Interview Questions General Are open-source projects more or less secure than proprietary ones?

The answer to this question is often very telling about a given candidate. It shows ! whether or not they "now what they#re tal"ing about in terms of development$ and %! it really illustrates the maturity of the individual &a common theme among my questions!. 'y main goal here is to get them to show me pros and cons for each. If I just get the (many eyes) regurgitation then I#ll "now he#s read *lashdot and not much else. And if I just get the (people in +hina can put anything in the "ernel) routine then I#ll "now he#s not so good at loo"ing at the complete picture. The ideal answer involves the si,e of the project$ how many developers are wor"ing on it &and what their bac"grounds are!$ and most importantly - quality control. In short$ there#s no way to tell the quality of a project simply by "nowing that it#s either open-source or proprietary. There are many e.amples of horribly insecure applications that came from both camps. /ow do you change your 01* settings in 2inu.34indows? /ere you5re loo"ing for a quic" comebac" for any position that will involve system administration &see system security!. If they don5t "now how to change their 01* server in the two most popular operating systems in the world$ then you5re li"ely wor"ing with someone very junior or otherwise highly abstracted from the real world. 4hat#s the difference between encoding$ encryption$ and hashing? 6ncoding is designed to protect the integrity of data as it crosses networ"s and systems$ i.e. to "eep its original message upon arriving$ and it isn5t primarily a security function. It is easily reversible because the system for encoding is almost necessarily and by definition in wide use. 6ncryption is designed purely for confidentiality and is reversible only if you have the appropriate "ey3"eys. 4ith hashing the operation is one-way &non-reversible!$ and the output is of a fi.ed length that is usually much smaller than the input. 4ho do you loo" up to within the field of Information *ecurity? 4hy?


4hat "ind of networ" do you have at home? 2 . Answers I#m loo"ing for include things li"e Team +ymru$ 7eddit$ Twitter$ etc. If you encrypt first you#ll have nothing but random data to wor" with$ which will destroy any potential benefit from compression. It#s these types of answers that will tell you he#s li"ely not on top of things.act sources don#t really matter. If they don5t "now anyone in *ecurity$ we5ll consider closely what position you5re hiring them for. 4hat5s the difference between symmetric and public-"ey cryptography *tandard stuff here: single "ey vs. 4hich "ey is used for which function? . If you had to both encrypt and compress data during transmission$ which would you do first$ and why? If they don#t "now the answer immediately it#s o". All we5re loo"ing for here is to see if they pay attention to the industry leaders$ and to possibly glean some more insight into how they approach security.)$ or$ 8I wait until someone tells me about events. 4hat does matter is that he doesn5t respond with$ (I go to the +16T website.A standard question type. The e. two "eys$ etc$ etc. 0o they panic$ or do they enjoy the challenge and thin" through it? I was as"ed this question during an interview at +isco. The "ey is how they react.ou encrypt with the other person5s public "ey$ and you sign with your own private. 4here do you get your security news from? /ere I#m loo"ing to see how in tune they are with the security community. In public-"ey cryptography you have a public and a private "ey$ and you often perform both encryption and signing functions. If they name a bunch of hac"ers3criminals that5ll tell you one thing$ and if they name a few of the pioneers that5ll say another. /opefully it isn5t a junior position. If they confuse the two$ don5t put them in charge of your <=I project. I thought out loud and within 9 seconds gave him my answer: (+ompress then encrypt.8. I told the interviewer that I didn#t "now the answer but that I needed just a few seconds to figure it out.

