Saturday, March 9, 2019

Aws

Top 12 SSL Interview Questions | Network Security


SSL short for Secure Socket Layer is solely responsible for protecting data while transfer from source to destination. Here is a list of SSL interview questions and answers which generally asked in an interview.

Q1. What are SSL certificates?

Ans: SSL is a standard security protocol which ensures confidentiality and integrity of data while in transit. It encrypts the data flow between the web browser and web server, hence ensures confidentiality. Also, web server and browser exchanges key to decrypt the data, which ensures the integrity of data.

Q2. Explain how SSL works?

Ans: SSL/TLS layer provides confidentiality and integrity while data is transmitting from source to destination.

Steps involved:

The user initiates the connection by typing the website address. Browser initiates SSL/TLS communication by sending a message to the website’s server.


Website’s server sends back the public key or certificate to the user’s browser.


User’s browser checks for public key or certificate. If it is ok, it creates a symmetric key and sends back to the website’s server. If the certificate is not ok, the communication fails.


On receiving the symmetric key, the website’s server sends the key and encrypted requested data.


User’s browser decrypts the content by using a symmetric key and this completes the SSL/TLS handshake. The user is able to see content as now connection is established.


Q3. What is asymmetric and symmetric encryption?

Ans: The major difference between symmetric and asymmetric cryptography is the use of the single key for encryption and decryption in case of symmetric cryptography while the use of the public and private key for encryption and decryption in case of asymmetric cryptography.

Q4. How SSL uses both asymmetric and symmetric encryption?

Ans: SSL used symmetric encryption to encrypt data between browser and web server while asymmetric encryption is used to exchange generated symmetric key which validates the identity of client and server.

Q5. What is a Certificate Signing Request (CSR)?

Ans: Certificate Signing Request or CSR is encoded information which contains the applicant’s information such as common name, a name of an organization, email address, city, state,  and country. This encoded information is used by certifying authority (CA) to issue an SSL certificate to the applicant.

Q6. What does a CSR look like?

Ans: CSR is base 64 encoded text to start with “—–BEGIN CERTIFICATE REQUEST—–” and end with“—–END CERTIFICATE REQUEST—–” lines.

Q7. Discuss some public-key encryption algorithms used in SSL.

Ans: Public key encryption is used to exchange the symmetric key between browser and web server. Some of the algorithms used Elliptic curve cryptography (ECC), RSA etc.

Q8. What are pre-shared key encryption algorithms?

Ans: Pre-shared key encryption algorithms refer to the symmetric key used to encrypt data between browser and web server. Most commonly used algorithms are Twofish, AES, or Blowfish as pre-shared key encryption algorithms.

Q9. What are the authentication levels of SSL/TLS certificates?

Ans: Authentication levels refers to the trustworthiness of hosted URL. Certifying Authority (CA) issue certificates to an organization on validating their identities.  It mainly categorizes into Domain Validation (DV), Organization Validation (OV) and Extended Validation (EV).

Q10. Explain Domain Validation (DV) authentication in SSL.

Ans: This is the lowest level of validation done by the Certifying Authority (CA) to issue a certificate to an organization. Here, CA only verifies whether the domain is controlled by an organization or not. This process can be done via email.

Q11. Explain Organization Validation (OV) authentication in SSL.

Ans: This is the medium level of validation done by the Certifying Authority (CA) to issue a certificate to an organization. Here, CA validates the name, state, and country of an organization. This process can be done by physically verifying the organization location.

Q12. Explain Extended Validation (EV) authentication in SSL.

Ans: This is the highest level of validation done by the Certifying Authority (CA) to issue a certificate to an organization. Here, CA validates ownership, physical location, state, and country of organization. This process can be done by physically verifying the organization location and checks the legal existence of the company.

Subscribe us to receive more such articles updates in your email.

If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!

No comments:

Post a Comment

Wireless Security Configuration: Protect Your Network Now!

Introduction: In today’s connected world, wireless networks are as common as smartphones, and they’re often the gateway to our personal, pr...