Network Security Engineer (L2) Interview Questions

Here is the set of most commonly asked interview question for L2 level security engineer. these questions will give you insight into what is the current trend in the market and what companies are looking for.

VPN
====
1 Phase 1 & phase 2 explanation.
2 What can you conclude by this error message in site to site VPN , MM_key_auth ( Message error ).
3 what is the major problem till now you experienced in ASA ?
4 What is the two tools that we can use for troubleshooting in ASA ?
5 Have you ever done ASA ios upgradation ?
6 asa conection table after 3 way handshake ?

Bluecoat
=========
1 How can we synchronize the bluecoat box in HA environment ?
2 What is IWA ?
3 Bluecoat is not getting the user directory details from AD . How will you troubleshoot the issue?
4 How will you check whether the access is there for user, ip address & group via cli and GUI?
5 What exactly can we see in the tcpdump output?
6 How Bluecoat process the packet once it received it .

Checkpoint
==========
1 What is SIC & its port number ?
2 What is the background process happens while the Management server pushes the policy to the gateway?
3 How you troubleshoot the cluster if both gateways are syncing with each other.
4 During peak hours, your primary firewall cpu utilization got 100% high. How will you troubleshoot the issue?
5 What is checkpoint packet flow?

F5
==
1 Explain the packet flow when outside users is trying to access the server that is sitting behind the F5 load balancer?
2 How will troubleshoot the issue if you are getting dup ack on the tcpdump output.
3 How will troubleshoot the issue if you are getting tcp reset on the tcpdump output.
4 What is i rule & what is it use?
5 What is dynamic load balancing & difference between observed & predictive?

Cisco ISE basic interview question and answer

Cisco FirePower (FTD) Interview Questions and Answers

Information Security interview questions

Cisco Stealthwatch basic interview questions and answers

Leave a Reply

%d bloggers like this: