Practical Viva Questions

Security in Computing

1. What is SIC?

Computer security basically is the protection of computer systems and

information from harm, theft, and unauthorized use. It is the process of
preventing and detecting unauthorized use of your computer system.

2. What are the different principles of SIC?

Confidentiality measures are designed to protect against unauthorized disclosure of
information.
Integrity involves protection from unauthorized modifications (e.g., add,
delete, or change) of data.

Availability is protecting the functionality of support systems and ensuring

data is fully available at the point in time (or period requirements) when it is
needed by its users.

3. Define virus, threats and attacks.

Virus is a type of malicious code or program written to alter the way
a computer operates and is designed to spread from one computer to
another.

Threat can refer to anything which can hamper the normal activity of
a PC either via a malware or any hacking attack.

An attack is any attempt to expose, alter, disable, destroy, steal or

gain information through unauthorized access

3. Define passive attack and types

A passive attack is a network attack in which a system is monitored and

sometimes scanned for open ports and vulnerabilities.
The two most common use cases of passive attacks are:
1. Traffic analysis: In this type, an attacker monitors communication
channels to collect a range of information, including human and
machine identities, locations of these identities and types of encryption
used, if applicable.  
 Practical Viva Questions
Security in Computing

2. Release of message contents: In this type, an attacker will monitor an

unprotected communication medium—like unencrypted email or
telephone call—and intercept it for sensitive information.

5. Define active attack and types.

An active attack is a network exploit in which a hacker attempts to
make changes to data on the target or data en route to the target. 
Types of active attacks
 Denial of service (DoS)
 Distributed Denial of Service (DDoS)
 Session replay.
 Masquerade.
 Message modification.
 Trojans.

6. Different types of viruses

o Browser Hijacker. ...

o Web Scripting Virus. ...
o Boot Sector Virus. ...
o Polymorphic Virus. ...
o Resident Virus. ...
o Multipartite Virus.

7. What is firewall? Different types of firewall.

A firewall is a type of cybersecurity tool that is used to filter traffic on
a network. Firewalls can be used to separate network nodes from
external traffic sources, internal traffic sources, or even specific
applications.
 Practical Viva Questions
Security in Computing

 Packet-filtering firewalls
 Circuit-level gateways
 Stateful inspection firewalls
 Application-level gateways (a.k.a. proxy firewalls)
 Next-gen firewalls
 Software firewalls
 Hardware firewalls

8. Define cryptography.
Cryptography is technique of securing information and
communications through use of codes so that only those person for
whom the information is intended can understand it and process it.

9. Define public key cryptography

Public key cryptography (PKC) is an encryption technique that uses a
paired public and private key (or asymmetric key) algorithm for
secure data communication. A message sender uses a recipient's
public key to encrypt a message. To decrypt the sender's message,
only the recipient's private key may be used.

10. Define private key cryptography

A private key, also known as a secret key, is a variable

in cryptography that is used with an algorithm to encrypt and decrypt
code

11. Define cipher text and plain text

Plaintext is the input to an encryption algorithm. Cipher text is the

unreadable output of an encryption algorithm. Plain text means its
text that hasn't been formatted.
 Practical Viva Questions
Security in Computing

12. Define encryption

Encryption is a way of scrambling data so that only authorized

parties can understand the information.

13. Define decryption

The conversion of encrypted data into its original form is

called Decryption

14. What is router and switch?

Router and Switch are both network connecting

devices. Router works at network layer and is responsibe to find the
shortest path for a packet whereas Switch connects various devices in
a network.

15. What is symmetric key

Symmetric encryption is a type of encryption where only one key (a

secret key) is used to both encrypt and decrypt 

16. Compare static NAT and dynamic NAT

Static NAT provides a permanent mapping between the internal and

the public IP address. ... Dynamic NAT is used when you have a
“pool” of public IP addresses that you want to assign to your internal
hosts dynamically

17. Firewall's features

o Threat Prevention. ...

o Application and Identity-Based Inspection. ...
o Hybrid Cloud Support. ...
 Practical Viva Questions
Security in Computing

o Scalable Performance.

18. What is Authentication, Authorization, Accounting (AAA).

Authentication, authorization, and accounting (AAA) is a term for

a framework for intelligently controlling access to computer
resources, enforcing policies, auditing usage, and providing the
information necessary to bill for services.

19. What is FTP?

FTP, in full file transfer protocol, computer application used to

transfer files from one computer to another over a local area network
(LAN) or a wide area network (WAN) such as the Internet. 

