[30+] Blue Coat Interview Questions and Answers [ FRESHERS ]

Last updated on 12th Nov 2021, Blog, Interview Questions

If you’re looking for Blue Coat Interview Questions & Answers for Experienced or Freshers, you are at the right place. There are a lot of opportunities from many reputed companies in the world. According to research, Blue Coat has a market share of about 0.9%. So, You still have the opportunity to move ahead in your career in Blue Coat Administration. ACTE offers Advanced Blue Coat Interview Questions 2021 that helps you in cracking your interview & acquire a dream career as a Blue Coat Administrator.

1. According to you, what exactly is the role of a Cyber Security expert?

Ans:

• Cyber Security experts are required in both small, as well as large-scale enterprises. The role may vary depending on the position, nature of the organization. Some important roles are the proper implementation of all security protocols to assure extreme protection to data, networks, & network nodes.
• Assuring the loss of service interruption and data loss due to security issues is also one of the top responsibilities of a Cyber Security expert. In addition to this, such an expert must keep himself up-to-date with all the latest intelligence strategies and the common approaches hackers use to hack systems and data.

2. What do you know about the 80/20 rule in the Cyber Security Protocols?

Ans:

Well, it is one of the very important protocols which describe Internet Protocol networks and their nodes where 80 percent of the overall traffic remains local while the remaining 20 percent is routed to a remote network.

3. In business, data is everything and as a +$³ : ⁴ity expert you know this, so how you will make sure data safety during your job?

Ans:

• First I begin with the basic things that are necessary to pay attention to. Installation of Cyber Security software is the first step to be implemented and I will do this. This basically includes the installation of data encryption software, firewalls, and so on.
• Next, I will pay attention to staff training which is a relevant step to ensure all the networks and widgets are secure. The training includes network security procedures and how they are considered. A back-up plan against network disaster is also something that would eliminate all the risks in case things go wrong.

4. What do you mean by phishing?

Ans:

It is basically an approach that simply deceit people from getting data from the users. Regular or genuine WebPages such as email-IDs ask users to enter their own password and ID.

5. What exactly data leakage is according to you. What measures will you take to stop it?

Ans:

• Technically data leakage is nothing but the departure of IP from a pre-determined place. It can sometimes invite huge risks and therefore it is necessary to keep up the pace against it all the time. As one of the most common sayings is “Prevention is better than cure”, it’s better to pay attention to factors that can lead to the same in advance.
• This includes technology mishaps, storing backup at an insecure location which these days is the most common reason for data leakage. The system configuration in an unreliable manner, Human errors, attack by hackers, inadequate security control for the files that are shared among departments, as well as corrupt hardware can be the leading reasons for this.

6. What are gateways?

Ans:

When it comes to getting connectivity between two or more network segments, gateways are used. A gateway is basically a computer that runs the concerned software and offers services that are related to translation.

7. Tell everything you know about the loss prevention controls?

Ans:

Well, there are certain factors that are relevant as well as important in this matter. The very first thing that can be done to avoid them is creating the information risk profile, next is to develop the framework following all the security protocols. A workflow diagram would be helpful for this. Also, a response chart can contribute equally.

Appendance of DLP controls all over the organization is something that is also helpful in this manner. All the outcomes for cutting down risk must be paid close attention. All the responsibilities must be properly assigned to the incident analyst, forensic investigators, local technical administrators, as well as to auditors for loss control prevention.

8. What is the significance of a NIC?

Ans:

It is basically a card that is attached to the motherboard and is responsible for connecting a PC to a network

9. We need to know about your personal traits which you should consider when it comes to protecting the server or network data.?

Ans:

• The basic approach is installing strong anti-virus software and recommending all the security enhancements as well as purchases to the management. It is necessary that the system received automatic updates. Passwords must not be shared with any unauthorized staff. Any data that could lead to damage or loss to the organization should be encrypted electronically.
• Old PC should not be disposed of as it is. It must be ensured that all the data have been deleted from them. In addition to this, an anti-spyware tool would be best to keep up the pace. Also, information backup after a specific time period is recommended.