.#s strengths and wea"nesses vs. with a passion? If so just than" him for his time and show him out. The e. The "ey point people usually miss is that each pac"et that#s sent out doesn#t go to a different place.t candidate. and 4indows versions. It actually "eeps sending pac"ets to the final destinationA the only change is the TT2 that#s used.tra credit is the fact that 4indows uses I+'< by default while 2inu. 4hat are 2inu. 4indows? 2oo" for biases. Is he a 4indows fanboy who hates 2inu.actly does traceroute3tracert wor" at the protocol level? This is a fairly technical question but it#s an important concept to understand. 3 . Then it sends a pac"et to the second hop$ gets a time$ and "eeps going until it gets done. 0oes he absolutely hate 4indows and refuse to wor" with it? This is a sign of an immature hobbyist who will cause you problems in the future. /ow e.Good answers here are anything that shows you he#s a computer3technology3security enthusiast and not just someone loo"ing for a paychec". 1etwor" *ecurity 4hat port does ping wor" over? A tric" question$ to be sure$ but an important one. 2inu.tra credit for the difference between 2inu. If they get it right you can lighten up and offer e. is everywhere in the security world. It#s not natively a (security) question really$ but it shows you whether or not they li"e to understand how things wor"$ which is crucial for an Infosec professional. *o if he#s got multiple systems running multiple operating systems you#re probably in good shape. /int: I+'< is a layer > protocol &it doesn#t wor" over a port! A good variation of this question is to as" whether ping uses T+< or ?0<. uses ?0<. 'any people thin" that it first sends a pac"et to the first hop$ gets a time. An answer of either is a fail$ as those are layer @ protocols. If he starts throwing out port numbers you may want to immediately move to the ne. 4hat you don#t want to hear is$ (I get enough computers when I5m at wor". That#s incorrect..) I#ve yet to meet a serious security guy who doesn#t have a considerable home networ"--or at least access to one$ even if it5s not at home.

I "now it#s controversial$ but I thin" that any high-level security guy needs some programming s"ills. If he panics then we not only "now he#s not a programmer &not necessarily bad!$ but that he#s afraid of programming &bad!. /ow would you implement a secure login field on a high traffic website where performance is a consideration? 4e5re loo"ing for a basic understanding of the issue of wanting to serve the front page in /TT<$ while needing to present the login form via /TT<s$ and how they5d recommend doing that.t one. They don#t need to be a God at it$ but they need to understand the concepts and at least be able to muddle through some scripting when required. And if they get that right you can follow-up with the ne. Blan" stares here mean that they5ve never seen or heard of this problem$ which means they5re not li"ely to be anything near pro level. If they get that far$ ma"e sure they can elaborate on the actual difference$ which is that one requires you to have "ey material beforehand &7*A!$ while the other does not &0/!. 4hat#s the difference between 0iffie-/ellman and 7*A? 0iffie-/ellman is a "ey-e.change protocol$ and 7*A is an encryption3signing protocol. Application *ecurity 0escribe the last program or script that you wrote. Blan" stares are undesirable.+ryptographically spea"ing$ what is the main method of building a shared secret over a public medium? 0iffie-/ellman. 4hat "ind of attac" is a standard 0iffie-/ellman e. 4hat problem did it solve? All we want to see here is if the color drains from the guy#s face. A "ey piece of the answer should center around avoidance of the 'iT' threat posed by pure /TT<. 4hat is +ross-*ite 7equest Corgery? 4 .change vulnerable to? 'an-in-the-middle$ as neither side is authenticated.

