Computer security Question:

Download Job Interview Questions and Answers PDF

Web server security

Computer security Interview Question
Computer security Interview Question

Answer:

There are a number of problems with web servers. Bugs in the server, stupid CGI scripts, erroneous configurations, strange other services (e.g. data base connections) are just a few things that might be used to damage your security.

You might want to look at the WWW Security FAQ to get some general security information on WWW.

If you install an Windows NT machine as a web server or a firewall, you should tighten up the security on that box more that you should do to ordinary machines on your internal network since a machine accessible from the Internet are more vulnerable and more likely to be attacked. Securing the machine gives you a bastion host. Some of the things you should do include

* Remove all protocol stacks except TCP/IP, since IP is the only protocol that runs on the Internet
* Remove some network bindings
* Disable all unnecessary accounts, like guest
* Remove share permissions and default shares
* Remove network access for everyone (User Manger -> Policies -> User rights, "Access this computer from the network")
* Disable unnecessary services (FTP, etc)
* Enable audit logging
* Track the audit information

Download Computer security Interview Questions And Answers PDF

Previous QuestionNext Question
What are giant packets? Or, is Windows NT susceptible to the PING attack?What is Rollback.exe?