a beeping sound and powers down by itself. What are two or three common explanations for this error? How do you troubleshoot it?
Some common errors for a computer that beeps and shuts down include a power supply issue (PSU), a bad memory module, or a processor (CPU) error. To fix this problem, do the following:
1. Test the PSU for electric current using an electrical testing tool. If It is positive, reconnect the PSU to the motherboard and additional components, then reboot.
2. Reseat the memory module while the system is off and reboot.
3. Remove the CPU while the system is off. Clean, repaste, and reinstall it. Reboot the system, and verify it is running correctly.
What tool would you use within the Windows operating system environment to reset a user?s login credentials?
Use the active directory tool because it allows access to all the users and groups and grants the ability to modify each user?s access, credentials, roles, and privileges.
One of your clients is having trouble accessing the internet. They state that the icon indicates that the device is connected. However, there?s no data and information available. What troubleshooting steps would you recommend? Provide at least three recommendations in any order.
The recommended steps include:
1. Ensure that the modem or router is on and their lights are either green or white, which indicates a positive connection.
2. Verify that the device is connected to the network via an ethernet cable or the wireless protocol.
3. Verify that the device can ping an outside address using the CLI interface.
4. Restart the network devices in the following order: modem, router, switches (if applicable), and end devices.
5. Check for applicable updates on the network and end devices.
After completing every step of the troubleshooting process, you still cannot solve a problem for a client. What is your next step?
When nothing is working and there is nothing more you can do, contact the next person in the chain of command or the next tier of support. Inform your contact of the steps taken, and provide all required information to hand over the task.
What is the most important part of the troubleshooting process?
Documentation. Document everything in a physical and logical (digital) format so that you can diagnose similar errors in the future. You should maintain documentation history for all clients, software, and devices.
What is the kernel?
The kernel establishes communication between the software and hardware and serves as the core of an operating system.
Where are system logs stored in Linux?
System logs are stored in the /var folder within the operating system directories.
Which user has the highest privileges in Linux?
Root users or system users have the highest privileges within the Linux operating system.
What does the sudo command do?
The sudo command grants root privileges and permissions to non-root users.
What is secure copy protocol (SCP)?
SCP is a security protocol based on the SSH protocol that allows for the secure transfer of files between remote or local hosts. It is installed on Linux distributions by default.
What is Bash scripting?
Bash scripting refers to utilizing a series of commands stored in a bash text file to run a particular command or action.
Why is GRUB important in Linux?
GRUB allows the operating system to run. Without it, the Linux kernel cannot communicate and start the system.
You’re a system administrator tasked with modifying some files in a server. You don’t have the correct permissions due to an error during the account creation process. Given that you have the authorization to make any changes as needed, what would you do to access and modify the required files?
To avoid creating the account again, use the terminal to elevate your current user permissions by employing the sudo command. Another option would be to invoke the chmod command in the terminal to set permissions on the actual files.
How do you upgrade the packages on a Linux-based system using the CLI? Do you use the apt update command? Explain.
To upgrade the packages in a Linux-based system, launch the terminal or CLI and then use the apt upgrade command instead of the apt update command. The apt update command will pull the latest updates but not install them, whereas the apt upgrade command will install the newer packages.
You’re using a system that runs on the command line; there’s no GUI. Your manager asks you to copy the file, appointment_list.txt, to a folder located in the domain called shared_resources. Since you’re in the file’s original location, how do you copy the file?
Use the copy command to copy the file and then assign the copy’s location as follows:
? user:~/$ cp appointment_list.txt shared resources
Your task is to implement a secure method for employees to work remotely using their home WiFi. What is the best approach?
The best method is to use a virtual private network (VPN) provided by the company to ensure that sensitive information sent and received on the end device is encrypted.
You’re deploying a computer laboratory for a school. Assume that you have terminals (monitors with attached hardware and limited capability). What is the best way to deploy multiple computers without investing in a large hardware purchase?
The best way to deploy multiple computers would be to use virtualization. You could create virtual machines accessible from terminals in the laboratory using a single host machine. This approach requires less capital investment and accommodates most simple scenarios.
Provide 3?5 examples of endpoint security solutions you can deploy for clients.
Endpoint security solutions include anti-virus software, intrusion detection systems, intrusion prevention systems, specialized firewalls, whitelisting and blacklisting applications, uniform resource locator (URL), filtering tools, VPNs, browser isolation controls, application control, etc.
How would you expand a network shared by various departments without investing or using physical resources?