A victim just loading that page could potentially get logged out from foo. /ow does /TT< handle state? It doesn5t$ of course. /ow does one defend against +*7C? 1onces required by the server for each page or each request is an accepted$ albeit not foolproof$ method..pectations according to the position you5re hiring for. If you were a site administrator loo"ing for incoming +*7C attac"s$ what would you loo" for? This is a fun one$ as it requires them to set some ground rules.actly is +ross *ite *cripting? . 4e5re loo"ing for them to say anything regarding an attac"er getting a victim to run script content &usually Fava*cript! within their browser. 4hat#s the difference between stored and reflected D**? 5 . Again$ we5re loo"ing for recognition and basic understanding here--not a full$ e.. http:33foo. 4hat$ and their browser would have made the action$ not them &since browsers load all I'G tags automatically!. Good answers are things li"e 8coo"ies8$ but the best answer is that coo"ies are a hac" to ma"e up for the fact that /TT< doesn5t do it itself.ou5d be ama.1ot "nowing this is more forgivable than not "nowing what D** is$ but only for junior positions. Adjust e.8 ?ndesired answers are things li"e chec"ing referrer headers$ or wild panic. 4hat#s the difference between /TT< and /T'2? Ebviously the answer is that one is the networ"ing3application protocol and the other is the mar"up language$ but again$ the main thing you5re loo"ing for is for him not to panic.com3logout3. 0esired answers are things li"e$ 80id we already implement nonces?8$ or$ 8That depends on whether we already have controls in place. A solid e.ed at how many security people don5t "now even the basics of this immensely important topic. 0esired answer: when an attac"er gets a victim5s browser to ma"e requests$ ideally with their credentials included$ without their "nowing.g. 1ot natively.ample of this is when an I'G tag points to a ?72 associated with an action$ e.pert level dissertation on the subject.

=nowing basics li"e ris"$ vulnerability$ threat$ e. 4hat are the common defenses against D**? Input Galidation3Eutput *aniti.ation succeed. Fust loo" for solid answers that are self-consistent. The "ey is to see that 6 . It is this sort of perspective that I thin" represents the highest level of security understanding--a reali. 4hat#s the difference between a threat$ vulnerability$ and a ris"? As wea" as the +I**< is as a security certification it does teach some good concepts. A much better answer in my view is something along the lines of$ (To help the organi. (To control access to information as much as possible$ sirI) 4hile admirable$ this again shows a bit of immaturity.ation that security is there for the company and not the other way around. 1ot really in a bad way$ just not quite what I#m loo"ing for. 4here is the important data? 4ho interacts with it? 1etwor" diagrams. &and being able to differentiate them! is important for a security professional. Gisibility touch points. As" as many of these as you5d li"e$ but "eep in mind that there are a few differing schools on this. If you were to start a job as head engineer or +*E at a Cortune J99 company due to the previous guy being fired for incompetence$ what would your priorities be? KImagine you start on day one with no "nowledge of the environmentL 4e don5t need a list hereA we5re loo"ing for the basics.ation$ with focus on the latter. 4hat I loo" for is one of two approachesA the first is the Hber-loc"down approach$ i.ation? This is a big one. 7eflected comes from the user in the form of a request &usually constructed by an attac"er!$ and then gets run in the victim5s browser when the results are returned from the site. )This type of response shows that the individual understands that business is there to ma"e money$ and that we are there to help them do that. +orporate37is" 4hat#s the goal of information security within an organi.posure$ etc.e. 4hat5s being logged an audited? 6tc.*tored is on a static page or pulled from a database and displayed to the user directly. <revious vulnerability assessments. Ingress and egress filtering.

Cocus on the quality of the argument put forth rather than whether or not they they chose the same as you$ necessarily.e$ in just a few seconds$ what would be the most important things to learn in an un"nown are only the "nown ones. As a corporate Information *ecurity professional$ what5s more important to focus on: threats or vulnerabilities? This one is opinion-based$ and we all have opinions. 'y answer to this is that vulnerabilities should usually be the main focus since we in the corporate world usually have little control over the threats. Another way to ta"e that$ however$ is to say that the threats &in terms of vectors! will always remain the same$ and that the vulnerabilities we are fi. 4hat you5re loo"ing for is a reali. /ow would you build the ultimate botnet? Answers here can vary widelyA you want to see them cover the basics: encryption$ 01* rotation$ the use of common protocols$ obscuring the heartbeat$ the mechanism for providing updates$ etc. /ow many pac"ets must leave my 1I+ in order to complete a traceroute to twitter. A bad answer is the loo" of 4TC on the fact of the interviewee.8 *cenario 7ole-<lay 7 . Advanced If I5m on my laptop$ here inside my company$ and I have just plugged in my networ" cable.ation that this is the way to approach it$ and an attempt to "noc" it out. Therefore we should be applying defense-in-depth based on threat modeling in addition to just "eeping ourselves up to date. Again$ poor answers are things li"e$ 8I don5t ma"e themA I stop The "ey here is that they need to factor in all layers: 6thernet$ I<$ 01*$ I+'<3?0<$ etc. Both are true$ of courseA the "ey is to hear what they have to say on the matter. And they need to consider round-trip times.they could quic"ly prioriti.