10. What do you know about a backbone network?

Ans:

It is basically an approach that is considered when it comes to distributing the data to various networks. The bandwidth management and channel legalizations are also the tasks that they can handle. In a true sense, it is the central infrastructure.

11. What exactly do you know about WEP cracking? Can you also tell what its types are?

Ans:

It is basically a methodology of manipulating the susceptibility in the wireless servers or networks to gain access in an unauthorized manner. Active and Passive cracking are the two types. Active cracking doesn’t create any effect on the traffic until WEP security is performing its task. On the other side, the aim of the passive attack is nothing but to simply enhance the load on the network to cut down the performance. It can easily be detected.

12. Name some WEP cracking tools you are familiar with?

Ans:

The following are some of the common WEP cracking tools.

• Kismet
• WEP Crack
• WebDecryp
• AirCrack

13. What do you mean by the term network topology in network management?

Ans:

In a network, it is possible to connect nodes or devices in various methods depending upon their number, requirement, and tasks. The way they can be connected with each other is termed as topology in a network. Some common types of topologies are:

• Start Topology
• Hybrid Topology
• Mesh Topology
• Ring topology
• Tree Topology

14. What are web server vulnerabilities that lead to an unsecured server?

Ans:

There are several vulnerabilities that can result in the same. Sometimes the users consider default settings and don’t customize them. This often creates vulnerabilities and imposes risk on the overall data present in the nodes. Many times the errors in the web servers and operating system also lead to this and create a lot of security issues. Another vulnerability is the improper configuration of the network and servers.

15. Tell the maximum length which is allowed for a UTP cable? Is it possible to overcome this limit? If so, how?

Ans:

A UTP cable can easily perform its task up to 100 meters without degrading its efficiency. Yes, it is possible to exceed this limit. We need networking devices such as switches and repeaters for this.

16. What are web server attacks? How can you prevent them?

Ans:

These are basically the attacks by hackers directly on the server to gain access over the same. The hacking of websites, software, and nodes happens due to this. These attacks can be stopped up to a great extent through some of the best possible ways. The first step is to install and configure server software in a safe manner. The server firewall must always be enabled.

One must pay close attention to the system’s vulnerability. Sometimes there is a need to disable remote administration due to security protocols. All the accounts that are no longer in use should be removed or deleted from the server to avoid web server attacks.

17. Name a few useful certifications for Cyber Security Experts?

Ans:

• CSL (Certified Security Leadership)
• GSEC (General Security Essentials)
• CFA (Certified Forensic Analyst)
• CFA (Certified Firewall analyst) are some of the best available options.

18. Name the various methods that an organization can consider against SQL injection?

Ans:

Stored Procedures, Database connection user access rights, sanitizing the user commands, controlling error messages, as well as detecting harmful code, and dumping it are some of the approaches that are helpful in this manner.

19. Suggest one method to create a secure dial-up connection to a remote server

Ans:

This can be done through VPN i.e. Virtual Private Network

20. What does OSI stands for? Name the layers present in it?

Ans:

OSI stands for open system interconnection. There are a total of seven layers that are present in this referencing model.

• Application Layer
• Presentation Layer
• Session Layer
• Transport Layer
• Network Layer
• Data Link Laye
• Physical Layer

21. Name one referencing model other than OSI?

Ans:

TCP/IP. It stands for Transmission Control Protocol/Internet Protocol. It is not widely used in the present scenario as compared to the OSI.

22. Define a node? How it is different from a link?

Ans:

A node is nothing but a point where greater than or equal two devices join each other. In a few models, a node is also considered as a computer on a network. On the other side, a link is nothing but the connectivity among two nodes or devices.

23. Suppose there is an organization with a limited number of computers and devices in their office. What type of network should they use and why?

Ans:

For limited computers and devices, LAN i.e. Local Area Networking is a good option due to several reasons. They are:

• LAN assures faster bandwidth
• The cost is not so high
• Implementation is not a complex task and in many cases, the network can be created in a short time span.

