Skip to Content

Common Technical Interview Questions and Answers Update on July 30, 2021

Exam Question 21

A single-line access control list (ACL) has been added to a router configuration using the command ip access-list 1 permit 172.16.4.0 0.0.1.255. The configuration also includes the access-class 1 in command in virtual terminal configuration mode. Which answer accurately describes how the router uses ACL 1?

A. Hosts in subnet 172.16.4.0/23 alone can telnet into the router.
B. Command-line interface users cannot telnet from the router to hosts in subnet 172.16.4.0/23 alone.
C. Hosts in subnet 172.16.4.0/23 alone can log in but cannot reach enable mode of the router.
D. The router will only forward packets with source addresses in subnet 172.16.4.0/23.
Correct Answer:
A. Hosts in subnet 172.16.4.0/23 alone can telnet into the router.

Exam Question 22

A next-generation firewall (NGFW) sits at the edge of a company’s connection to the internet. It has been configured to prevent Telnet clients residing in the internet from accessing Telnet servers inside the company. Which of the following might an NGFW use that a traditional firewall would not?

A. Match message destination well-known port 23
B. Match message application data
C. Match message IP protocol 23
D. Match message source TCP ports greater than 49152
Correct Answer:
B. Match message application data

Exam Question 23

Which actions show a behavior typically supported by a Cisco next-generation intrusion prevention system beyond the capabilities of a traditional IPS?

A. Gather and use host-based information for context
B. Comparisons between messages and a database of exploit signatures
C. Logging events for later review by the security team
D. Filter Uniform Resource Identifiers using reputation scores
E. Both A and D
F. Both A and C
Correct Answer:
F. Both A and C

Exam Question 24

What qualifies as sensitive data?

A. Your pet’s name
B. Your PebbleU username
C. Your passport details
D. All of the above
Correct Answer:
C. Your passport details
Answer Description:
Your PebbleU username may be somewhat sensitive, but by itself, it doesn’t do anything. It may also have been automatically generated. In contrast, personally identifiable information, like your passport details, are sensitive since leakage of them can compromise you, particularly your identity. Your pet’s name is something probably many people know and, even if the whole world knows, wouldn’t affect you much — unless, of course, you use it as part of a password or something, which we wouldn’t recommend.

Exam Question 25

What does cryptography include?

A. Authentication
B. Integrity
C. Nonrepudiation
D. Confidentiality
E. All of the above
Correct Answer:
E. All of the above
Answer Description:
Cryptography is a subfield of cybersecurity that includes each one of these methodologies, by definition. Also, all of them are closely linked as we often use them in tandem.

Exam Question 26

Why are passwords important in cybersecurity?

A. Because they provide authentication and help with confidentiality
B. Because they ensure integrity
C. Because tokens aren’t secure
D. Because cybersecurity experts say so
Correct Answer:
A. Because they provide authentication and help with confidentiality
Answer Description:
Passwords are one of the most popular methods for authentication — think of your PIN code for accessing your phone or your bank account via an ATM. They don’t ensure integrity though since the latter deals with message authentication codes and such. Many encryption keys are linked to passwords, however, so they play an important role in confidentiality. As for tokens, they are generally quite secure by themselves, even if sometimes they are used in combination with passwords for additional security. Every cybersecurity expert is entitled to their opinion, and we should listen to them. But we shouldn’t accept everything a priori, especially for fundamental things like this.

Exam Question 27

Message authentication codes (MACs) involve _______.

A. Encryption, always
B. Hashing, sometimes
C. Hashing, always
D. Hashing and encryption, always
Correct Answer:
C. Hashing, always
Answer Description:
MACs are an ingenious authentication process based on hashing. So, there is always some hashing taking place every time we use one. Some MACs involve encryption, too, but that’s not always the case.

Exam Question 28

What is a digital signature?

A. A digital version of a conventional signature
B. Any file that is unique to you
C. A nonrepudiation mechanism
D. A form of reverse asymmetric encryption
E. Both A and B
F. Both C and D
Correct Answer:
F. Both C and D
Answer Description:
Digital signatures are the most common form of nonrepudiation mechanisms, which is technically different from integrity A digital signature is independent and different to a conventional signature, and some people argue that they shouldn’t be called signatures since they are inherently different and more difficult to forge than conventional signatures. Files unique to you may be useful as encryption keys, and some of them may relate to digital signatures. But that’s not always the case. Digital signatures are often talked about in asymmetric encryption texts because they are essentially the reverse process of an asymmetric encryption cipher — i.e., you are the only one to transform a piece of plaintext into ciphertext, but everyone else can transform it back to its original form, to verify the fact.

Exam Question 29

What’s the quantum threat?

A. Quantum computers replacing conventional computers
B. Quantum computers breaking every hashing function
C. Quantum computers compromising certain cryptographic processes
D. Quantum computers breaking blockchain
E. Quantum computers compromising MACs
Correct Answer:
C. Quantum computers compromising certain cryptographic processes
Answer Description:
Quantum computers are on the rise, but it’s unlikely they’ll ever replace conventional computers. Also, they may not be breaking hashing functions in the foreseeable future since their superpower is performing certain tasks especially well. One such task is number factorization, which is primarily used in asymmetric encryption today. So, if a quantum computer is powerful enough and runs Shor’s algorithm, it can compromise anything related to this kind of cryptographic process — e.g., asymmetric encryption ciphers and digital signatures. As for blockchain, although no one is sure how quantum computers will affect it, it’s unlikely that it will be broken since it relies primarily on hashing. MACs are also considered to be quite secure against quantum computers.

Exam Question 30

Which is not true about cloud computing?

A. Cloud computing will decrease your capital expenses.
B. Cloud service models include IaaS, SaaS and PaaS.
C. Cloud computing deployment models include public cloud, private cloud, hybrid cloud and multi-cloud.
D. Cloud computing resources are usually constrained to a single region or availability zone.
Correct Answer:
D. Cloud computing resources are usually constrained to a single region or availability zone.
Answer Description:
One of the key promises of cloud architectures is that they allow developers to easily spin up new resources in any region or availability zone required from a technical perspective. It is not always practical or advisable to spin up resources or share data across availability zones due to security, privacy or compliance issues that must be addressed. Also, spinning up additional resources in separate regions or zones to increase resiliency or reduce latency also needs to be balanced against the costs of deploying redundant infrastructure.

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.