1. Cfare kuptoni me sigurine e informacionit?

It is concerned with making sure that nosy people cannot read, or worse yet, secretly modify messages
intended for other recipients. It is concerned with people trying to access remote services that they are
not authorized to use.

2. Jepni 4 ndarjet e problemeve ne sigurine e rrjetit?

Network security problems can be divided roughly into four closely intertwined areas: secrecy,
authentication, nonrepudiation, and integrity control. Secrecy, also called confidentiality, has to do with
keeping information out of the grubby little hands of unauthorized users. This is what usually comes to
mind when people think about network security. Authentication deals with determining whom you are
talking to before revealing sensitive information or entering into a business deal. Nonrepudiation deals
with signatures: how do you prove that your customer really placed an electronic order for ten million
left-handed doohickeys at 89 cents each when he later claims the price was 69 cents? Or maybe he
claims he never placed any order. Finally, integrity control has to do with how you can be sure that a
message you received was really the one sent and not something that a malicious adversary modified in
transit or concocted.

3. Percaktoni cila shtrese e modelit OSI eshte me e pershtateshme per enkrptimin e informacionit?

In the transport layer, entire connections can be encrypted end to end, that is, process to process. For
maximum security, end-to-end security is required.

Q: What do you see as the objective of information

security within a business or organization?

A: Network security should:

 Ensure uninterrupted network availability to all users

 Prevent unauthorized network access

 Preserve the privacy of all users

 Defend the networks from malware, hackers, and DDoS attacks

 Protect and secure all data from corruption and theft

Q: How do you define risk, vulnerability, and threat, in the

context of network security?

A: A risk is defined as the result of a system being secure but not secured sufficiently,
thereby increasing the likelihood of a threat. A vulnerability is a weakness or breach in
your network or equipment (e.g. modems, routers, access points). A threat is the actual
means of causing an incident; for instance, a virus attack is deemed a threat.

Q: What are the possible results of an attack on a

computer network?

A: Possible results include:

 Loss or corruption of sensitive data that is essential for a company’s survival and
success

 Diminished reputation and trust among customers

 The decline in value with shareholders

 Reduced brand value

 Reduction in profits

Q: What do you use on your own personal network?

A: An interviewer will want to know what sort of security measures you use on your own
home devices. After all, if you’re a hotshot network security expert, clearly that must be
reflected in the network that means the most to you; your personal system! An employer
can tell a lot about your network savviness by analyzing what measures you use for
your devices.
Q: Speaking of your home network, do you have a
Wireless Access Point, and if so, how do you defend it?

A: There are many methods of protecting a WAP, but the three most popular are:
employing MAC address filtering, using WPA2, and not broadcasting the SSID. This is
yet another attempt by an employer to see what matters to you personally in terms of
security. After all, people tend to prefer the best things for themselves!

Q: How informed do you keep yourself on network

security-related news, and how often do you check out
these stories? Where do you get your security news from?

A: Network security incidents are big news today, and there have been many high-
profile news stories about data breaches and hackers in the past few years. An
employer is going to want to know how well-informed you are on the latest security
news and incidents. HINT: If you don’t make it a practice of keeping abreast of the latest
network security-related news, you better start now!
In terms of news sources, your best bets are Team Cymru, Twitter, or Reddit. Make
sure to check the sources of accuracy, though.

Q: What are the best defenses against a brute force login

attack?

A: There are three major measures you can take to defend against a brute force login
attack. For starters, there’s an account lockout. Offending accounts are locked out until
such time as the administrator decides to open it again. Next comes the progressive
delay defense. Here, the account stays locked for a given number of days after a few
unsuccessful login attempts are made. Finally, there’s the challenge-response test,
which heads off automatic submissions employed on the login page.

Q: Explain the difference between symmetric and

asymmetric encryption.
A: Long story short, symmetric encryption uses the same key for both encryption and
decryption, whereas asymmetric encryption employs different keys for the two
processes. Symmetric is faster for obvious reasons but requires sending the key
through an unencrypted channel, which is a risk.