24. What are the basic networking devices you are familiar with?

Ans:

The following are the basic networking devices:

• Modem
• Router
• Hub
• Switch
• Splitter

25. Mention some steps that you will take against Phishing

Ans:

The simplest approach is considering a guard against spam as they are the trouble creators in many cases. In case a pop-up screen is there, personal information such as User ID and password must not be entered. Any kind of information related to finance should not be sent via personal e-mail. Downloading of files received from unknown e-mail should be avoided and web links present in them should not be clicked.

26. Explain subnet masking? Name one similarity between Subnet Mask and IP address?

Ans:

Sometimes there is a need to combine the host address with the networking address. This is exactly where this approach is considered. The extended network address can be simply identified with subnet masking. It is similar to an IP address in terms of the number of bits it is made of. Both IP and subnet mast are of a 32-bit size.

27. What do you mean by the term data encapsulation?

Ans:

Networks can face a lot of issues when it comes to sending large or bulky sizes. Thus the data is generally broken into smaller parts which are called packets or data packets. The approach is simple and i.e. the source and the destination address are attached through a temporary path that remains active till the transmission is going on.

28. What do you know about Parity Check-in data transmission over a network?

Ans:

Party check is an important approach to know whether the data received is the same as it was sent or not. As the data is sent in smaller units called packets on a network and is in digital form, parity check assures that at the receiver is the same as it was sent. Parity checker assures such an issue wouldn’t declare its presence. It is possible to correct the errors when they are detected.

29. What is a private IP address?

Ans:

They are considered when it comes to using Intranets. They are not routable to external public networks are generally used for internal networks only. The same IPs can be used for multiple intranets.

30. What does Blue coat do?

Ans:

Blue coat gadgets are known as “double – use” innovation, since they can be utilized both to shield corporate systems and by governments to blue pencil and screen the open’s web traffic. The machines can see a few sorts of scrambled traffic, square sites or record site traffic.

31. What is Blue Coat intermediary? How does a Blue Coat intermediary work?

Ans:

Blue Coat Proxy SG is a cloud-based item that gives clients web security. Interfacing this occasion source to Insight IDR will improve the security information for accessible for examination. The Blue Coat SG machine fills in as an intermediary for all HTTP, HTTPS, and FTP exchanges. It is designed with decides that course information to the Web sense ICAP server. Be that as it may, in checking mode, the Web sense ICAP server all around reacts to all diverted exchanges with Allow.

32. How accomplishes turn around intermediary work?

Ans:

A converse intermediary is a server that sits before at least one web servers, blocking demands from customers. This is unique in relation to a forward intermediary, where the intermediary sits before the customers. The converse intermediary server will at that point send solicitations to and get reactions from the starting point server.

33. What are the essential systems administration gadgets you know about? Name one referencing model other than OSI?

Ans:

The most valuable things are Modem, Router, Hub, Switch and Splitter are the essential systems administration gadgets. The referencing model other than OSI is TCP/IP. It represents Transmission Control Protocol/Internet Protocol. It isn’t generally utilized in the current situation when contrasted with the OSI.

34. Get your meaning by the term information embodiment?

Ans:

Systems can confront a great deal of issues with regards to sending huge or cumbersome sizes. Consequently the information is commonly broken into the littler parts which are called as parcels or information bundles. The methodology is straightforward and for example the source and the goal address are appended through a transitory way that remaining parts dynamic till the transmission is going on.

35. Characterize a hub? How it is not the same as a connection?

Ans:

A hub is only a point where more prominent than or equivalent two gadgets join one another. In a couple of models, a hub is additionally considered as a PC on a system. On the opposite side, a connection is only the network among two hubs or gadgets. It very well may be wired remote connection relying on shape, size and different elements identified with the system. A connection is answerable for keeping up the association among various hubs on a solitary system.

36. Notice a few stages that you will take against Phishing?

Ans:

The least complex methodology is thinking about a protection from against the spam as they are the difficulty makers much of the time. In the event that a spring up screen is there, individual data, for example, User ID and secret phrase must not be entered. Any sort of data identified with account ought not to be sent by means of individual email. Downloading of records got from obscure email ought to be maintained a strategic distance from and web joins present in them not to be clicked.

