- According to you, what exactly is the role of a Cyber Security expert? …
- What do you know about the 80/20 rule in the Cyber Security Protocols? …
- In business, data is everything and as a security expert you know this, so how you will make sure data safety during your job?
Proxy vs reverse proxy vs load balancer (2020) | Explained with real life examples
Blue Coat Interview Questions and Answers
What does Blue coat do?
Blue coat gadgets are known as “double – use” innovation, since they can be utilized both to shield corporate systems and by governments to blue pencil and screen the open’s web traffic. The machines can see a few sorts of scrambled traffic, square sites or record site traffic.
What is Blue Coat intermediary? How does a Blue Coat intermediary work?
Blue Coat Proxy SG is a cloud-based item that gives clients web security. Interfacing this occasion source to Insight IDR will improve the security information for accessible for examination. The Blue Coat SG machine fills in as an intermediary for all HTTP, HTTPS, and FTP exchanges. It is designed with decides that course information to the Web sense ICAP server. Be that as it may, in checking mode, the Web sense ICAP server all around reacts to all diverted exchanges with Allow.
How accomplishes turn around intermediary work?
A converse intermediary is a server that sits before at least one web servers, blocking demands from customers. This is unique in relation to a forward intermediary, where the intermediary sits before the customers. The converse intermediary server will at that point send solicitations to and get reactions from the starting point server.
What are the essential systems administration gadgets you know about? Name one referencing model other than OSI?
The most valuable things are Modem, Router, Hub, Switch and Splitter are the essential systems administration gadgets. The referencing model other than OSI is TCP/IP. It represents Transmission Control Protocol/Internet Protocol. It isn’t generally utilized in the current situation when contrasted with the OSI.
Get your meaning by the term information embodiment?
Systems can confront a great deal of issues with regards to sending huge or cumbersome sizes. Consequently the information is commonly broken into the littler parts which are called as parcels or information bundles. The methodology is straightforward and for example the source and the goal address are appended through a transitory way that remaining parts dynamic till the transmission is going on.
What is a private IP address?
This is most vital thing in this angle. They are viewed as with regards to utilizing Intranets. They are not routable to outside open systems are commonly utilized for inside systems as it were. Same IPs can be utilized for numerous intranets.
Name the different strategies that an association can consider against SQL infusion?
These are the different techniques that an association can consider against SQL infusion were Stored Procedures, Database association client get to rights, disinfecting the client orders, controlling mistake messages, just as distinguishing hurtful code and dumping it are a portion of the methodologies that are useful as such.
What does OSI depend on? Name the layers present in it?
OSI represents open framework interconnection. There are absolute seven layers which are available in this referencing model. These are:
- Application Layer
- Presentation Layer
- Session Layer
- Transport Layer
- Network Layer
- Data Link Layer
- Physical Layer
The job of various layers is unique and they are liable for bunches of assignments in a system the board approach.
Characterize a hub? How it is not the same as a connection?
A hub is only a point where more prominent than or equivalent two gadgets join one another. In a couple of models, a hub is additionally considered as a PC on a system. On the opposite side, a connection is only the network among two hubs or gadgets. It very well may be wired or a remote connection relying on shape, size and different elements identified with the system. A connection is answerable for keeping up the association among various hubs on a solitary system.
Notice a few stages that you will take against Phishing?
The least complex methodology is thinking about a protection from against the spam as they are the difficulty makers much of the time. In the event that a spring up screen is there, individual data, for example, User ID and secret phrase must not be entered. Any sort of data identified with account ought not to be sent by means of individual email. Downloading of records got from obscure email ought to be maintained a strategic distance from and web joins present in them not to be clicked.
What are web server assaults? How might you forestall them?
These are fundamentally the assaults by programmers straightforwardly on the server to get entrance over the equivalent. Hacking of sites, programming, and hubs occur because of this. These assaults can be plugged up to extraordinary degree through the absolute most ideal ways. The initial step is to establishment and arrangement of server programming in a sheltered way. The server firewall should consistently be empowered. One must give close consideration to the framework helplessness. Now and again there is a need to handicap remote organization because of security conventions. All the records that are not, at this point being used ought to be expelled or erased from the server to keep away from web server assaults.
What do you think about a spine arrange?
It is essentially a methodology that is viewed as with regards to conveying information to different systems. The data transfer capacity the executives and channel authorizations are likewise the undertakings that it can deal with. In evident sense, it is the focal foundation.
What precisely information spillage is as indicated by you. What estimates will you take to stop it?