20. What is HTTP?

Hypertext Transfer Protocol." HTTP is the protocol used to transfer

data over the web.

21. What is SSH?

The SSH protocol is a method for secure remote login from one
computer to another.

22. What is ACL? Different types of ACL.

An access control list (ACL) contains rules that grant or deny access
to certain digital environments. There are two types of ACLs:

Filesystem ACLs━filter access to files and/or directories. Filesystem

ACLs tell operating systems which users can access the system, and
what privileges the users are allowed.
 Practical Viva Questions
Security in Computing

Networking ACLs━filter access to the network. Networking ACLs

tell routers and switches which type of traffic can access the network,
and which activity is allowed.

23. What is MD5?

The MD5 message-digest algorithm is a widely used hash function

producing a 128-bit hash value. Although MD5 was initially designed
to be used as a cryptographic hash function

24. Types of malicious code.

o Worms. ...
o Trojan Horses. ...
o Spyware/Adware. ...
o Rootkit. ...
o Related Resources:

25. Antivirus software.

 Avast Free Antivirus.

 AVG Antivirus FREE.
 Avira Antivirus.

26. IP Security protocol.

The IP security (IPSec) is an Internet Engineering Task Force

(IETF) standard suite of protocols between 2 communication points
across the IP network that provide data authentication, integrity, and
confidentiality. It also defines the encrypted, decrypted and
authenticated packets. The protocols needed for secure key exchange
and key management are defined in it.
 Practical Viva Questions
Security in Computing

27. Explain Biometric Authentication

Biometric authentication refers to security processes that verify a

user’s identity through unique biological traits such as retinas, irises,
voices, facial characteristics, and fingerprints

28. Networking devices.

 Hub
 Switch
 Router
 Bridge
 Gateway
 Modem
 Repeater
 Access Point

29. What is packet tracer? Different features of it.

Packet Tracer is a powerful network simulation program that

allows students to experiment with network behavior and ask
“what if” questions. ... Students can build, configure, and
troubleshoot networks using virtual equipment and simulated
connections, alone or in collaboration with other students.

Key Features:

 Unlimited devices.
 E-learning.
 Customize single/multi user activities.
 Practical Viva Questions
Security in Computing

 Interactive Environment.
 Visualizing Networks.
 Real-time mode and Simulation mode.
 Self-paced.
 Supports majority of networking protocols.

30. Explain different types of IDS.

 Network intrusion detection system. ...

 Host-based intrusion detection system. ...
 Perimeter intrusion detection system. ...
 VM-based intrusion detection system.

31. Which components are used for connecting two different

private networks?

Routers, modems

32. Explain CIA model.

 Confidentiality: Only authorized users and processes should be
able to access or modify data
 Integrity: Data should be maintained in a correct state and nobody
should be able to improperly modify it, either accidentally or
maliciously
 Availability: Authorized users should be able to access data
whenever they need to do so

33. Why we need network security?

 Practical Viva Questions
Security in Computing

Network Security protects your network and data from breaches,

intrusions and other threats.

34. Define confidentiality, integrity and availability.

 Confidentiality: Only authorized users and processes should be
able to access or modify data
 Integrity: Data should be maintained in a correct state and
nobody should be able to improperly modify it, either accidentally
or maliciously
 Availability: Authorized users should be able to access data
whenever they need to do so

35. Command for router configuration

36. Command for setting IP address.

37. What is subnet mask?

A subnet mask is a number that defines a range of IP addresses

available within a network.

38. Difference between IPv4 and IPv6.

IPv4 is 32-Bit IP address whereas IPv6 is a 128-Bit IP

address. IPv4 is a numeric addressing method whereas IPv6 is an
alphanumeric addressing method.

39. Explain OSPF protocol.

The OSPF (Open Shortest Path First) protocol is one of a family of

IP Routing protocols, and is an Interior Gateway Protocol (IGP) for
the Internet, used to distribute IP routing information throughout a
single Autonomous System (AS) in an IP network.
 Practical Viva Questions
Security in Computing

40. What is the use of DNS server, NTP server and SYSLOG
server.
The main function of DNS is to translate domain names into IP
Addresses, which computers can understand.
Network Time Protocol (NTP) is a protocol used to synchronize
computer clock times in a network. It belongs to and is one of the
oldest parts of the TCP/IP protocol suite. 
Syslog stands for System Logging Protocol and is a standard
protocol used to send system log or event messages to a
specific server, called a syslog server. 