-ncry tion and . in con8unction with the !ainte"t and the a!&orithm.hat is the difference between -ncodin&.8 And you can then say yes or no$ etc.ercise due to frustration or pity. it. They are now at the client site and are free to tal" to you as the client &interviewing them!$ or to as" you as the controller of the environment$ e.ashin&? Ans$ /t a )ery hi&h !e)e!. which is (e t secret. *o you tell them$ for e. 0!owfish.g.ample$ that they5ve been called in to help a client who5s received a call from their I*< stating that one or more computers on their networ" have been compromised. I had one of these during an interview and it was quite valuable.ternal connection using tcpdump on port M9. in order to erform the encry tion o eration# -"am !es3 /-S. or )iewin& s ecia! characters on a web a&e# The &oa! is not to (ee information secret. e#&# binary data bein& sent o)er emai!. 567 -ncodin&. 0o I see any connections to I< M. Category I: General Security Concepts / Network Security / OS Security 1) Is there any difference between Information Security and IT Security? If yes.M. And it5s their job to fi. 0ase64# The ur ose of encryption is to transform data in order to (ee it secret from others# It uses a (ey.M.M. a!! these 3 terms mi&ht a ear to be simi!ar and eo !e often confuse between them# 0ut each of the techni1ue is distinct and has different use case# The ur ose of encoding is to transform data so that it can be ro er!y 'and safe!y) consumed by a different ty e of system. 6S/# The ur ose of hashing is to ta(e arbitrary in ut and roduce a fi"ed$!en&th strin& that has the fo!!owin& attributes3 1# 2# The same in ut wi!! a!ways roduce the same out ut# 9u!ti !e dis arate in uts shou!d not roduce the same out ut# : . 5nicode.Cor special situations you may want to do the ultimate interview question type. !ease e" !ain the difference# Ans$ %es# Information Security and IT Security are both different terms often used interchan&eab!y# IT Security focuses on ure!y technica! contro!s '!i(e im !ementin& anti)irus. 8I sniff the e. Crom there they continue to troubleshooting3investigating until they solve the problem or you discontinue the e. firewa!!. This is a roleplayed scenario$ where the candidate is a consultant and you control the environment. but rather to ensure that it2s ab!e to be ro er!y consumed# It does not re1uire a (ey as the on!y thin& re1uired to decode it is the a!&orithm that was used to encode it# -"am !es3 /S4II. hardenin& systems etc) whi!e Information Security is more wider term which im !ies securin& *information+ as an asset be it in any form# 'e" shreddin& of a er documents to re)ent dum ster dri)in& etc)# So IT security can be considered as a subset of Information Security# 2) .

