|
Password Management questions
Computing Security,Information Security, NT security, Web Security and Network Security Questions and Answers
(Continued from previous question...)
Password Management questions
- Who knows the passwords for systems that perform critical business functions?
- Do we regularly change passwords on critical systems?
- Do we require end users to change their passwords? How often?
- Do we educate end users about good password choices? (e.g. avoid family names and dates, use a password longer than 6 characters, don’t use words found in dictionaries, include numerals in the password).
- Do we discourage sharing of user names and passwords among multiple people?
- Do we provide tools to help people choose strong passwords? (Note: some system administrators use automated tools to scan the user database or password file for easily-guessed passwords.)
- Do our systems “lock out” an account after a pre-determined number of failed login attempts?
- How do we manage which people have privileged access to our systems? Do we periodically review which people have “root” or “superuser” or “administrative” privileges on systems? Do we have a procedure to remove privileges for employees who have left the university? Do we remove privileged access when an employee no longer needs it?
- Do we ensure that in case of emergency someone will have passwords for critical systems (for instance, if the primary system administrator is unavailable).
(Continued on next question...)
Other Interview Questions
- How can I avoid computer viruses?
- What makes a strong password?
- What is Spyware?
- How can I avoid Spyware?
- What is a Firewall?
- How can I protect my home computer?
- I'm new to the Internet and have been hearing a lot about viruses. I'm not exactly sure what they are. Can you help?
- I've been hearing a lot about firewalls, but I'm not sure what it is or if I need it. Can you help?
- What is the security threat level today at the Internet Storm Center (ISC).
- What is this (X) IDS signature mean?
- SEM/SIM Security information management questions
- Checking on the interviewee's knowledge of legal issues and information security
- Use the out put from any network security scanner, which ever network security scanner is used by the interviewer
- How well the person can do architecture from scratch ...
- Where do I get patches, or, what is a Service Pack or a Hot Fix?
- What is impersonation?
- What is a SID (Security ID)?
- What are privileges (user rights)?
- What is an ACE (Access Control Entry)?
- What is an ACL (Access Control List)?
- What is SRM (Security Reference Monitor)?
- What is LSA (Local Security Authority)?
- What is SAM (Security Account Manager)?
- What is a secure channel?
- What is an access token?
- Host security
- Are there any NT based viruses, or can NT be susceptible for other viruses?
- How do I get my computer C2-level secure, or, what is c2config?
- Are there any known problems with the screen saver / screen lock program?
- How can I secure my client computers against my users?
- Can my page file hold sensitive data?
- User security
- Administrator account
- Guest account
- Network security
- Is NT susceptible to SYN flood attacks?
- Is it possible to use packet filters on an NT machine?
- What ports must I enable to let NBT (NetBios over TCP/IP) through my firewall
- What is Authenticode?
- What should I think about when using SNMP?
- What servers have TCP ports opened on my NT system? Or: Is netstat broken?
- What are giant packets? Or, is Windows NT susceptible to the PING attack?
- What is a NULL session?
- Web server security
- FTP server security
- What is Rollback.exe ?
- What is Shutdown.exe
- What is AFTP, NVAlert and NVRunCmd
- There are several security issues related to ODBC usage ...
- There are a number of things to do to get better security on remote connections ...
- By default, all auditing in Windows NT is turned off. You have to manually turn on auditing on whatever object you want audited ...
- Can I grant access to someone to view or change the logfiles?
- What is CryptoAPI
- Where is the password that I configure a service to start with stored?
- How do we “lock down” a new system?
- Securing New Systems questions
- Password Management questions
- Anti-Virus questions
- Software Maintenance questions
- Backups questions
- Physical Security questions
- Network Security questions
- Wireless Security questions
- Data Security questions
- Intrusion Detection and Recovery questions
- Disaster Recovery Planning questions
- Current Awareness of Security Issues questions
- Security interview questions for network admin questions
- What's to worry about Web Security ?
- Exactly what security risks are we talking about?
- Are some operating systems more secure to use as platforms for Web servers than others?
- Are some Web server software programs more secure than others?
- Are CGI scripts insecure?
- Are server-side includes insecure?
- What general security precautions should I take?
- How do I secure Windows 2000 and IIS 5.0?
- What is the URLScan Security Tool?
- What is the IIS Lockdown Tool?
- What is the HFNetChk Security Tool?
- What is the Microsoft Baseline Security Analyzer?
- What do you see as the most critical and current threats effecting Internet accessible websites?
- What online resources do you use to keep abreast of web security issues? Can you give an example of a recent web security vulnerability or threat?
- What do you see as challenges to successfully deploying/monitoring web intrusion detection?
- What is your definition of the term "Cross-Site Scripting"? What is the potential impact to servers and clients?
- What are the most important steps you would recommend for securing a new web server? Web application?
- Imagine that we are running an Apache reverse proxy server and one of the servers we are proxy for is a Windows IIS server. What does the log entry suggest has happened?
- You are engaged in a penetration-test where you are attempting to gain access to a protected location. You are presented with this login screen:
- What application generated the log file entry below? What type of attack is this?
- What does this log entry indicate? How could you identify what the contents are of the "hacked.htm" file that the attacker is trying to upload?
- The file is called "logon_validate" and a typical logon request looks like this ?
| 