Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,520 --> 00:00:07,180
Scenario based questions plays a very vital role during the interview, because I interview always ask
2
00:00:07,180 --> 00:00:09,880
some questions related to scenario based questions.
3
00:00:10,690 --> 00:00:12,610
Now here a very important thing.
4
00:00:12,610 --> 00:00:16,450
Is that how you reply all those questions?
5
00:00:16,450 --> 00:00:20,920
Let's say we have just an example or definitely these type of questions.
6
00:00:20,920 --> 00:00:26,380
They always ask that if there is some DDoS attack, then how you can mitigate how what will be your
7
00:00:26,380 --> 00:00:27,510
plan, right?
8
00:00:27,820 --> 00:00:33,580
So you can read out these things that we can document the Australians plan, recognize the DDoS attack
9
00:00:33,580 --> 00:00:41,470
activity and we cannot assume that only largescale volumetric attacks are the problem site and we can't
10
00:00:41,470 --> 00:00:47,260
even rely on the traffic monitoring thresholds and we even IP or firewall and definitely there is a
11
00:00:47,260 --> 00:00:52,420
very special thing is that we can we have to engage the mitigation provider.
12
00:00:53,710 --> 00:00:57,520
And pair time to mitigation with successful attack protection.
13
00:00:57,610 --> 00:01:04,690
So apart from that, guys, we can we can make one of the scrubbing center to mitigate the DDoS attack.
14
00:01:05,020 --> 00:01:07,390
So now what is that scrubbing center?
15
00:01:08,280 --> 00:01:14,520
So scrubbing silver, we can say, is one of the dedicated machines that receives all network traffic
16
00:01:15,120 --> 00:01:18,750
and it filters all the network traffic.
17
00:01:19,680 --> 00:01:21,720
In the form of good traffic and bad.
18
00:01:22,410 --> 00:01:31,840
So generally it passes only the good traffic, which is not malicious in respect to this data packets.
19
00:01:32,670 --> 00:01:36,490
Now in our second we have suppose the server is compromised with the malware.
20
00:01:36,510 --> 00:01:39,570
What steps will you take to secure a server?
21
00:01:40,320 --> 00:01:43,380
Well, these are the protections you can take.
22
00:01:43,830 --> 00:01:47,340
These are the protection you can take just after.
23
00:01:49,590 --> 00:01:52,980
Before that compromise version of the server.
24
00:01:53,010 --> 00:01:53,550
Right.
25
00:01:54,090 --> 00:01:56,680
And even after the confirmation of the server.
26
00:01:56,700 --> 00:02:03,390
But along with that, you will have to, you know, isolate that machine, that server machine.
27
00:02:03,390 --> 00:02:05,160
You will have to isolate that server machine.
28
00:02:05,160 --> 00:02:11,430
I forgot to mention here those points here, you have to isolate it and you have to investigate whether
29
00:02:11,430 --> 00:02:13,380
there is something malicious or not.
30
00:02:13,380 --> 00:02:20,340
If there is something malicious found, you will have to clear all those things and you will have to
31
00:02:20,340 --> 00:02:24,420
check other parts of the network which machines were connected to this server.
32
00:02:24,840 --> 00:02:25,380
Right.
33
00:02:25,380 --> 00:02:27,180
And you have to clear all those things.
34
00:02:27,180 --> 00:02:33,810
So once you you get to know all those things, then you have to secure again, make a secure password.
35
00:02:33,810 --> 00:02:37,290
You can make the user that you use to manage the system.
36
00:02:37,290 --> 00:02:40,170
You can remove or remove the remote access from default.
37
00:02:40,170 --> 00:02:42,690
You can configure firewalls for remote access.
38
00:02:42,840 --> 00:02:44,340
These are the things you can do.
39
00:02:44,340 --> 00:02:50,790
And after doing these things, you can take that away in the you in your network.
40
00:02:52,960 --> 00:02:57,430
One more saw this scenario based questions we have.
41
00:02:57,430 --> 00:03:01,000
Suppose there is a no use case for BitTorrent, right?
42
00:03:01,030 --> 00:03:02,290
There is no quality.
43
00:03:03,310 --> 00:03:07,510
We have made any use cases for BitTorrent.