5.ow does it wor(? 13) In what scenario.hat do you mean by statefu! ins ection by a firewa!!? 11) .hat is the difference between ro"y. such as a fi!e. Aone/!arm I. can it be hardened more? 15) . web a&e.ow does SS7 wor(? 6) . firewa!!.S) and &oes one ste ahead to re)ent it as we!!# It sim !y dro s the ac(et it thin(s sus icious 'based on ru!es) -"am !es3 1# 2# 3# 4# ro"y ? S1uid =irewa!!$ I<Tab!es.indows? 22) -" !ain in brief.hat are the different !ayers of @SI mode!? 4an you !ist 1 )u!nerabi!ity corres ondin& to each of the @SI !ayer? 1:) .hat are the countermeasures to re)ent it? 7) .hat is ort scannin&? . re1uestin& some ser)ice.hat are common security recautions for ./2 etc# . or other resource a)ai!ab!e from a different ser)er and the ro"y ser)er e)a!uates the re1uest as a way to sim !ify and contro! its com !e"ity# =irewa!! is basica!!y meant for networ( traffic contro!>fi!terin& main!y at !ayer$3# It a!!ows>denies ac(ets and connections based on certain re$defined ru!es# I. S.9A? .hat do you mean by D0%@.ashin& is often used in com uter forensics to )erify inte&rity of the di&ita! e)idence# 3) .efense in de th2# 1E) .hich systems shou!d be !aced in .3# 4# It shou!d not be ossib!e to &o from the out ut to the in ut# /ny modification of a &i)en in ut shou!d resu!t in drastic chan&e to the hash# -"am !es$ 9.S$ SB@6T I<S$ I09 <ro)entia 4) . S. /. com !ete!y secured? If not.S and I<S? / proxy server is a ser)er 'a com uter system or an a !ication) that acts as an intermediary for re1uests from c!ients see(in& resources from other ser)ers# / c!ient connects to the ro"y ser)er.hat is . connection.hat is Firtua!iGation? . 9u!ti =actor authentication# C . authentication shou!d be used? 14) Is SS.hat are the security ris(s in it? 16) .ow do you (ee yourse!f u dated with !atest trends in Information Security? 21) .9A systems? 12) .9A? .ow does asymmetric encry tion wor(? 5) ./1. I.hat is . 4IS4@ <i".7<? .hat is the difference between fa!se ositi)e and fa!se ne&ati)e? C) -" !ain the term D.hat is 9an in 9idd!e attac(? 4an it be re)ented? :) .2 ? -" !ain security concerns re!ated with it# 17) .hat are honey ots? 1C) Te!! about any of the ma8or security incident that ha ened recent!y# 2E) .hich @S do you fee! is more secure? 7inu" or .etection System is an a !ication which tries to detect intrusion attem ts based on attac( si&nature database it has# I<S$ Intrusion <re)ention System detects the intrusion '!i(e I.S$ Intrusion .

23) -" !ain in short how Herberos wor(s# 24) .hat a!! shou!d be inc!uded in re ort of F/><T assessment? 7) Is it ossib!e to hac( into a system without usin& any too!? If yes. e"$ SB@6T.hat is the use of stic(y bit? 36) .ow wou!d you &ather host information in such case? 12) .hat is SI7 In8ection attac(? .hat is the use of Dsa!t2 in reference to asswords? /re there any !imitations of usin& it? 3C) .hich one needs to be erformed first? 2) .hy is .hat is the bi&&est difference between .ow to harden a 7inu" 9achine? 26) .hat wou!d you do if nma ort scans are b!oc(ed by networ( security administrator? .ith whom wou!d you share the findin&s of F/><T and how wou!d you con)ey the ris( of the findin&s effecti)e!y so that miti&ation can be initiated immediate!y? 5) .indows 9achine? 25) .hat are the ste s to erform F/><T? 3) .@S>.i$=i /ttac( and how to re)ent it# 31) .hat are security ris(s with it? Category II: VA/PT 1) .TT<S wou!d ma(e it secure+ share your comments on this# 3) .S be used to re)ent intrusions? '/ns is yes.eb / e! Application Security !ication Security Im ortant? 2) *9a(in& the website .hat too!s do you norma!!y use for F/ and <T? .hat security threat do they ose? 4) .hat is SI-9? .hat is a E$. switch and router# 34) .ow to harden a .ay Fu!nerabi!ity? 4an it be re)ented? 2:) .indows @S and 7inu" @S? 2C) 4an an I.hat are its ty es? 1E .@S attac(? 27) ..hich too! you find the best and why? 6) .hat do you mean by re)erse she!! in 7inu"? 35) -" !ain fi!e /472s ' ermissions) in 7inu"# . one of the o en source I.hat are coo(ies? . it can act as I<S) 3E) -" !ain any ty e of .ow can you identify whether a remote machine is a .hat are the different com onents of metas !oit? -" !ain c!ient side e" !oits>attac(s# Category III: 1) .hat is sin&!e si&n$on? .indows 9achine or 7inu" 9achine? C) .ow does sniffin& wor(s? -" !ain how can you sniff into a networ(# 4an sniffin& attac( be re)ented and how? 11) .hat is the difference between acti)e and assi)e information &atherin&? '&i)e 1 e"am !e of each) 1E) .hat is the difference between Fu!nerabi!ity /ssessment and <enetration Testin&? .S if confi&ured in in$!ine mode in con8unction with I<Tab!es. how wou!d you do it? '9anua!!y?) :) .hat recautions are re1uired to be ta(en whi!e erformin& F/><T? 4) .hat is B/T and </T? -" !ain difference between them and how do they wor(# 37) 4omment on security concerns in 4!oud 4om utin&# 3:) .ow can you re)ent .hat is rainbow attac(? Is there a way to re)ent it? 33) -" !ain the difference between hub.hy it is usefu!? 32) .