The best way to expand a network shared by various departments would be to implement different VLANs assigned to each department to offset the network load and traffic and offer more flexibility.
What kind of documentation system can you implement for users in an institution?
A simple documentation system in this scenario is a ticketing system, either physical or digital. This system will allow for better communication and tracking of end devices and user problems.
Why is BYOD a flawed security practice?
A bring your device (BYOD) policy decreases the ability to track and monitor users online; increases the risk of data theft, leak, or exposure; lacks the ability to enforce application controls; and increases the risk of unauthorized access by external actors.
Name at least six components that make up a computer. Don’t include accessories.
The main components that make up a computer include the motherboard, power supply, memory modules, processor, hard drive [solid-state drives (SSDs), spinning disks or hard drives (HDs), peripheral component interconnect (PCI), etc.], optical drives (discs, media card readers, etc.), computer case, fans, and cabling. Optional devices embedded in modern motherboards include the video card, audio card, WiFi adapters, and network interface controllers.
Name at least five tools used by information technology (IT) technicians.
Standard tools used by IT technicians include cable strippers, screwdrivers with magnetic tips, multimeters, magnets, socketed nut driver sets, crimping pliers, PSU testers, voltage detectors, anti-static wrist straps or pads, magnifiers, tweezers, pliers, electric tape, and anti-static gloves.
What is the most critical skill for IT technicians?
Communication is the most important skill that an IT technician should have because the troubleshooting process involves communicating with clients, other tiers of service, and different departments.
What is the difference between ping and traceroute commands?
The ping command tests network communication by sending packets to a host, whereas the traceroute command counts and displays the hops from the host to each of its destinations.
What is the difference between a virtual IP and a standard IP address?
A user or administrator assigns a virtual IP address that is not associated with a particular end device. In contrast, the router assigns a standard IP address to a specific device in the network.
What is the purpose of the demilitarized zone (DMZ)?
The DMZ aims to protect the internal network by forming a physical or logical layer that restricts the network to specific externally-dependent services.
What is the difference between an IDS and an IPS?
An intrusion detection system (IDS) is a passive system that generates alerts in response to malicious network traffic, whereas an intrusion prevention system (IPS) continuously monitors and blocks malicious network traffic.
What are the components of AAA in networking?
The components of AAA stand for authentication, which verifies a user?s identity; authorization, which enforces a user?s permissions; and accounting, which tracks a user?s activity.
What is address resolution protocol (ARP)?
ARP is a protocol that translates IP addresses into MAC addresses.
What is the difference between stateful and stateless?
Stateful requires a server to store state and session information, whereas stateless permits or denies packets based on their source or destination IP address.
What is malware?
Malware is a term that refers to various types of malicious software designed to cause damage.
What is network mapper (Nmap)?
Nmap is a free, open-source network mapper tool for network discovery and security auditing.
What is a man-in-the-middle (MITM) attack?
A man-in-the-middle attack is a stealth attack that allows an external actor to penetrate communication between an application and an end user. The malicious actor can intercept private communication undetected and exert control over network traffic.
What is ARP poisoning?
ARP poisoning occurs when an attacker sends falsified ARP messages over the network to link the attacker?s MAC address with the IP address of a legitimate computer or server on the network.
What is social engineering?
Social engineering is a psychological manipulation used to extract information or convince people to perform actions that break an organization?s security practices.
What is metasploit?
Metasploit is a tool used by ethical hackers and malicious actors to scan for weaknesses in a system.
What is the difference between digital forensics and incident response?
Digital forensics involves examining and analyzing clues after a cyber attack while preserving the evidence. In contrast, an incident response carries out actions to reduce damage and recovery costs during and after a security breach or attack.
What is wireshark?
Wireshark is a tool that analyzes network traffic and performs network forensics. It is used when data is already captured.
What is live forensics?
Live forensics analyzes data on an active system to acquire volatile data at risk for loss if the machine shuts down.
What is the difference between static and live malware analysis?
Static malware analysis analyzes whether evidence is malware or a false positive. In contrast, live malware analysis requires executing the malware and monitoring the behavior and impact of the malware on the system.
Explain the TCP three-way handshake.
In a TCP three-way handshake, the client device sends a SYN packet to the server on the same or external network. The server receives the SYN packet and responds to the client device with a SYN and ACK packet. The client then responds with an ACK packet and establishes the connection or handshake.
What is the unethical hacker?s most dangerous technique?
