What are the important concepts to know and implement for Infrastructure security? Consider only the software side.
What are patching, hardening, enabling encryption, filtering connections in regards to network infrastructure? What is the relation with security? What will you do in regards to these?
How is software patching different for Network Hardware than the computers/servers?
How does patching differ for consumer grade and enterprise grade network infrastructure devices?
What is a service in a network device? What are the security risks with services for network devices? How will you ensure secure services?
what does nmap do?
How does SNMP help in security? What does SNMP stand for?
You DoS and DDos for sure? What are the differences?
Are network protocols encrypted in general? i.e. do they support encrypted communications? Will it be a great idea to have all Network Protocol supporting Encrypted Communications when it comes down to configuring and administering at least?
Bastion Hosts – what are they? How does they help in ensuring security? What are the disadvantages?
How important are configuring ACLs in routers for security? What are the important considerations? Can you provide examples on how you did implement these?
What is Egress Filtering?
Name sone tunneling Protocols?
What are Teredo, 6in4, 6to4, 6rd? Are they still in use?
What is TACAS+? Give examples of use cases and purpose?
–
To what extent Password management software are useful? What are the drawbacks? What can be the consequences when the password for the password manager is leaked? or Anyone having access to your workstation/PC can get easy access to your Password manager (probably shoulder surfing for pass, or could access your session from remote)?
What are encryption, Hashing, and Salting for securing passwords?
What is 2FA? What is multi factor Authentication? At least give some examples?
is 2FA sufficient enough for security? Why and why not?
–
How to ensure endpoint security?
Is desktop firewall important to increase security?
Will you recommend full-disk encryption for security? What are the drawbacks? What can be the worst case if you use full-disk encryption for the endpoints? How can you mitigate those risks?
What can you use to encrypt entire disk in Windows and MacOs?
What is Bitlocker?
What is Filevault?
Is centralizing the keys for encrypted disks a great idea? what can go wrong? Is it always the best or feasible solution? What will you do or did?
–
What is the most secure operating system? Is there any such thing? Why — why not? Does it depend on how it is configured or there is something inherent to the operating systems that make them secure or not? more or less secure (provided after you tried your best)?
How do you update software and services in Windows, MacOS, Linux, Unix? Give Linux/Unix commands to update software and services?
What is the difference update and upgrade in Linux/Unix?
How to update many many servers such as 1000s of them? What approach will you take?
What is SELinux for security in Linux/Unix?
What is mask?
How will you utilize chmod, chown, chroot for security in Linux/Unix?
How will you configure file permissions in Linux/Unix? Give example use cases?
How will you ensure file integrity?
–
What is Open Shares? How does it affect security?
–
How can you Physicall your your environment/organization?
–
What is PCI-DSS? What does it have to do with Security?
Explain security considerations in relation to:
— Health Insurance Portability and Accountability Act
— Gramm-Leach Bliley Act
— Family Educational Rights and Privacy Act
— Sarbanes-Oxley Act
What is NIST Cybersecurity Framework?
–
What will you do to ensure that you do not lose data and information in case of security breach?
What are the disaster recovery approaches that you used or can use for IT Security?
What are the backup approaches that you can use for Disaster recovery?
–
What will you use for Post-Incident (i.e. after security incident) Process?
Define, explain, give examples how will you use the following Post-Incident Tools and Technologies?
–Log Analysis
–Disk and File Analysis
–Memory Analysis
–PCAP Analysis
–
Does user education important to ensure organizational security? Why? How will you do that? How did you do that?
What are the User Education and Training strategies and Tools that you can use for security?
How will you track the impact of user education?
–
What do Policies, Standards, and procedures have to do with Security? How did you utilize them? What were the outcome? Any challenge in the process (i.e. related)?
How does asset management and documentation help with security? What procedure and steps you will follow for that?
–
How will you plan your organization’s security program? What are the team members and security functions that you will utilize?
