All The Useful CompTIA Security+ Interview Questions & Answers

Question 1. What is the difference between public key cryptography and a private key for encrypting and signing content?
A sender or recipient publishes his public key. You use the public key to encrypt content and your private key to sign the content. This is the standard form of communication with encryption and signing.

Question 2. What port is for ICMP or pinging?
Ping uses the ICMP protocol, which is a layer three protocol. Ping doesn't use a port, so you will want to note this is a trick question if asked.

Question 3. Do you prefer Windows or Linux?
This question is more of a preference, but many network security professionals know Linux works well with security. For instance, Linux is better to know when working with routers. Be honest with your answer and give pros and cons that relate to which one you prefer.

Question 4. What should be implemented on a login page?
Whenever you transfer sensitive data, you need to use HTTPS. Ensure you answer this question with HTTPS and possibly how you would implement a conversion of HTTP to HTTPS.

Question 5. How would an HTTP program handle state?
HTTP does not handle state natively. HTTP applications use cookies to handle the state of an application. The developer can also store data in the web server's session.

Question 6. What is cross-site scripting (XSS)?
Cross-site scripting occurs when an attacker can inject executable code within JavaScript. This is done through a hacked database or poorly scrubbed query string variables.

Question 7. What are the two types of XSS?
Cross-site scripting has two types of attacks: reflected and stored. A stored XSS hack allows the attacker to store malicious code within the database. The database content is served to the user from the database and can be used in private pages behind a secure login to gain access to site private data. The next is reflected, and this comes from the hacker sending the user a link that runs JavaScript code within the pages directly from the query string.

Question 8. What are some ways that the company can defend against XSS?
First, programmers should defend against JavaScript added to a query string. Also, remove JavaScript from any input variables sent through online forms and stored in a database.

Question 9. What can you use to defend against multiple login attempts?
You can create a lockout policy that locks accounts when a user has too many login attempts.

Question 10. How can you defend against phishing attempts?
Phishing is usually done through email, so you can block some SMTP servers and senders, and educate users on phishing attempts.

Question 11. What is an ACL?
An access control list. It is a list used to grant users and processes access to system resources.

Question 12. What is the purpose of a firewall?
It is used to control network traffic by determining what type of packets are allowed to pass through.

Question 13. Describe a proxy
A network service that allows clients to make indirect network connections to other network services.

Question 14. What is HIDS?
A host-based IDS (intrusion detection system) is used to monitor malicious activity. It is placed on an individual host computer instead of a server.

Question 15. What is a good practice for securing network devices?
Disabling unused ports.

Question 16. Describe an IDS (intrusion detection system)
A network- or host-based monitoring system that is used to alert system administrators of suspected intrusions or other unauthorized activity.

Question 17. What are MAC, DAC and RBAC?
Mandatory access control, discretionary access control and role-based access control. MAC uses the operating system to prevent a user from accessing a particular target. DAC restricts access to an object based on a user's identity or group. RBAC denies or grants access based on a user's role.

Question 18. How can you ensure the privacy of a VPN connection?
Tunneling.

Question 19. What is a packet sniffer or protocol analyzer?
A software tool used for monitoring and examining the contents of the network traffic.

Question 20. What are the layers in the OSI model?
Physical, data link, network, transport, session, presentation and application.

Question 21. What is port 443?
HTTPS (hypertext transfer protocol secure).

Question 22. What is Wireshark?
A network protocol analyzer used to examine packets sent across a network.

Question 23. What is UTM?
Unified threat management. A network security solution that provides URL filtering, malware or content inspection. It combines the functionality of a firewall with these additional safeguards.

Question 24. Describe a signature-based IDS
It uses known attack patterns to detect an intrusion.

Question 25. Describe rule-based access control
A type of access control model which grants or denies access to resources based on ACL entries.