Social engineering will always constitute a large portion of the blame for unethical hacking. It is cost effective and allows malicious actors to achieve their goals with minimum exposure and risk while doing the most damage.
How can you find out common vulnerabilities and exposures for Linux systems?
Common vulnerabilities and exposures (CVEs) are available online. They contain a wide range of threats from privilege escalation to cross-site scripting, structured query language (SQL) injections, and much more.
What are the correct steps for incident response?
The correct steps for incident response are:
1. Preparation
2. Identification
3. Containment
4. Eradication
5. Recovery
6. Lessons learned
What backup sites are available as part of a disaster recovery plan?
There are three types of backup sites in a disaster recovery plan:
1. Hot sites are backup sites that are running and ready for immediate switchover.
2. Warm sites are backup sites with backup resources that are not ready for switchover. Equipment is powered off, and data might have to be restored.
3. Cold sites are backup sites that don?t necessarily have the required equipment to enable normal operations. Physical equipment must be built from scratch.
What are the differences between HTTPS, TLS, and SSL?
Hypertext transfer protocol secure (HTTPS) is a more secure HTTP version that allows users to securely communicate over the network. Transport layer security (TLS) secures the communication, encrypts traffic, and is the successor to secure sockets layer (SSL), which was the previous security protocol.
What is the difference between risk, vulnerability, and threat?
? A risk is a negative potential for loss that can occur by exploiting a vulnerability.
? A vulnerability is a weakness that can be exploited by threats.
? A threat is anything, internal or external, that can pose a danger to an asset, intentionally or unintentionally.
Explain the difference between authentication, authorization, and access control.
? Authentication verifies if someone or something is who or what they are supposed to be.
? Authorization determines the appropriate level of access that a verified device or person should have.
? Access control follows authorization and ensures that the authorized device or person has access only to assigned items.
What are black hats, white hats, and script kiddies?
? Black hats are hackers that use their skill for nefarious purposes or personal gain.
? White hats are ethical hackers who find and fix vulnerabilities in systems as well as protect, improve, and secure systems.
? Script kiddies are actors who use existing tools, scripts, or code to create damage. They usually have limited or no experience in cybersecurity and depend on preexisting knowledge acquired from the internet or others.
What is the confidentiality, integrity, and availability (CIA) triangle? Give an example of each pillar.
The CIA triangle consists of three pillars?confidentiality, integrity, and availability?that form the security model for information security and cybersecurity.
? Examples of confidentiality include two-factor authentication, encryption, and storing sensitive documentation in a safe under lock and key.
? Examples of integrity include error-detection software or access control lists (ACLs) that ensure that only authorized users can access data.
? Examples of availability include redundant networks, servers, and applications programmed to become available when the primary system has been disrupted, backups that are available off site, and system upgrades to ensure a fully functional operating system that is free of conflicts.
What is the most important rule regarding security?
No system is completely secure.
What is the difference between a LAN and a WAN? Give an example of each.
? A local area network (LAN) is a network built around a group of devices within a small geographical area such as homes, small businesses, or buildings. An example of a LAN would be a school with a network connecting all end devices such as servers, computers, cameras, and printers.
? A wide area network (WAN) comprises several connected LANs not bound by a geographical area. An example of a WAN would be your smartphone. Your smartphone is connected to a LAN, the cellphone radio tower, that allows it to connect to other networks such as the internet.
What is the open system interconnection (OSI) model?
The OSI model is a conceptual model that divides the architecture of a network into a progressive seven-layer framework.
What is a media access control (MAC) address?
A MAC address is a unique identifier that belongs to the network card of a specific device. It serves as that device?s hardware ID on the network.
What is the difference between a hub, a switch, and a router?
? A hub is a networking device that allows you to connect multiple devices to a network. Every packet that it receives gets sent to all the connected devices. A hub operates on the first layer of the OSI model, which is the physical layer.
? A switch has various ports that you can configure to receive specific packets. A switch operates on the second layer of the OSI model, which is the data link layer.
? A router is a networking device connected to two networks, usually a LAN and an ISP, that forwards the data packets to their corresponding destinations. It is always located next to the gateway, and some routers double as the gateway.
What is a virtual local area network (VLAN)?
A VLAN is a virtual subnetwork that groups end devices that frequently communicate in the same network.
What is an access control list (ACL)?
An ACL is a set of rules to filter network traffic.
What is network address translation (NAT)?
NAT is a protocol that converts private addresses to public addresses and vice versa. This protocol allows communication between end devices and the internet, which is carried out by the router.
