Explore topic-wise InterviewSolutions in Current Affairs.

VPN and DYNAMIC ROUTING PROTOCOLS.

VPN and Dynamic Routing Protocols.

ROUTING TABLES, Firewall features, IPS, and Management.

Routing tables, Firewall features, IPS, and Management.

We can partition a Single ASA into MULTIPLE virtual devices, KNOWN as Security CONTEXTS. Each CONTEXT acts as an independent device, with its own security policy, interfaces, and administrators. Multiple contexts are similar to having multiple standalone devices.

We can partition a Single ASA into multiple virtual devices, known as Security Contexts. Each Context acts as an independent device, with its own security policy, interfaces, and administrators. Multiple contexts are similar to having multiple standalone devices.

In Active/Standby Failover, one unit is the active unit which passes traffic. The standby unit does not actively pass traffic. When Failover occurs, the active unit fails over to the standby unit, which then becomes active. We can use Active/Standby Failover for ASAS in both single or multiple CONTEXT MODE.

In Active/Standby Failover, one unit is the active unit which passes traffic. The standby unit does not actively pass traffic. When Failover occurs, the active unit fails over to the standby unit, which then becomes active. We can use Active/Standby Failover for ASAs in both single or multiple context mode.

Hardware REQUIREMENTS: The two units in a FAILOVER configuration must be the same model, should have same number and types of interfaces.

SOFTWARE Requirements: The two units in a failover configuration must be in the same OPERATING MODES (routed or transparent single or multiple context). They must have the same software version.

Hardware Requirements: The two units in a failover configuration must be the same model, should have same number and types of interfaces.

Software Requirements: The two units in a failover configuration must be in the same operating modes (routed or transparent single or multiple context). They must have the same software version.

NAT translation table, TCP connection states, The ARP table, The Layer 2 bridge table (when RUNNING in transparent firewall mode), ICMP connection state etc.

NAT translation table, TCP connection states, The ARP table, The Layer 2 bridge table (when running in transparent firewall mode), ICMP connection state etc.

Stateless Failover: When failover occurs all active connections are dropped. Clients need to re-establish connections when the new active unit takes over.

Stateful Failover: The active unit continually passes per-connection state INFORMATION to the STANDBY unit. After a failover occurs, the same connection information is available at the new active unit. Clients are not REQUIRED to reconnect to keep the same communication SESSION.

Stateless Failover: When failover occurs all active connections are dropped. Clients need to re-establish connections when the new active unit takes over.

Stateful Failover: The active unit continually passes per-connection state information to the standby unit. After a failover occurs, the same connection information is available at the new active unit. Clients are not required to reconnect to keep the same communication session.

FAILOVER is a CISCO proprietary feature. It is used to PROVIDE redundancy. It requires two identical ASAs to be connected to each other through a dedicated failover link. Health of active INTERFACES and units are monitored to determine if failover has OCCURRED or not.

Failover is a cisco proprietary feature. It is used to provide redundancy. It requires two identical ASAs to be connected to each other through a dedicated failover link. Health of active interfaces and units are monitored to determine if failover has occurred or not.

In Transparent mode, unlike TCP/IP traffic for which security LEVELS are used to permit or deny traffic all non-IP traffic is denied by DEFAULT. We create Ether-Type ACL to allow NON-IP traffic. We can control traffic like BPDU, IPX ETC with Ether-Type ACL.

In Transparent mode, unlike TCP/IP traffic for which security levels are used to permit or deny traffic all non-IP traffic is denied by default. We create Ether-Type ACL to allow NON-IP traffic. We can control traffic like BPDU, IPX etc with Ether-Type ACL.

In Transparent Mode, ASA acts as a Layer 2 DEVICE like a bridge or switch and forwards Ethernet frames based on DESTINATION MAC-address.

In Transparent Mode, ASA acts as a Layer 2 device like a bridge or switch and forwards Ethernet frames based on destination MAC-address.

If we want to deploy a new FIREWALL into an EXISTING network it can be a complicated process due to various issues like IP address reconfiguration, network topology changes, current firewall etc. We can easily insert a transparent firewall in an existing segment and CONTROL traffic between two sides WITHOUT having to readdress or RECONFIGURE the devices.

