How can I avoid computer viruses?
What is computer impersonation?
What are privileges (user rights)?
What is this (X) IDS signature mean?
What is an ACL (Access Control List)?
What makes a strong password?
How can I avoid Spyware?
How can I protect my home computer?
I have been hearing a lot about firewalls, but I am not sure what it is or if I need it. Can you help?
SEM/SIM Security information management questions
Use the out put from any network security scanner, which ever network security scanner is used by the interviewer
Where do I get patches, or, what is a Service Pack or a Hot Fix?
What is a SID (Security ID)?
What is an ACE (Access Control Entry)?
What is SRM (Security Reference Monitor)?
What is SAM (Security Account Manager)?
What is an access token?
Are there any NT based viruses, or can NT be susceptible for other viruses?
Are there any known problems with the screen saver / screen lock program?
Can my page file hold sensitive data?
Is it possible to use packet filters on an NT machine?
What is Authenticode?
What servers have TCP ports opened on my NT system? Or: Is netstat broken?
What is a NULL session?
What is Shutdown.exe?
There are several security issues related to ODBC usage
By default, all auditing in Windows NT is turned off. You have to manually turn on auditing on whatever object you want audited. First off, you should have a policy for
How do we �lock down� a new system?
Password Management questions
Software Maintenance questions
Physical Security questions
Wireless Security questions
Intrusion Detection and Recovery questions
Current Awareness of Security Issues questions
What is to worry about Web Security?
Are some operating systems more secure to use as platforms for Web servers than others?
Are CGI scripts insecure?
What general security precautions should I take?
What is the URLScan Security Tool?
What is the HFNetChk Security Tool?
What do you see as the most critical and current threats effecting Internet accessible websites?
What do you see as challenges to successfully deploying/monitoring web intrusion detection?
What are the most important steps you would recommend for securing a new web server? Web application?
What are some examples of you how you would attempt to gain access?
What does this log entry indicate? How could you identify what the contents are of the hacked.htm file that the attacker is trying to upload?
I am new to the Internet and have been hearing a lot about viruses. I am not exactly sure what they are. Can you help?
What is the security threat level today at the Internet Storm Center (ISC)?
Checking on the interviewees knowledge of legal issues and information security
How well the person can do architecture from scratch?
What is LSA (Local Security Authority)?
What is a secure channel?
How do I get my computer C2-level secure, or, what is c2config?
Is NT susceptible to SYN flood attacks?
What ports must I enable to let NBT (NetBios over TCP/IP) through my firewall?
What should I think about when using SNMP?
What are giant packets? Or, is Windows NT susceptible to the PING attack?
What is Rollback.exe?
What is AFTP, NVAlert and NVRunCmd?
There are a number of things to do to get better security on remote connections
Can I grant access to someone to view or change the logfiles?
Where is the password that I configure a service to start with stored?
Securing New Systems questions
Network Security questions
Data Security questions
Disaster Recovery Planning questions
Security interview questions for network admin questions
Exactly what security risks are we talking about?
Are some Web server software programs more secure than others?
Are server-side includes insecure?
How do I secure Windows 2000 and IIS 5.0?
What is the IIS Lockdown Tool?
What is the Microsoft Baseline Security Analyzer?
What online resources do you use to keep abreast of web security issues? Can you give an example of a recent web security vulnerability or threat?
Imagine that we are running an Apache reverse proxy server and one of the servers we are proxy for is a Windows IIS server. What does the log entry suggest has happened?
What application generated the log file entry below? What type of attack is this?
The file is called logon_validate and a typical logon request looks like this?
How can I secure my client computers against my users?