What does cloud computing mean?
Cloud computing refers to a service that is carried out by a host over the internet or off-premises and is therefore in the Cloud.
What is infrastructure as a service (IaaS)?
IaaS is a cloud service that provides access to resources over the internet, such as hardware, virtualization, and networking.
What are the three types of cloud deployment models?
The three types of cloud deployment models are public, private, and hybrid.
What is virtualization, and how does it affect cloud services?
Virtualization is the process of creating virtual or logical resources from physical resources. It sets the groundwork for cloud computing and creates a pool of resources and the ability to share among devices and services.
What is a container?
A container is a unit of software that packages up all the code and resources that an application needs to run.
Name a way to secure cloud service on the network.
Ways to secure cloud service on the network include:
? Isolating the different types of zones
? Applying end-to-end encryption
? Using encapsulation protocols
What is the internet of things (IoT)?
The IoT is the technology that allows devices to connect, communicate, and operate from the internet by utilizing the cloud computing infrastructure.
What is an endpoint security solution?
An endpoint security solution is a suite of tools that helps protect endpoint devices such as computers, network devices, and workstations.
What is the difference between a false positive result and a false negative result?
A false positive means that the result was miscalculated and is negative, whereas a false negative means that the result is positive, not negative.
What does zero-day stand for?
Zero-day is an exploitable vulnerability or flaw in a system or application before a vendor can patch it.
What is a honeypot?
A honeypot is a device used as a decoy in an accessible running network system to lure attackers or outside threats.
What?s the difference between whitelisting and blacklisting?
Whitelisting means that there are no restrictions on the data or access, and the resource is trusted. Blacklisting establishes restrictions on access and data; it is not fully trusted.
What is steganography?
Steganography is the art or practice of hiding information, such as files, within files.
What is the difference between SIEM and SOAR?
SIEM is a product or service that analyzes logs or events and collects security incidents such as breaches, data theft, and suspicious behavior. SOAR is a category of products or services designed to minimize the need for human presence during incident response cases.
What is source code?
Source code is the text contained within a program. It is a collection of instructions written in a particular programming language.
How is Python different from other programming languages?
Python is a very adaptable programming language supported by many operating systems. It is the easiest to learn, and many libraries support it.
What are loops?
Loops are sequences of instructions that are placed in statements within code blocks to enable the repetition of those statements.
What is the difference between a compiler and an interpreter language?
A compiler takes an entire program and translates it into object code, whereas an interpreter executes instructions without converting them to object code.
What are functions?
Functions are instructions that define a block of reusable code without needing to rewrite it each time.
What is the difference between a class and an object?
A class is a code template that serves as the blueprint for an object and defines its properties. An object is an abstract data type and variable that can contain attributes and methods.
What is a socket, and how does it apply to Python?
A socket is the endpoint of communication between a client and a server. Sockets are relevant to Python because they can be imported and modified within the code to allow communication between clients and servers.
You have a virtual machine that doesn?t connect to the network. What three common actions can you take to troubleshoot the connection issue?
? Access the virtualization software in the machine?s settings to ensure that the network adapter is enabled.
? Verify the connection type that the machine uses. Ensure that the proper configuration setting is in the virtual machine?s settings.
? Verify that the host machine doesn?t share the same MAC address or network settings as a previous virtual machine. If it does, reset the network settings for the machine and try reconnecting to the network.
How do you verify the IP configuration using the command line interface (CLI) for both Windows and Linux operating systems?
To verify the network configuration on a Windows-based machine using the CLI, launch the command prompt and use the ipconfig command to bring up the network information. To verify the network configuration on a Linux-based machine using the CLI, launch the terminal and use the ifconfig command to bring up the network information.
Explain the difference between the types of network topology. Provide at least three differences.
? Point-to-Point describes a connection between two devices that are in a client-server relationship. If the connection fails, the communication fails. Star topology describes a connection of all devices to a central intermediate device. It is very scalable.
? Mesh topology allows each end device to have various connections to other end devices. It is one of the most stable connection types.
? Hybrid topology combines more than one topology.
What are the advantages of cloud computing? Provide at least three advantages and give examples of each.
? Cloud computing benefits include scalability, flexibility, integration, simplicity, cost efficiency, and ease of access.
? An example of scalability is the ability to upgrade or downgrade storage and servers on a case-by-case basis.
? An example of flexibility is the ability to access servers worldwide, assuming that you have a network connection and approved permissions. There is no requirement to be physically present to use services.
