Professional Documents
Culture Documents
----------
Can you define what a FIREWALL is?
Is something that does packet filtering, stateful packet filtering, and/or appli
cation filtering granting or denying traffic flow to the networks it connects.
What are the different types of firewalls?
SW, HW. Your wife at the door is an example. When she smells you, Advanced Appli
cation filtering, that fires up the Glock G-18 and you ran for your life away fr
om the door.
Can you explain packet filtering firewall?
IP, port, source, destination-based filtering. That simple.
Can you explain circuit level gateway?
It's the first time I've heard of that. I'm honest enough not to google for this
.
Can you explain stateful inspection?
Easy. Static packet filtering can only allow or block traffic that you explicitl
y state, except for those that you don't specify that are automatically denied b
y default. Statefull inspection allows incoming traffic as long as it is part of
an [already] established session coming from, usually, the internal network cli
ents. in this way, you save tons of config lines and memroy consumption
What is Application Gateway?
Zzzz...
Is NAT a firewall?
Zzzz...
Are personal firewall actually firewalls?
Zzzz... Software-based firewalls, yes.
Can you explain the concept of demilitarized zone?
Like North an South Korean borders. If you're from the North running towards the
South, you get shot from the back and the front coming from botrh North and Sou
th guns.
I know you get me here.
What is the meaning of bastion host?
Fortified, strengthened host allowed external access and is in the internal netw
ork.
What are the different types of firewall architectures?
Hmm, are you talking of the bastion host, 3-legged firewall ala PIX 501, and the
back-to-back firewall setup?
Can you explain dual home architecture?
Zzzz...
Can you explain screened host architecture?
Zzzz... M$ stuff...
Can you explain screened subnet architecture?
DMZ...... Zzzz...
What is the use of perimeter area?
Zzzz...
What is IP spoofing and how can it be prevented?
crypto... PKIs, RSA, VPNs, IPSec... need I say more?
Which firewall have you worked with?
Router-into-firewall through reflex on NACLs and ISA 2004/2006. Virtually, ASA 5
510 and 5520 through my design project with te US army.
-------------
1. Can you explain the difference between trusted and untrusted networks?
A trusted network is any network you deem as "trust worthy" that will generally
not cause harm. An untrusted network is anything still not part of your trusted
network until evaluation approves of it. The Internet, even though if you don't
evaluate it is an untrusted network.
2. Can you define in short what VPN is?
Something that extends your LAN.
3. What are the different types of VPN?
Extranet, Intranet, and Access VPNs.
4. What requirements should a VPN fulfill?
Confidentiality, Integrity, Non-Repudiation... hahahaha
5. How many ways are there to implement VPN architecture?
Hmm, Mr. Interviewer, what do you exactly mean? Anyway, I can use SW-based VPN c
onnecting it to a HW-based VPN appliance. Something like that?
6. What are the different ways authentication mechanism in VPN?
Implemented? Um, Certificates, Kerberos, PSK...
7. Can you explain the basic of encryption in VPN?
Basics of it? Well, we either use IPSec-bundled encryption lgorithms or MPPE if
we use PPTP. Would you like me to explain more?
8. what's the difference between Symmetric and Asymmetric cryptosystem?
Easy. Symmetric is like you looking into a mirror. Assymetric is me breaking you
r face in two. hahaha!
9. what are the different symmetric algorithms?
RSA.... RSA.... RSA... Is RC4 in this too?
10. What are the disadvantages of symmetric algorithms?
The key use use to encrypt the data is the same key you use to decrypt it. Now,
how do I send it to you?
11. what are the different asymmetric algorithms?
DES, 3DES, AES? heheh... ECC?
12. Can you explain different components in PKI?
CA, Certificates, authentication DB, applications consuming certificates...
13. What is a digital certificate?
Is a piece of code designed to provide confidentiality, integrity, non-repudiati
on, mutual authentication, and anti-replay mechanism use for purposes other than
validating credentials, email security, and others.
14. Can you explain tunneling?
Easy. Sorority party. You enter in as Crusty the Clown. They let you in. You get
in on them. Something like that.
15. what is the concept of HA and FA in VPN tunneling?
Hmm, I'll have to google for this...
16. Can you explain VPN tunneled packet in detail?
Yes I can.
17. Can you explain voluntary and compulsory tunnels?
Yes I can.
18. Can you explain static and dynamic tunnels?
Yes I can.
19. Can you explain encapsulating, carrier and passenger protocol?
Yes I can.
20. On which layer does L2F, PPTP and L2TP operate?
VPNs were usually in Layer 2. Now, someone asked me were IPSec is in the OSI Lay
er. it's in Layer 4.
21. Can you explain PPP protocol?
Yes I can.
22. Can you explain PPP link process step by step?
Yes I can.
23. Can you explain PPP packet format?
I forgot that. So don't ask me again.
24. How does PPP use LCP for link control?
If LCP senes the line quality is bad, it goes to a fall-back rate.
25. Can you explain PPTP (Point-to-Point Tunneling Protocol)?
Yes I can. Mr. Interviewer, if I did explained this, PPTP is a M$ VPN tunneling
protocol that allows NAT-traversal and uses MPPE as the encryption protocol. The
re are no certificates involved in PPTP VPN sessions and that we have 40-bit, 56
-bit, and 128-bit MPPE ecnryption to protect the tunnel. PPTP allows access to m
ost legacy Microsoft OS and even to the new ones including Vista.