In fact information spillage is only the flight of IP from a pre-decided spot. It can now and again welcome enormous dangers and in this manner it is important to keep up the pace against it constantly. As one of the most well-known colloquialisms may be “Anticipation is superior to fix”, it’s smarter to focus on factors that can prompt the equivalent ahead of time. This incorporates innovation incidents, putting away reinforcement at an unreliable area which nowadays is the most widely recognized explanation behind information spillage. The framework arrangement in a questionable way, Human blunders, assault by programmers, deficient security control for the documents that are shared among offices, just as the degenerate equipment can be the main explanations behind this.
As per you, what precisely is the job of a Cyber Security master?
Digital Security specialists are required in both little a, just as in huge scope ventures. The job may differ contingent upon the position, idea of associations. Some significant jobs are legitimate execution of all security conventions to guarantee outrageous assurance to information, systems, and system hubs. Guaranteeing the loss of administration interference and information misfortune because of security issues is additionally one of the top duties of a Cyber Security master. What’s more, such a specialist must stay up with the latest with all the most recent insight methodologies and the basic methodologies programmers use to hack frameworks and information.
We have to think about your own attributes which you ought to consider with regards to ensuring the server or system information?
The fundamental methodology is introducing solid enemy of infection programming and suggesting all the security upgrades just as buys to the administration. It is essential that the framework got programmed refreshes. Passwords must not be imparted to any unapproved staff. Any information could prompt harm or misfortune to the association ought to be encoded electronically. Old PC ought not be discarded all things considered. It must be guaranteed that all the information have been erased from them. Likewise, an enemy of spyware apparatus would be ideal to keep up the pace. Additionally, data reinforcement after a particular timeframe is suggested.
What do you think around 80/20 principle in the Cyber Security Protocols?
All things considered, it is one of the significant conventions which portray Internet Protocol systems and its hubs where 80 percent of the general traffic stays neighborhood while the staying 20 percent is directed to a remote system.
What are passages? Recommend one technique to make a protected dial-up association with a remote server?
With regards to getting availability between at least two system portions, doors are utilized. A portal is fundamentally a PC that runs the concerned programming and offers administrations which are identified with interpretation. This should be possible through VPN for example Virtual Private Network.
What are web server vulnerabilities that lead to an unbound server?
There are a few vulnerabilities that can bring about same. In some cases the clients consider default settings and don’t redo them. This regularly makes vulnerabilities and forces chance on the general information present in the hubs. Many time the blunders in the web servers and working framework additionally prompts this and makes a great deal of security issues. Another weakness is ill-advised design of system and servers.
Tell the most extreme length which is took into account an UTP link? Is it conceivable to defeat this breaking point? Provided that this is true, how?
An UTP link can undoubtedly play out its errand up to 100 meters without debasing the proficiency. Truly, it is conceivable to surpass this breaking point. We need organizing gadgets, for example, switches and repeaters for this.
Clarify subnet covering? Name one closeness between Subnet Mask and IP address?
Once in a while there is a need to consolidate have address with the systems administration address. This is actually where this methodology is thought of. The all-encompassing system address can be just related to subnet veiling. It is like IP address as far as number of bits it is made of. Both IP and subnet pole are of 32-piece size.
What do you think about Parity Check-in information transmission over a system?
Gathering check is a significant way to deal with knows whether the information got is same as it was sent or not. As the information is sent in littler units called as bundles on a system and is in computerized structure, equality check guarantees that at collector is same as it was sent. Equality checker guarantees such an issue wouldn’t pronounce its essence. It is conceivable to address the mistakes when they are recognized.
Assume there is an association with a set number of PCs and gadgets in their office. What sort of system would it be advisable for them to utilize and why?
For restricted PCs and gadgets, LAN for example Neighborhood is a decent choice because of a few reasons. They are:
1.LAN guarantees quicker transfer speed
2.The expense isn’t so high
3.Implementation is a not a mind boggling task and much of the time, the system can be made in a brief timeframe range.
BCCPA Review Questions
Module 1: Introduction to the ProxySG
Review Questions and Answers
- Describe the role of a proxy server.
Answer: A proxy server is an intermediary that acts as both a server and a client for the purpose of
making requests on behalf of other clients. - Can proxy servers modify traffic between a client and server?
Answer: Yes - Where can you find information about the currently available models and capacities of the ProxySG
family?
Answer: bluecoat.com - Where can you go online to find the Blue Coat knowledge base?
Answer: support.bluecoat.com or bto.bluecoat.com
Module 2: ProxySG Security Deployments
- What are the three principal physical deployment methods for the ProxySG? Answer: Inline, virtually inline, out of path
- What are the two main client connection methods for the ProxySG? Answer: Explicit proxy, transparent proxy
- In which type of physical deployment is a ProxySG out of path but still has potential visibility to all traffic through the use of a device such as a WCCP-capable router or a Layer 4 switch? Answer: Virtually inline.
