What are the important concepts to know and implement for Infrastructure security? Consider only the software side.
What are patching, hardening, enabling encryption, filtering connections in regards to network infrastructure? What is the relation with security? What will you do in regards to these?
How is software patching different for Network Hardware than the computers/servers?
How does patching differ for consumer grade and enterprise grade network infrastructure devices?
What is a service in a network device? What are the security risks with services for network devices? How will you ensure secure services?
what does nmap do?
How does SNMP help in security? What does SNMP stand for?
You DoS and DDos for sure? What are the differences?
Are network protocols encrypted in general? i.e. do they support encrypted communications? Will it be a great idea to have all Network Protocol supporting Encrypted Communications when it comes down to configuring and administering at least?
Bastion Hosts – what are they? How does they help in ensuring security? What are the disadvantages?
How important are configuring ACLs in routers for security? What are the important considerations? Can you provide examples on how you did implement these?
What is Egress Filtering?
Name sone tunneling Protocols?
What are Teredo, 6in4, 6to4, 6rd? Are they still in use?
What is TACAS+? Give examples of use cases and purpose?
–
To what extent Password management software are useful? What are the drawbacks? What can be the consequences when the password for the password manager is leaked? or Anyone having access to your workstation/PC can get easy access to your Password manager (probably shoulder surfing for pass, or could access your session from remote)?
What are encryption, Hashing, and Salting for securing passwords?
How will you enforce for Password Policies to ensure password security?
What is 2FA? What is multi factor Authentication? At least give some examples?
is 2FA sufficient enough for security? Why and why not?
–
How to ensure endpoint security?
What are the Endpoints/Endpoint devices in your organization? How do you or how will you ensure security for those devices?
How can you Harden the endpoints?
Is desktop firewall important to increase security?
Will you recommend full-disk encryption for security? What are the drawbacks? What can be the worst case if you use full-disk encryption for the endpoints? How can you mitigate those risks?
What can you use to encrypt entire disk in Windows and MacOs?
What is Bitlocker?
What is Filevault?
Is centralizing the keys for encrypted disks a great idea? what can go wrong? Is it always the best or feasible solution? What will you do or did?
–
What is the most secure operating system? Is there any such thing? Why — why not? Does it depend on how it is configured or there is something inherent to the operating systems that make them secure or not? more or less secure (provided after you tried your best)?
Is keeping software and services a very important aspect of securing operating systems i.e. servers?
How do you update software and services in Windows, MacOS, Linux, Unix? Give Linux/Unix commands to update software and services?
What is the difference update and upgrade in Linux/Unix?
How to update many many servers such as 1000s of them? What approach will you take?
What is SELinux for security in Linux/Unix?
What is mask?
How will you utilize chmod, chown, chroot for security in Linux/Unix?
How will you configure file permissions in Linux/Unix? Give example use cases?
How will you ensure file integrity?
–
What is Open Shares? How does it affect security?
What is EMET? What does EMET stand for?
What is SCCM? How can you use SCCM for Enterprise Deployment Strategies? What are the impact/related concepts for security?
–
How can you Physicall your your environment/organization?
What Physical security measures that you can take?
–
What is PCI-DSS? What does it have to do with Security?
Explain security considerations in relation to: From: https://sitestree.com/part-2-if-you-want-to-learn-security-or-if-you-already-are-a-security-professional-engineer-can-you-answer-the-following-questions-on-security-do-you-know-and-can-do-the-answers-to-the-following/
Categories:Root
Tags:
Post Data:2019-11-17 20:13:30
Shop Online: https://www.ShopForSoul.com/
(Big Data, Cloud, Security, Machine Learning): Courses: http://Training.SitesTree.com
In Bengali: http://Bangla.SaLearningSchool.com
http://SitesTree.com
8112223 Canada Inc./JustEtc: http://JustEtc.net (Software/Web/Mobile/Big-Data/Machine Learning)
Shop Online: https://www.ShopForSoul.com/
Medium: https://medium.com/@SayedAhmedCanada
