Scribd
Upload
9 views5 pages

Network Security Questions1

The document is a pool of exam questions related to computer network security, covering various scenarios such as ransomware attacks, encryption, incident reviews, and security policy revisions. It includes practical tasks, case studies, and theoretical questions aimed at assessing knowledge in network security practices and principles. Topics range from incident response and access control to VPN setup and mobile threat responses.

Uploaded by

winiforall
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
9 views5 pages

Network Security Questions1

The document is a pool of exam questions related to computer network security, covering various scenarios such as ransomware attacks, encryption, incident reviews, and security policy revisions. It includes practical tasks, case studies, and theoretical questions aimed at assessing knowledge in network security practices and principles. Topics range from incident response and access control to VPN setup and mobile threat responses.

Uploaded by

winiforall
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

Computer Network Security MID-Semester Pool of Exams Questions

1. Case Scenario: A hospital experiences a ransomware attack that encrypts


patient records. Identify the specific vulnerabilities that could have enabled
this, and propose three short-term and long-term controls to prevent
recurrence.

2. Practical Task: You've been hired to assess the security posture of a medium-
sized firm. Describe how you would use the CIA Triad (Confidentiality,
Integrity, Availability) to evaluate their network.

3. Incident Review: An internal audit revealed that employees frequently


bypassed company security policies using personal hotspots. How would you
revise the existing security policy to mitigate this risk?

4. Encryption Case Study: A company used symmetric encryption to protect


client data but still suffered a data breach. What are the limitations of
symmetric encryption in this context, and how could asymmetric encryption
and key management improve security?

5. Digital Signature Validation: You received a software update with a digital


signature. Explain step-by-step how you would verify its authenticity and
integrity using a public key infrastructure (PKI).

6. Hash Function Investigation: A file transfer process is suspected of being


tampered with in transit. How would you use hash functions like SHA-256 to
detect and prevent such tampering?
7. Packet Sniffing Exercise: You captured network traffic using Wireshark and
observed multiple HTTP packets transmitting passwords in plaintext.
Recommend practical steps to secure such communicatins.

8. Protocol Misuse Case: A DNS amplification attack is traced back to an open


resolver in your company's network. How would you detect and mitigate this
vulnerability?

9. Secure Protocol Deployment: Your team needs to secure file transfers across
departments. Choose between SFTP and HTTPS, and justify your choice with
at least three practical security considerations.
10.Firewall Configuration Task: You're configuring a stateful firewall for a finance
department. Outline a sample rule set that balances security and usability
while preventing common port-based attacks.

11.IDS Deployment Scenario: A company has deployed Snort as its IDS but
receives too many false positives. Describe how to refine Snort rules or setup
to improve detection accuracy.

12.Real-World Incident: A university suffered a port scanning attack that


bypassed its firewall. As a network analyst, what layered defense strategies
would you implement to prevent future scans?

13.Rogue AP Simulation: A malicious actor sets up a rogue access point near a


corporate office. Describe how you would detect the rogue AP and protect
users from connecting to it.

14.Wi-Fi Audit Task: Perform a Wi-Fi security audit on a small business using
WPA2-PSK. List the tools you would use and the exact security parameters
you'd evaluate.

15.Mobile Threat Response: An Android app installed by employees was found to


leak sensitive data. What mobile OS security settings and best practices
would you enforce to mitigate this risk?

16.VPN Setup Task: You’re tasked with setting up a secure VPN for remote
workers using IPSec. Outline the configuration steps and key options you'd
enable to secure communications.

17.Remote Access Policy Design: After a contractor accessed the network


through a public café’s Wi-Fi, sensitive data was leaked. Draft a brief remote
access policy to prevent such incidents.

18.VPN Breach Case Study: A company’s SSL VPN was compromised due to
outdated software. How could regular auditing and patch management have
prevented this, and what additional control measures would you suggest?
19.Access Control Scenario: An intern mistakenly accessed and deleted HR files
due to poor access controls. How would you redesign the access control
system using role-based access control (RBAC)?

20.2FA Rollout Plan: Your organization wants to implement two-factor


authentication for all users. Propose a practical deployment plan and explain
how it mitigates common attack vectors.

21.Zero Trust Design Task: Your organization is transitioning to a Zero Trust


architecture. Identify the first three steps you would take in implementing
this model in a corporate network.