hat are common contro!s for securin& .hat is IS@ 27EE1? .hat are the ways to re)ent JSS attac(s? :) .SS? Is there any simi!arity between <4I$.hat are the most im ortant ste s you wou!d recommend to secure your new web ser)er? 1:) . then to 17) .hat are the ty es of 6is(s? 4) .ow wou!d you miti&ate )u!nerabi!ities in a !e&acy a feasib!e? 12) .hat too!s do you use for erformin& .irectory 7istin&? .ow to re)ent it? 2E) 4an you e" !ain any 2 )u!nerabi!ities occurrin& due to oor session mana&ement? 21) .ow to re)ent it? C) .TT< hand!es state? Category IV: "isk #anage$ent/ Co$pliance/ Security %ra$eworks 1) .hat is <4I$.hat are the to 5 .o you ha)e hands on (now!ed&e of source code re)iew? Ki)e any e"am !e of )u!nerabi!ity>bu& you found durin& source code re)iew# 16) .eb / 26) .atabase Security# .ow wou!d you con)ince the de)e!o er to fi" the )u!nerabi!ities you found in the .ow does .hat is JSS attac(? .SS? 11 .hite 0o" / Security testin&? 15) .hat is residua! ris(? 4an it be e!iminated? 6) .hat are the ways to re)ent SI7 In8ection? 6) .5) .hat is the difference between shou!d be the . )u!nerabi!ity .hat are the standards a)ai!ab!e for 6is( 9ana&ement? 3) .eb / !ication Fu!nerabi!ities you (now? !ication )u!nerabi!ity and you a!so 1E) -" !ain any case wherein you found some critica! web a ro)ided so!ution to fi" the same# 11) .ow do you test security for web ser)ices? 14) .hat is the difference between IS@ 27EE1 and IS@ 27EE2? :) .hat is its im act? . e" !oit and ris(? 5) .eb / !ication Security and re!ated )u!nerabi!ities? !ication a&ainst common attac(s? If yes.hat are the ossib!e ways to treat the ris(? 5) .hat are its ty es? 7) .hat standards do you refer for .hy an or&aniGation shou!d ado t it? 7) .hat ty e of or&aniGations are re1uired to be com !iant with <4I$.i!! 7$3 firewa!! be usefu! in rotectin& the web a what e"tent? 1C) .hat is the difference between .atabase ser)er !aced in networ( for o tima! security? 21) Is there any ris( when conductin& / some )u!nerabi!ity in your web a !ication Security testin& on roduction instance? 22) .atabases# 25) .eb / 13) .hat is 4S6=? .hat is .hat is 6is( /ssessment and 6is( 9ana&ement? /re they same? 2) .ow wou!d you in)esti&ate or trace any security incident which occurred due to e" !oitation of !ication? !ication for security )u!nerabi!ities? !ication? 23) <!ease e" !ain how wou!d you test a mobi!e a !ication Security testin& and 0!ac(bo" / !ication !ication security testin&? !ication where much of code chan&e is not 24) -" !ain about .SS and IS@27EE1? C) .eb Ser)er and .