? An example of integration is the ability to integrate resources from different devices, such as servers or network components, to work in tandem.
? An example of simplicity is eliminating the need to set up backups, servers, and other services because of accessibility via the Cloud.
? An example of cost efficiency is paying for only your data or storage.
? An example of ease of access is the ability to access applications from any device with internet access?phone, tablet, or laptop?at home or in the office.
You?re preparing an assessment for a company who states that they use software as a service (SaaS), such as Office 365 or Gmail, for their employees. They note that sometimes their cloud provider has issues due to limited hardware resources during peak times. What is one simple method to avoid losing productivity when the network fails?
A simple method to avoid losing that SaaS productivity is to have a physical backup server on site that allows you to keep working on the premises when the Cloud fails. This server could be linked to those SaaS services or accounts to prevent a complete loss of productivity.
Provide two examples of security principles to secure cloud services.
There are several security principles: isolation, encryption, encapsulation, and network control.
? An example of isolation is separating the available zones that communicate.
? An example of encryption is end-to-end encryption to protect the data located in the Cloud.
? An example of encapsulation is implementing secure protocols, such as SSH or SSL, to harden the connection between clients and servers.
? An example of network control is detecting unauthorized access to prevent a breach.
What is the best way to test the integrity and security of a network or system that allows you to log and analyze an attacker?s movements and strategies? Explain.
The best and most common way to test the integrity and security of a network or system is to use a honeypot, which can lure external threats, record their movements inside the system, and allow for behavioral analysis of practices.
You?re in charge of adding employees to the company network. To comply with the company?s security policy, all employees receive a work laptop with all the necessary tools to complete their work. You receive an alert on the system that one of the laptops has accessed prohibited company data outside of work hours in real time. What does this describe? SIM, SEM, or SIEM?
This is an example of SEM because it is designed to notify you about security events.
Give one example of an endpoint security solution.
? An example of an endpoint security solution is anti-virus software. You can install it on an endpoint device to secure it while it?s on the network or not.
? Another example is a host intrusion prevention/detection system that monitors registry changes to endpoint devices on the network.
? Other examples include email and phishing protection, communications encryption, data loss prevention, and application control/whitelisting.
You?re given a loop that doesn?t verify the existence of a false condition. What is the problem with this?
This loop is an infinite loop that will continue to run forever because there is no false condition to tell it otherwise. It is redundant.
How can Python be incorporated into cybersecurity? Explain (There are several valid answers).
Python is an information-gathering tool that extracts information from logs or identifies relevant information without modifying it. As a forensics tool, Python can analyze data faster based on specific search criteria or evidence. Automation is another application for Python because it can be programmed to perform tasks without human assistance and integrated into existing SIEM applications.
What is the most common technique used to incorporate Python within networking? Explain.
Python can create scripts that connect the client to the server and vice versa. This method is achieved through the socket command and allows TCP/UDP messaging. Before writing it out, you must import the socket command into the code.
How are 127.0.0.1 and 255.255.255.255 used?
? 127.0.0.1 is a network address used for troubleshooting network connections. It is used as a loopback address and is a specific-purpose IPv4 address that a device uses to send messages to itself. It doesn?t let other computers communicate with other devices, only with itself.
? 255.255.255.255 is a broadcast address and the location used to communicate with all the endpoint devices on a local network.
What are 80 and 443?
Both are ports.
Your task is to create a DMZ that separates two video game consoles from the internal network in a home environment. Which of the following lists would reflect the correct placement of devices to accomplish this? Note that the router has a built-in firewall.
1. Internet > firewall > switch > two video game consoles > router > workstation
2. Internet > router > 2 video game consoles > firewall > workstation
3. Internet > switch > firewall > two video game consoles > firewall > workstation
Two (2). To correctly separate the two video game consoles, they must be located between the external facing firewall, the router, and the firewall that protects the internal devices such as the workstation.
Provide at least two ways to prevent a CAM table overflow.
? Implement port security to limit the number of MAC addresses allowed per port.
? Implement static MAC addresses to limit the number of MAC addresses used.
In which scenario would you use an asymmetric encryption instead of a symmetric encryption?
? The best scenarios to implement asymmetric encryption are when the data is sensitive, and you value security over speed to encrypt and decrypt information:
? Digital signatures used in emails
? Access to data storage on the network
? Applications that require data integrity
? Symmetric encryption is used to securely move large amounts of data over a network while focusing on speed.
