Cisco Ccsp Interview Questions

1. What is meant by port blocking within LAN ?

Restricting packet flow via specific ports. Usage--limit and/or control accessibility/availabilitry to/of specific services/resources.

2. In terms of efficient network operation, is it better to have bigger or smaller collision and broadcast domains? If it is better to have smaller ones, why is smaller better, and how do we make them smaller? If it is better to have bigger ones, why is bigger better, and how do we make them bigger? What else can you tell me about them?

there should be a smaller collision domain to have a efficient network. to create a smaller collision domain we can use sub-netting of ip's address. to make network more efficient we can use routers/layer 3 switches. Another thing is that as we have more broadcast domain, smaller the broadcast domain, which makes the collision domain smaller also.

3. How do you use RSA for both authentication and secrecy?

RSA is based upon public key/private key concept. For authentication one can encrypt the hash (MD5/SHA) of the data with his private key. This is known as digital signature. And secrecy is achieved by encrypting the data with the public key of the target user. Generally we dont use RSA for encryption because of key size (1024 bits). Rather a symmetric session key (128/256 bit) is established between communicating parties and is used for encryption.

4. How do you do authentication with message digest(MD5)? (Usually MD is used for finding tampering of data)

MD5 is a cryptographic hash function with a 128-bit hash value output. It is used to check the integrity of files/input. An MD5 hash is expressed as a 32-character hex number.It takes the variable-length input and converts it into a fixed length output of 128-bits called as MD5 hash. It is a one-way hash function. Any change in the message would result in a completely different hash. Hence, the message (input/password etc.) would fail the authentication process if they are incorrect or altered in any way.