Some Questions about Network Security

In the IT security interview process, the basic network knowledge must meet the following requirements:
1. Understanding models: in particular, you must understand the OSI, TCP/IP, Cisco, and in-depth defense network models.
2. Understand Layer 2 related issues, including conflicting domains, broadcast domains, switching and collection lines, port security, and Spanning Tree topics
3. Understand layer-3 related issues: including IP routing protocols; internal routing protocols, such as r12001/v2 and OSPF; External routing protocols, such as BGP, subnetworks, and supernetworks; network Address Translation (NAT) and IPv6
4. Understand layer-4 related issues: including TCP and UDP, session establishment, header and options, port address translation, and common ports
5. Understand layer-5 to layer-7 issues, including application vulnerabilities, Trojan/worm/virus, content filtering, and IDS/ISP/IDP.
Most of the content here will be explained in detail below
1. What is the OSI model?
This question involves a wide range of topics, and it is difficult to answer in a short language. The answer involves layer-7 and related Protocols. The answer is very important to discuss the concept of encapsulation ...... Physical Layer: "bit stream", "data frame" at the data link layer, and "datagram" at the network layer are simple but important for IT security job seeking.
2. What is the TCP/IP Model and Its Relationship with the OSI model?
It is very important to search for yourself ......

Iii. What is the Cisco standard framework?
Core layer, distribution layer (aggregation layer), and access layer. The concept of each layer needs to be understood.
4. How to implement in-depth defense in the OSI model
This is a big problem for network engineers. Defense in depth can be explained from two different perspectives. First, we should understand it from the perspective of layered security mechanisms and call it in-depth defense. Defense in depth is a standard methodology that emphasizes security requirements at three levels: management, technology, and business. Before the hierarchy, the establishment of in-depth defense focuses more on policies and procedures, rather than the security mechanism that actually protects resources. Defense in depth includes physical and human security. As mentioned above, the OSI model is the basis for interpreting the concept of defense in depth. We should all know that defense in depth means using multiple methods and protection methods to achieve security protection. You can understand the defense in depth by discussing the protection adopted by each layer of the OSI model. As a company, he will hire a patrol officer (the first layer) for the physical line, sit on the port security (the second layer) on the switch, and make an access list (the third layer) on the border router ), set IDS/IDP monitoring/blocking (third ~ 7), establish an SSL channel (layer 6), set content filtering (Layer 7), provide AAA service (Layer 7), and perform vulnerability scanning (Layer 4 ~ 7) and virus scanning (Layer 7 ......

5. Why is the network layer-based?
All network models are layer-based. Why? Essentially, the concept of the ISO release layer is to describe the logical functions of the network. Each layer is independent and provides its own special services. Therefore, it has its own data structure (Header/tail ). At each layer, the corresponding header and tail are processed, and the data content is pushed into the stack. In addition, it is necessary to provide a relatively independent platform for different vendor environments.

6. What is the principle, purpose, and type of the Spanning Tree Protocol?
The Spanning Tree Protocol is applied to the second layer. It is used to eliminate network loops and control network transmission through selective enabling and blocking ports ...... Omitted later

7. How many common ports do you know?
FTP port 21 Ssh service port 22
Tenet port 23
To view the port, follow these steps:
C: \ Windows \ System32 \ drivers \ etc \ servies open it in notepad and you can view it.




8. How is the port security of a vswitch implemented?
Port security is more and more widely used in enterprise private networks nowadays, and more problems are caused. Port Security is a feature of a vswitch. It means that a vswitch can store MAC addresses on a given port. Only communications originating from this address are allowed by the vswitch. If a device with different MAC addresses tries to connect, the switch will disable the port and prompt the network administrator. Although some people have proposed port security to restrict mobile office, it provides an excellent security mechanism for controlling network access.

9. What is the difference between the routing protocol and the routing protocol?


10. What is access control?
11. What is the minimum permission?
12. How to define confidentiality?