If we want to deploy a new firewall into an existing network it can be a complicated process due to various issues like IP address reconfiguration, network topology changes, current firewall etc. We can easily insert a transparent firewall in an existing segment and control traffic between two sides without having to readdress or reconfigure the devices.

In ROUTER, if we delete one access-control ENTRY whole ACL will be DELETED. In ASA, if we will delete one access-control entry whole ACL will not be deleted.

In router, if we delete one access-control entry whole ACL will be deleted. In ASA, if we will delete one access-control entry whole ACL will not be deleted.

1.Standard ACL
2.Extended ACL
3.Ethertype ACL (TRANSPARENT FIREWALL)
4.Webtype ACL (SSL VPN)

1.Standard ACL
2.Extended ACL
3.Ethertype ACL (Transparent Firewall)
4.Webtype ACL (SSL VPN)

It will be applied on all INTERFACES towards inbound. GLOBAL OPTION is only in ASA 8.4 not in ASA 8.2

It will be applied on all interfaces towards inbound. Global option is only in ASA 8.4 not in ASA 8.2

ASA does not decrement the TTL value in TRACEROUTE because it does not want to give its information to others for SECURITY PURPOSE. It forwards it without decrementing the TTL Value.

ASA does not decrement the TTL value in traceroute because it does not want to give its information to others for security purpose. It forwards it without decrementing the TTL Value.

If we NEED some NETWORK resources such as a Web SERVER or FTP server to be available to outside users we place these resources on a separate network behind the firewall called a demilitarized zone (DMZ). The firewall allows limited access to the DMZ, but because the DMZ only includes the public servers, an attack there only AFFECTS the servers and does not affect the inside network.

If we need some network resources such as a Web server or FTP server to be available to outside users we place these resources on a separate network behind the firewall called a demilitarized zone (DMZ). The firewall allows limited access to the DMZ, but because the DMZ only includes the public servers, an attack there only affects the servers and does not affect the inside network.

Firewalls work at LAYER 3, 4 & 7.

Firewalls work at layer 3, 4 & 7.

Stateful firewall maintains following INFORMATION in its State table:-

1. Source IP address.
2. DESTINATION IP address.
3. IP protocol LIKE TCP, UDP.
4. IP protocol information such as TCP/UDP Port Numbers, TCP SEQUENCE Numbers, and TCP FLAGS.

Stateful firewall maintains following information in its State table:-

Stateful firewall - A Stateful firewall is AWARE of the connections that pass through it. It adds and maintains information about users connections in STATE table, referred to as a connection table. It than uses this connection table to implement the security policies for users connections. Example of stateful firewall are PIX, ASA, Checkpoint.

Stateless firewall - (Packet Filtering) Stateless firewalls on the other hand, does not LOOK at the state of connections but just at the PACKETS themselves. Example of a packet filtering firewall is the Extended Access Control Lists on Cisco IOS Routers.

Stateful firewall - A Stateful firewall is aware of the connections that pass through it. It adds and maintains information about users connections in state table, referred to as a connection table. It than uses this connection table to implement the security policies for users connections. Example of stateful firewall are PIX, ASA, Checkpoint.

Stateless firewall - (Packet Filtering) Stateless firewalls on the other hand, does not look at the state of connections but just at the packets themselves. Example of a packet filtering firewall is the Extended Access Control Lists on Cisco IOS Routers.

A GATEWAY joins two networks together and a network FIREWALL protects a network against unauthorized incoming or outgoing access. Network firewalls MAY be hardware DEVICES or software programs.

A Gateway joins two networks together and a network firewall protects a network against unauthorized incoming or outgoing access. Network firewalls may be hardware devices or software programs.

TCP INTERCEPT FEATURE.

TCP intercept feature.

The SOURCE IP ADDRESS in the IP HEADER.

The source IP address in the IP header.

IP and transport LAYER headers for INFORMATION RELATED to source and destination IP ADDRESSES, port numbers ETC.

IP and transport layer headers for information related to source and destination IP addresses, port numbers etc.

A WEB application firewall or a layer 7 firewall can be USED for the PURPOSE.

A web application firewall or a layer 7 firewall can be used for the purpose.

ACCESS CONTROL LIST can be USED for the PURPOSE.