44
00:03:07,540 --> 00:03:09,430
Then how we can analyze that traffic.
45
00:03:09,430 --> 00:03:10,990
So that is quite very simple.
46
00:03:11,000 --> 00:03:14,350
We see BitTorrent or you can say peer to peer.
47
00:03:15,430 --> 00:03:21,280
This software generally works on port number 688126, eight, eight, nine, and sometimes it's six
48
00:03:21,580 --> 00:03:22,060
nine.
49
00:03:23,510 --> 00:03:24,830
So now what you can do.
50
00:03:24,860 --> 00:03:30,320
You can check the sim locks directly and you can filter out the port numbers with the help of port number,
51
00:03:30,380 --> 00:03:31,220
obviously.
52
00:03:31,670 --> 00:03:34,370
And you can also check the firewall logs.
53
00:03:34,370 --> 00:03:40,460
And there also you will you will have to keep the filter with the help of port number.
54
00:03:40,610 --> 00:03:48,230
And then you will get to know in the in the raw data or you can see the payload that the IP address,
55
00:03:48,230 --> 00:03:51,980
the URL and the port number, these things you will get.
56
00:03:51,980 --> 00:03:57,820
And with the help of these, that will be very easy to know that whether it's a torrent or not because
57
00:03:57,830 --> 00:04:02,690
you once you will search on the Google, you will get to know that this IP is delivered through some
58
00:04:02,690 --> 00:04:02,930
tools.
59
00:04:02,960 --> 00:04:04,910
Something appear to be a connection.
60
00:04:06,920 --> 00:04:09,500
Now let's say our data breach on the network.
61
00:04:09,620 --> 00:04:13,610
So what is the first thing you do when the attack occurs on the network?
62
00:04:14,090 --> 00:04:16,010
So this one is very important one.
63
00:04:16,190 --> 00:04:21,140
Basically, they they just ask this question just to know that what action you can take.
64
00:04:21,140 --> 00:04:25,820
So what was the incident response plan in place or your organization?
65
00:04:26,560 --> 00:04:26,680
Right.
66
00:04:26,750 --> 00:04:29,020
So investigate the incident.
67
00:04:29,030 --> 00:04:30,230
That is the first part.
68
00:04:30,260 --> 00:04:33,800
If the breach is valid, then we have to inform the management.
69
00:04:33,830 --> 00:04:35,150
That's quite very simple.
70
00:04:35,420 --> 00:04:39,560
And then identify the suspected, you know, the root cause of the incident.
71
00:04:40,100 --> 00:04:42,200
So this one, we have to find out.
72
00:04:42,200 --> 00:04:48,710
And then if we get to know where something is malicious and something is affected, then we need to
73
00:04:48,710 --> 00:04:52,430
isolate that effective system and get the cause of the breach.
74
00:04:53,150 --> 00:04:58,520
Then implement policy, procedure, procedures, procedures, whatever the things they is there, perform
75
00:04:58,520 --> 00:05:04,220
period technology, audit or risk assessment combined with network penetration testing to identify weaknesses
76
00:05:04,220 --> 00:05:05,090
in the system.
77
00:05:05,480 --> 00:05:08,930
So that's what comes in the role.
78
00:05:10,530 --> 00:05:14,820
Now, how do you keep devices secure if they are on public Wi-Fi?
79
00:05:14,850 --> 00:05:22,950
So, well, the first prescription for this is users should use their own mobile hotspot.
80
00:05:23,250 --> 00:05:29,820
If they can't use it, then just tell to the user that they are they should connected with the VPN because
81
00:05:29,820 --> 00:05:36,540
once they will connect with European, every data is going to be encrypt through it and it will communicate
82
00:05:36,540 --> 00:05:38,070
through a tunnel.
83
00:05:38,100 --> 00:05:42,210
So through that, the communication will be secure.
84
00:05:43,800 --> 00:05:49,530
So that's it, guys, and we'll meet in the next video with the roles and responsibilities and same
85
00:05:49,530 --> 00:05:51,150
questions, which is very important.
86
00:05:51,150 --> 00:05:52,890
This part is very important.
8386
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.