41.What is VPN?

A virtual private network (VPN) gives you online privacy and

anonymity by creating a private network from a public internet
connection.
 
42.What is cloud computing?

Cloud computing is the delivery of on-demand computing services --

from applications to storage and processing power -- typically over
the internet and on a pay-as-you-go basis.

43.Explain various VOIPs components.

he four most important VoIP components are:

 Signalling Gateway Controller

 Media Gateway

 Media Server

 Application Server
 Practical Viva Questions
Security in Computing

44.Which are the best application security practices.

1. Patch your software and systems. ...

2. Educate and train users. ...
3. Automate routine tasks. ...
4. Enforce least privilege. ...
5. Create a robust IR plan. ...
6. Document your security policies. ...
7. Segment your network. ...
8. Integrate security into your SDLC.

45.What is reference monitor.

a reference monitor is a secure, always-used and fully-testable

module that controls all software access to data objects or devices.

46.What is PBX?

PBX stands for Private Branch Exchange, which is a private

telephone network used within a company or organization. The users
of the PBX phone system can communicate internally (within their
company) and externally (with the outside world), using different
communication channels like Voice over IP, ISDN or analog.

47.What is SIEM?
 Practical Viva Questions
Security in Computing

Security information and event management (SIEM) software gives

enterprise security professionals both insight into and a track record
of the activities within their IT environment. 

48.How to harden the wireless network?

o Use a strong password. ...

o Enable MAC address filtering. ...
o Enable network encryption.
o Enable router firewall. ...

49.How to harden the wired network?

o Perform auditing and mapping. ...

o Keep the network up-to-date. ...
o Physically secure the network. ...
o Consider MAC address filtering. ...
o Implement VLANs to segregate traffic. ...

50.How to configure router?

Step 1: Connect to the Internet. ...

Step 2: Configure the wireless router gateway. ...
Step 3: Connect gateway to router. ...
Step 4: Use app or web dashboard. ...
Step 5: Create a username and password. ...
Step 6: Create a Wi-Fi password.
 Practical Viva Questions
Security in Computing

51.What is phishing?

Phishing is a method of trying to gather personal information using

deceptive e-mails and websites.

52.What is secure remote access?

Secure remote access refers to any security policy, solution, strategy

or process that exists to prevent unauthorized access to your network,
its resources, or any confidential or sensitive data.

53.What is proxy firewall?

A proxy firewall is a network security system that protects network

resources by filtering messages at the application layer. ... Just like
a proxy server or cache server, a proxy firewall acts as an
intermediary between in-house clients and servers on the Internet.

54. What is the purpose of the data link layer in the TCP/IP or
OSI layer?

The data-link layer identifies the network protocol type of the

packet, in this instance TCP/IP. OSI layer

55. When does network congestion occur?

Network congestion occurs when a network (or a portion of

the network) or a network node is overloaded with data.
 Practical Viva Questions
Security in Computing

56. What are the two flags used in the core handshake of a
typical TCP connection establishment?

Synchronization (SYN) – It is used in first step of connection establishment phase or 3-

way handshake process between the two hosts. Only the first packet from sender as
well as receiver should have this flag set. This is used for synchronizing sequence
number i.e. to tell the other end which sequence number they should except.

Acknowledgement (ACK) – It is used to acknowledge packets which are successful

received by the host. The flag is set if the acknowledgement number field contains a
valid acknowledgement number.

Finish (FIN) – It is used to request for connection termination

57.  What are the different memories used in a Cisco router?

NVRAM stores the startup configuration file

– DRAM stores the configuration file that is being executed

– Flash Memory– stores the Cisco IOS.

-- ROM

58.What are the categories of transmission mode?

o Simplex mode.
o Half-duplex mode.
o Full-duplex mode.

59.What is the range of addresses in the class of internet

address?

Class A 1.0.0.1 to 126.255.255.254

Class B 128.1.0.1 to 191.255.255.254

Class C 192.0.1.1 to 223.255.254.254

 Practical Viva Questions
Security in Computing

Class D 224.0.0.0 to 239.255.255.255

60.What is multicasting routing?

Multicast routing is a networking method for efficient distribution of

one-to-many traffic. A multicast source, such as a live video
conference, sends traffic in one stream to a multicast group.
The multicast group contains receivers such as computers, devices,
and IP phones.