Access control list can be used for the purpose.

The technique of securing a network by CONTROLLING access to all ENTRY and EXIT POINTS of the network.

The technique of securing a network by controlling access to all entry and exit points of the network.

How LONG AUDIT LOGS are RETAINED and MAINTAINED.

How long audit logs are retained and maintained.

A dual HOMED gateway is a system that has TWO or more network interfaces, each of which is connected to a different network. In firewall CONFIGURATIONS, a dual homed gateway usually acts to block or filter some or all of the TRAFFIC trying to pass between the networks.

A dual homed gateway is a system that has two or more network interfaces, each of which is connected to a different network. In firewall configurations, a dual homed gateway usually acts to block or filter some or all of the traffic trying to pass between the networks.

A SUBNET behind a screening router. The DEGREE to which the subnet may be accessed DEPENDS on the screening RULES in the router.

A subnet behind a screening router. The degree to which the subnet may be accessed depends on the screening rules in the router.

A system that has been HARDENED to resist attack, and which is installed on a NETWORK in such a way that it is expected to potentially come under attack. Bastion hosts are often COMPONENTS of firewalls, or may be ``outside'' web SERVERS or public access systems. GENERALLY, a bastion host is running some form of general purpose operating system (e.g., Unix, VMS, NT, etc.) rather than a ROM-based or firmware operating system.

A system that has been hardened to resist attack, and which is installed on a network in such a way that it is expected to potentially come under attack. Bastion hosts are often components of firewalls, or may be ``outside'' web servers or public access systems. Generally, a bastion host is running some form of general purpose operating system (e.g., Unix, VMS, NT, etc.) rather than a ROM-based or firmware operating system.

Assuming the DNS NAME of ANOTHER system by EITHER corrupting the name SERVICE cache of a victim system, or by compromising a domain name server for a valid domain.

Assuming the DNS name of another system by either corrupting the name service cache of a victim system, or by compromising a domain name server for a valid domain.

A HOST on a network BEHIND a screening router. The DEGREE to which a SCREENED host may be accessed depends on the screening rules in the router.

A host on a network behind a screening router. The degree to which a screened host may be accessed depends on the screening rules in the router.

An attack whereby an active, ESTABLISHED, session is INTERCEPTED and co-opted by the attacker. IP Splicing attacks may occur after an authentication has been made, PERMITTING the attacker to assume the role of an already authorized user. Primary PROTECTIONS against IP Splicing rely on ENCRYPTION at the session or network layer.

An attack whereby an active, established, session is intercepted and co-opted by the attacker. IP Splicing attacks may occur after an authentication has been made, permitting the attacker to assume the role of an already authorized user. Primary protections against IP Splicing rely on encryption at the session or network layer.

You are CURRENTLY designing your own DESKTOP PUBLISHING application, as you have not found any that do exactly what you want with existing applications. As part of the design you are using a Controller to which you send all GUI requests. Not all objects can process the same commands. For example you can?t select the spell check tool when an image has the focus. To stop any possible ERRORS you would like to filter out some of the MESSAGES as they are passed from these objects to.

You are currently designing your own Desktop Publishing application, as you have not found any that do exactly what you want with existing applications. As part of the design you are using a Controller to which you send all GUI requests. Not all objects can process the same commands. For example you can?t select the spell check tool when an image has the focus. To stop any possible errors you would like to filter out some of the messages as they are passed from these objects to.

A one-way function APPLIED to a file to PRODUCE a unique ``fingerprint'' of the file for later REFERENCE. Checksum systems are a PRIMARY means of detecting filesystem TAMPERING on Unix.

A one-way function applied to a file to produce a unique ``fingerprint'' of the file for later reference. Checksum systems are a primary means of detecting filesystem tampering on Unix.

Designing operational ASPECTS of a system to operate with a minimum amount of system privilege. This reduces the authorization level at which various ACTIONS are performed and decreases the chance that a process or user with high privileges MAY be caused to perform unauthorized activity RESULTING in a security breach.

Designing operational aspects of a system to operate with a minimum amount of system privilege. This reduces the authorization level at which various actions are performed and decreases the chance that a process or user with high privileges may be caused to perform unauthorized activity resulting in a security breach.