Q: Explain the difference between a white and black hat

hacker.

A: Black and white hat hackers are different sides of the same coin. Both groups are
skilled and talented in gaining entry into networks and accessing otherwise protected
data. However, black hats are motivated by political agendas, personal greed, or
malice, whereas white hats strive to foil the former. Many white hats also conduct tests
and practice runs on network systems, to ascertain the effectiveness of security.

Q: Define the salting process and what it’s used for.

A: Salting is the process wherein you add special characters to a password in order to
make it stronger. This increases password strength in two ways: it makes it longer and it
adds another set of characters that a hacker would have to guess from. It’s a good
measure to take for users who tend to habitually make weak passwords, but overall it’s
a low-level defense since many experienced hackers are already familiar with the
process and take it into account.

Q: How do you deal with “Man In The Middle” attacks?

A: A Man in the Middle attack happens when there is a third party that’s monitoring and
controlling a conversation between two parties, with the latter completely unaware of the
situation. There are two ways of dealing with this attack. First of all, stay off of open Wi-
Fi networks. Second, both parties should employ end-to-end encryption.

Q: Which is the better security measure, HTTPS, or SSL?

A: HTTPS (Hypertext Transfer Protocol Secure) is HTTP combined with SSL,
encrypting a user’s browsing activity and making it safer. SSL (Secure Sockets Layer) is
a protocol that protects Internet conversations between two or more parties. Though it’s
close, SSL wins out in terms of sheer security, though any of these are valuable things
to know for the purposes of web development.

Q: Name the three means of user authentication.

A: There is biometrics (e.g. a thumbprint, iris scan), a token, or a password. There is

also two-level authentication, which employs two of those methods.

Q: Which is a more secure project: open-source or

proprietary?

A: This is a trick question; don’t be fooled! A project’s security is determined by the

quality of security measures used to protect it, the number of users/developers with
access, and the overall size of the project. The kind of project is irrelevant.

Q: If you work with a Linux server, what are the three

significant steps you must take in order to secure it?

A: In order to secure your Linux server, you must do the following, in order:

 Audit. Scan the system using Lynis. Each category gets scanned separately, and a
hardening index is generated for the next step.

 Hardening. Once auditing is done, hardening is done, based on the level of security
to be employed.

 Compliance. This is an ongoing step, as the system is checked daily.

Q: You discover an active problem on your organization’s
network, but it’s out of your sphere of influence. There’s no
doubt that you can fix it, though; so what do you do?

A: While the first impulse may be to immediately fix the problem, you need to go through
the proper channels. Things may be as they are for a reason. Use e-mail to notify the
person in charge of that department, expressing your concerns, and asking for
clarification. Make sure your boss is CC’ed into the email chain, and make sure that you
save a copy for yourself, in case you need to refer to it later.

Q: What’s the most effective measure to take against a

CSRF?

A: A Cross-Site Request Forgery (CSRF) attack causes a currently authenticated end-

user to execute unauthorized commands on a web application. There are two effective
defensive measures. First of all, use different names for each field of a form, as it
increases user anonymity. Second, include a random token with each request.

Q: You get a phone call from a very influential executive

high up on the organizational chart. He or she tells you to
bend company policy to suit them and let them use their
home device to do company work. What do you do?

A: This is another case of letting someone higher than you make the decision. Send the
question/request up to your manager and let them sort it out. This is far outside of your
realm. Let your boss deal with the higher-up.

Q: Which is worse in terms of Firewall detection, and why?

A false positive or a false negative?
A: A false negative is worse by far. A false positive is simply a legitimate result that just
got incorrectly flagged. While it’s irksome, it’s by no means fatal or difficult to correct.
But a false negative means that something bad has slipped through the firewall
undetected, and that means a host of problems down the road.

Q: Why are internal threats usually more effective than

external threats?

A: It all comes down to a question of physical location. A disgruntled soon to be ex-

employee, a hacker posing as a deliveryman, even just a careless curious user, all end
up having better access to the system due to them being on-site. Being “inside”
physically makes it easier to get inside virtually.