22.Insider Threat Assessment: A terminated employee still had access to internal


systems for 72 hours. How would you improve employee offboarding
procedures and automate revocation of access?

23.BYOD Risk Evaluation: Your company is considering a Bring Your Own Device
(BYOD) policy. Identify three security risks of BYOD and propose mitigation
controls.

24.Physical Security Review: A data center security audit found unlocked server
rooms and shared ID cards. Suggest both physical and administrative
countermeasures to improve access control.

25.Risk Analysis Task: A medium-sized enterprise wants to prioritize its network


security investments. Using a basic risk matrix, describe how you'd assess
threats and decide on resource allocation.

26.TLS Inspection Scenario: Your company inspects HTTPS traffic for threat
analysis. What are the ethical and technical challenges of TLS interception,
and how would you ensure privacy compliance?

27.Cryptographic Algorithm Selection: You’re designing a secure messaging app.


Compare AES, RSA, and ECC, and justify which to use for encrypting
messages and managing keys.

28.Key Management Policy Drafting: A development team shares private SSH


keys over email. Design a simple key management policy to govern secure
distribution and storage.

29.Password Hashing Best Practices: You're tasked with storing user passwords
securely. Compare bcrypt, scrypt, and PBKDF2 in terms of resistance to
brute-force attacks.
30.Digital Certificate Abuse Case: A forged certificate was used to impersonate
your website. Explain how certificate pinning and HSTS could have prevented
the attack.

31.IPv6 Security Assessment: A company enables IPv6 without updating firewall


policies. What risks does this introduce, and how would you secure IPv6
traffic?

32.Protocol Downgrade Attack Simulation: Simulate a downgrade attack (e.g.,


forcing TLS 1.0). How can servers and clients be configured to resist this?

33.Secure DNS Configuration Task: Design a plan to deploy DNSSEC in a


corporate environment. What steps ensure authenticity of DNS responses?

34.Man-in-the-Middle Prevention: Explain how ARP spoofing works and how


protocols like HTTPS and static ARP entries can mitigate its impact.

35.Application Layer Hardening: A custom-built application transmits login


credentials over HTTP. How would you secure the protocol stack and harden
the application?

36.Next-Gen Firewall Use Case: You are evaluating traditional vs next-gen


firewalls (NGFW). List three additional features NGFW provides and how they
improve traffic inspection.

37.Firewall Rule Audit: You discover 200 unused or overly permissive firewall
rules. How would you approach cleanup while ensuring no service
interruption?

38.Host-Based vs Network IDS: Compare deployment of host-based IDS (HIDS)


and network-based IDS (NIDS) in terms of visibility, complexity, and response
time.

39.SIEM Integration Task: Explain how integrating firewall logs with a SIEM (like
Splunk) enhances incident detection and response.

40.Traffic Anomaly Analysis: A sudden increase in outbound DNS queries is


detected. Describe how you would use IDS data to investigate and respond.

41.MAC Spoofing Simulation: Simulate a MAC spoofing attack. What detection


techniques and countermeasures (e.g., 802.1X, NAC) can be used?

42.Evil Twin Detection Lab: You suspect a rogue AP is mimicking your corporate
SSID. Outline steps using airodump-ng and Wireshark to detect and confirm.
43.Mobile App Permission Audit: Choose any two popular apps. Perform a
permission audit and evaluate their risk to corporate data if installed on
BYOD devices.

44.Public Wi-Fi Threat Model: Design a threat model for a user accessing
corporate email over public Wi-Fi. Suggest three technical defenses.

45.WPA3 Upgrade Plan: Your organization is moving from WPA2 to WPA3.


Identify hardware, software, and policy considerations to support the
upgrade.

46.Split Tunnel vs Full Tunnel: Compare the pros and cons of split-tunnel and
full-tunnel VPN setups. In which scenarios would one be preferable?

47.VPN Load Balancing Plan: Your VPN server is overburdened during remote
work hours. Propose a load balancing and failover strategy.

48.VPN Log Review Task: Review a sample OpenVPN log file and identify three
security-relevant events worth alerting on.

49.Credential Theft Response: A remote worker’s VPN credentials are phished.


What immediate and long-term steps should your incident response team
take?

50.Remote Desktop Security Setup: You’re enabling RDP access for field
technicians. How would you secure it against brute-force and man-in-the-
middle attacks?

You might also like