- Name three methods by which client configuration can be performed in an explicit ProxySG deployment. Possible answers: Configure the user agent to point to the IP address or hostname of the ProxySG; configure the user agent to use WPAD; configure the user agent to point to the location of a PAC file.
- In which client connection type are user agents aware that a proxy has been deployed? Answer: Explicit proxy.
- In an explicit ProxySG deployment, the TCP packet sent from the client to the ProxySG contains what value as the destination IP address? Answer: The IP address of the ProxySG or a load balancer
- In a transparent ProxySG deployment, the TCP packet sent from the client to the ProxySG contains what value as the destination IP address? Answer: The IP address of the origin content server
- In a transparent ProxySG deployment, the TCP packet sent from the ProxySG to the origin content server contains what value as the source IP address? Answer: It depends on whether client IP address reflection is enabled. If so, the client IP address; if not, the ProxySG IP address.
- True or false: Blue Coat Director cannot be used to configure a ProxySG until an IP address has been assigned to the ProxySG by either the front panel or the serial console. Answer: True.
- Which SGOS edition is designed for Secure Web Gateway deployments? Answer: Proxy Edition
- Can a ProxySG automatically get its own IPv4 address during initial configuration? Answer: No
- If you lose the password to the setup console, what methods can be used to regain access to the setup console? Possible answers: Use the front panel buttons and screen, if available on this model, to reset the password; open a serial connection, and use the CLI command restore-defaults factory-defaults; use the appliance reset button, if available on this model.
- When you issue the CLI command restore-defaults factory-defaults, does the ProxySG keep its configured IP address so it can continue to be accessed? Answer: No
- When configured as part of an IPv6 network, how does the ProxySG gets its IP address? Answer: The administrator must supply an IPv4 address manually. The ProxySG obtains an IPv6 address for each interface automatically, and the administrator can change these after completing initial configuration.
Module 3: ProxySG Initial Security Configuration
Review Questions and Answers
- True or false: Blue Coat Director cannot be used to configure a ProxySG until an IP address has been
assigned to the ProxySG by either the front panel or the serial console.
Answer: True. - Which SGOS edition is designed for Secure Web Gateway deployments?
Answer: Proxy Edition - Can a ProxySG automatically get its own IPv4 address during initial configuration?
Answer: No - If you lose the password to the setup console, what methods can be used to regain access to the setup
console?
Possible answers: Use the front panel buttons and screen, if available on this model, to reset the
password; open a serial connection, and use the CLI command restore-defaults
factory-defaults; use the appliance reset button, if available on this model. - When you issue the CLI command restore-defaults factory-defaults, does the ProxySG
keep its configured IP address so it can continue to be accessed?
Answer: No - When configured as part of an IPv6 network, how does the ProxySG gets its IP address?
Answer: The administrator must supply an IPv4 address manually. The ProxySG obtains an IPv6
address for each interface automatically, and the administrator can change these after completing
initial configuration.
Module 4: ProxySG Management Console
- What client-side technology does the Management Console use? Answer: Java applets
- What are the three main tabs of the Management Console? Answer: Statistics, Configuration, Management
- In the Management Console, how can you determine the serial number of the ProxySG? Answer: The serial number is contained in the header, or you can go to Maintenance > System and Disks.
- How does the Management Console perform commands on the ProxySG? Answer: By generating the appropriate CLI commands and executing them.
- Can an access control list for built-in ProxySG administration contain IP addresses, subnet masks, domain names, or some combination of these? Answer: IP addresses and subnet masks.
- What happens if two administrators on separate web browsers both change the time zone of the ProxySG? Answer: Last one wins.
- If you click Revert three times in the Management Console, what happens? Answer: Only the most recent uncommitted changes are undone; changes that already have been applied cannot be undone.
- When you click the Help button in the Management Console, what type of help can you expect to receive? Answer: Context-sensitive help related to the page from which you clicked Help.
- How many SGOS s can reside on one ProxySG at the same time? Answer: Up to five.
- In the Proxy Edition of SGOS, are client connections allowed or denied by default? Answer: Denied.
- Can you change from the Proxy Edition to the MACH5 Edition? Answer: Yes, but the previous configuration is lost.
- A newly-shipped physical ProxySG contains what type of license? Answer: Trial.
- True or false: Use of the Flash streaming proxy requires the installation of an optional license. Answer: True.
- Some models of the ProxySG have a user limit. This limit is based on what factor? Answer: The number of unique client IP addresses with open inbound TCP connections to the ProxySG.
FAQ
What is proxy interview questions?
- What is a proxy Server ?
- What is purpose of Proxy Servers ?
- What are different types of proxies ?
- What are different deployment modes of proxies ?
- Share some names of commonly used Proxy servers ?
- What is the default port of squid and how to change its operating port?
What does Blue Coat proxy do?