hat wou!d you do to ma(e security ro&ram > initiati)e successfu! in the or&aniGation? 12) . there are many esca!ations comin& to ser)ice des(. o!icy.a)e you heard about stu"net? -" !ain your )iews on it and how cou!d it ha)e been re)ented? Category VI: Co$puter %orensics/)aws 1) .hy it is im ortant in forensics? 5) . the networ( has become e"treme!y s!ow.hat is meant by bit stream ima&e? .hich one wou!d be more secure!y bui!t? @ en Source software or 4ommercia!><ro rietary software? 2) .ow much wou!d you idea!!y s end on securin& a . but wou!d rea!!y test whether the candidate is c!ear with the basics !i(e asset )a!ue.escribe ste&ano&ra hy.hat is fi!e shreddin&? C) 4an data be reco)ered after shreddin& is erformed? 1E) . what wou!d you do in such case? Shou!d business re1uirement be &i)en riority or security shou!d be the riority? 6) .hat is the difference between a standard.hat is swa s ace? .hat do you mean by fi!e car)in&? 4) .ow many ac(ets wou!d tra)e! from a !a to if a user initiates a traceroute to faceboo(#com? 4) 4onsider a scenario.hat is its re!e)ance in forensics? . its ty es and how to detect it? 3) .hat are the famous too!s used in com uter forensics? 11) .hat is the difference between technica! contro!s and rocedura! contro!s? '&i)e 1 e"am !e of each) 15) -" !ain hi&h !e)e! ste s for initiatin& and im !ementin& IS@27EE1# Category V: Strategic / Scenario &ase' (uestions 1) <!ease comment3 .hom do you &et ins ired from in the fie!d of Information Security? 3) .hat are your )iews on this? :) .here do you see yourse!f 'in which ro!e> osition) after 3$4 years? C) Shou!d socia! networ(in& websites '!i(e faceboo() be a!!owed or b!oc(ed? Lustify with ro er reason# 1E) /nonymous hac(ers are hac(in& into some critica! infrastructure around the wor!d# 4an you comment on how wou!d they be doin& this? 11) . im act ana!ysis etc) 14) . but you (now its )u!nerab!e to some critica! attac(s.hat are the o u!ar a!&orithms for ca!cu!atin& chec(sums? .hat are the !atest trends in Information Security? 7) Is Internet 0an(in& rea!!y safe and secure? .hat is a&e fi!e? 6) -" !ain hi&h !e)e! ste s for seiGin& a !i)e com uter system# 7) .hat is its si&nificance in com uter forensics? 2) .hat are the main cha!!en&es in com uter forensics? :) .hat do you mean by chec(sum? .ow wou!d you con)ince the senior mana&ement to in)est in certain security initiati)e? 13) . rocedure? 11) .ow wou!d you face this situation? 5) Su ose business team wants to !aunch an a !ication or ur&ent basis.o you see a ossibi!ity of any security threat in this? . what wou!d you do a as security rofessiona!? .1E) .indows Ser)er? 'This is a )ery &eneric 1uestion.hat hardware is necessary for erformin& com uter forensics? 12 .

hat care shou!d be ta(en whi!e ac(a&in& the seiGed e)idence? 13) .ow wou!d you traced a s oofed emai! sent from s oofed I< address? 13 .12) .hat is s!ac( s ace? 14) 7ist few situations wherein !ost data cannot be reco)ered# 15) .