CyberSecurity NAT related interview question and answer

=============================== DAILY TASKS - INTERVIEW Q&A =========================== 1. FIREWALL RULE CREATION Q1. What is your daily activity in firewall management? A: I create and manage firewall rules based on daily requirements and change requests. Q2. What parameters are used in firewall rule creation? A: * Source IP (Example: 172.16.x.x) * Destination IP (Example: 192.x.x.x) * Port (Example: 443) * Application (Example: Facebook) * Action (Allow/Deny) Q3. How do you create a firewall rule? A: * Open firewall policy * Create new rule * Define source and destination IP * Assign port (443 for HTTPS) * Add application (App-based rule) * Set action to Allow or Deny * Save and apply changes Q4. What is port 443 used for? A: Port 443 is used for secure HTTPS communication. --- 2. URL ACCESS / PROXY (FORCEPOINT, NETSKOPE, ZSCALER) Q5. How do you allow URLs for specific users? A: * Identify user (Example: ABC user) * Add URL in proxy exception list * Assign policy to that specific user Q6. Which tools have you used for URL filtering? A: Forcepoint Proxy, Netskope, and Zscaler. Q7. How do you configure URL exception in Forcepoint? A: * Login to Forcepoint console * Create exception rule * Add exception name and SR number * Enter URL (facebook.com, chat.facebook.com) * Map to specific user * Save and apply policy Q8. What is the purpose of proxy? A: Proxy is used to monitor, filter, and control internet usage. --- 3. DLP (DATA LOSS PREVENTION) Q9. What is DLP? A: DLP (Data Loss Prevention) is used to prevent sensitive data leakage. Q10. What are your daily DLP activities? A: * Monitor DLP console * Check reports (Example: 900 systems reporting, 100 not reporting) * Identify machines not updated with latest policy * Download and analyze reports Q11. What issues do you handle in DLP? A: * Systems not connected for 7 days * Outdated policy version * Agent not reporting Q12. How do you resolve DLP issues? A: * Check network connectivity * Restart DLP agent service * Update policy manually * Coordinate with asset team --- 4. TREND MICRO (ENDPOINT SECURITY) Q13. What is Trend Micro? A: Trend Micro is an endpoint security solution for antivirus and threat protection. Q14. What are Trend Micro reports? A: * System status report * Machines not updated * Smart pattern update status Q15. What is Smart Pattern? A: It is the virus definition update used to detect new threats. Q16. What will you do if machines are not updated? A: * Check update server * Force manual update * Verify connectivity * Restart services --- 5. VPN (IPSEC) Q17. What is VPN? A: VPN (Virtual Private Network) provides secure access over public networks. Q18. What is IPsec VPN? A: IPsec is a protocol used to encrypt and secure network communication. Q19. Where is IPsec used? A: * Site-to-site VPN * Remote access VPN --- 6. REAL-TIME SCENARIOS Q20. User cannot access website, what will you check? A: * Firewall rule * URL filtering policy * Proxy configuration * User access rights Q21. DLP system not reporting? A: * Check agent status * Verify policy update * Restart service * Reinstall agent if required Q22. Trend Micro not updating? A: * Check internet connectivity * Verify update server * Perform manual update =============================== END OF NOTES ============