The process of determining the identity of a user that is attempting to access a system.
authentication is a process that can VERIFY PC identity(user name and pass ETC)

The process of determining the identity of a user that is attempting to access a system.
authentication is a process that can verify pc identity(user name and pass etc)

DATA encryption ensures data safety and very IMPORTANT for confidential or critical data. It protect data from being READ, ALTERED or forged while TRANSMISSION.

Data encryption ensures data safety and very important for confidential or critical data. It protect data from being read, altered or forged while transmission.

Public key ENCRYPTION use public and PRIVATE key for encryption and decryption. In this MECHANISM, public key is USED to encrypt messages and only the corresponding private key can be used to DECRYPT them. To encrypt a message, a sender has to know recipient’s public key.

Public key encryption use public and private key for encryption and decryption. In this mechanism, public key is used to encrypt messages and only the corresponding private key can be used to decrypt them. To encrypt a message, a sender has to know recipient’s public key.

The security APPROACH WHEREBY each system on the network is secured to the GREATEST possible DEGREE. May be used in CONJUNCTION with firewalls.

The security approach whereby each system on the network is secured to the greatest possible degree. May be used in conjunction with firewalls.

An attack whereby a system attempts to illicitly impersonate another system by using its IP NETWORK ADDRESS.

In computer networking, the TERM IP address spoofing or IP spoofing refers to the creation of Internet Protocol (IP) packets with a forged source IP address, called spoofing, with the purpose of concealing the identity of the sender or IMPERSONATING another COMPUTING system.

An attack whereby a system attempts to illicitly impersonate another system by using its IP network address.

In computer networking, the term IP address spoofing or IP spoofing refers to the creation of Internet Protocol (IP) packets with a forged source IP address, called spoofing, with the purpose of concealing the identity of the sender or impersonating another computing system.

Packet Filtering Firewall: This type of Firewall detects PACKETS and block unnecessary packets and makes network traffic release.

Screening Router Firewalls: It's a software base firewall available in Router provides only light filtering.

Computer-based Firewall: It's a firewall stored in SERVER with an existing Operating System like Windows and UNIX.

Hardware base Firewall: Its DEVICE like BOX allows strong SECURITY from public network. Mostly used by big networks.

Proxy Server: Proxy server allows all clients to access Internet with different access limits. Proxy server has its own firewall which filters the all packet from web server.

Packet Filtering Firewall: This type of Firewall detects packets and block unnecessary packets and makes network traffic release.

Screening Router Firewalls: It's a software base firewall available in Router provides only light filtering.

Computer-based Firewall: It's a firewall stored in server with an existing Operating System like Windows and UNIX.

Hardware base Firewall: Its device like box allows strong security from public network. Mostly used by big networks.

Proxy Server: Proxy server allows all clients to access Internet with different access limits. Proxy server has its own firewall which filters the all packet from web server.

DIGITAL signature is an attachment to an electronic message used for SECURITY PURPOSE. It is used to VERIFY the authenticity of the sender.

Digital signature is an attachment to an electronic message used for security purpose. It is used to verify the authenticity of the sender.

How AUDIT LOGS are processed, SEARCHED for key events, or summarized.

How audit logs are processed, searched for key events, or summarized.

A firewall is a hardware or SOFTWARE installed to provide security to the private networks CONNECTED to the internet. They can be implemented in both hardware and A firewall is a hardware or software installed to provide security to the private networks connected to the internet. They can be implemented in both hardware and software, or a COMBINATION of both. All data entering or leaving the Intranet passes through the firewall which ALLOWS only the data meeting the administrators’ RULES to pass through it.software, or a combination of both. All data entering or leaving the Intranet passes through the firewall which allows only the data meeting the administrators’ rules to pass through it.

A firewall is a hardware or software installed to provide security to the private networks connected to the internet. They can be implemented in both hardware and A firewall is a hardware or software installed to provide security to the private networks connected to the internet. They can be implemented in both hardware and software, or a combination of both. All data entering or leaving the Intranet passes through the firewall which allows only the data meeting the administrators’ rules to pass through it.software, or a combination of both. All data entering or leaving the Intranet passes through the firewall which allows only the data meeting the administrators’ rules to pass through it.