37. What are web server assaults? How might you forestall them?

Ans:

These are fundamentally the assaults by programmers straightforwardly on the server to get entrance over the equivalent. Hacking of sites, programming, and hubs occur because of this. These assaults can be plugged up to extraordinary degree through the absolute most ideal ways. The initial step is to establishment and arrangement of server programming in a sheltered way. The server firewall should consistently be empowered. One must give close consideration to the framework helplessness. Now and again there is a need to handicap remote organization because of security conventions. All the records that are not, at this point being used ought to be expelled or erased from the server to keep away from web server assaults.

38. What do you think about a spine arrange?

Ans:

It is essentially a methodology that is viewed as with regards to conveying information to different systems. The data transfer capacity the executives and channel authorizations are likewise the undertakings that it can deal with. In evident sense, it is the focal foundation.

39. What precisely information spillage is as indicated by you. What estimates will you take to stop it?

Ans:

In fact information spillage is only the flight of IP from a pre-decided spot. It can now and again welcome enormous dangers and in this manner it is important to keep up the pace against it constantly. As one of the most well-known colloquialisms may be “Anticipation is superior to fix”, it’s smarter to focus on factors that can prompt the equivalent ahead of time. This incorporates innovation incidents, putting away reinforcement at an unreliable area which nowadays is the most widely recognized explanation behind information spillage. The framework arrangement in a questionable way, Human blunders, assault by programmers, deficient security control for the documents that are shared among offices, just as the degenerate equipment can be the main explanations behind this.

40. We have to think about your own attributes which you ought to consider with regards to ensuring the server or system information?

Ans:

The fundamental methodology is introducing solid enemy of infection programming and suggesting all the security upgrades just as buys to the administration. It is essential that the framework got programmed refreshes. Passwords must not be imparted to any unapproved staff. Any information could prompt harm or misfortune to the association ought to be encoded electronically. Old PC ought not be discarded all things considered.

41. What are passages? Recommend one technique to make a protected dial-up association with a remote server?

Ans:

With regards to getting availability between at least two system portions, doors are utilized. A portal is fundamentally a PC that runs the concerned programming and offers administrations which are identified with interpretation. This should be possible through VPN for example Virtual Private Network.

42. What are web server vulnerabilities that lead to an unbound server?

Ans:

There are a few vulnerabilities that can bring about same. In some cases the clients consider default settings and don’t redo them. This regularly makes vulnerabilities and forces chance on the general information present in the hubs. Many time the blunders in the web servers and working framework additionally prompts this and makes a great deal of security issues. Another weakness is ill-advised design of system and servers.

43. Clarify subnet covering? Name one closeness between Subnet Mask and IP address?

Ans:

Once in a while there is a need to consolidate have address with the systems administration address. This is actually where this methodology is thought of. The all-encompassing system address can be just related to subnet veiling. It is like IP address as far as number of bits it is made of. Both IP and subnet pole are of 32-piece size.

44. What do you think about Parity Check-in information transmission over a system?

Ans:

Gathering check is a significant way to deal with knows whether the information got is same as it was sent or not. As the information is sent in littler units called as bundles on a system and is in computerized structure, equality check guarantees that at collector is same as it was sent. Equality checker guarantees such an issue wouldn’t pronounce its essence. It is conceivable to address the mistakes when they are recognized.

45. Assume there is an association with a set number of PCs and gadgets in their office. What sort of system would it be advisable for them to utilize and why?

Ans:

For restricted PCs and gadgets, LAN for example Neighborhood is a decent choice because of a few reasons. They are:

• LAN guarantees quicker transfer speed
• The expense isn’t so high
• Implementation is a not a mind boggling task and much of the time, the system can be made in a brief timeframe range.

46. What is Symantec ProxySG?

Ans:

ProxySG conveys an adaptable intermediary stage design to make sure about web interchanges and quicken the conveyance of business applications. ProxySG empowers adaptable, granular, strategy powers over substance, clients, applications, web applications, and conventions.

47. Describe the role of a proxy server?

Ans:

A proxy server is an intermediary that acts as both a server and a client for the purpose of making requests on behalf of other clients.

48. Can proxy servers modify traffic between a client and server?

Ans:

Yes, proxy servers can modify traffic between a client and server.

49. Where can you find information about the currently available models and capacities of the ProxySGfamily?

Ans:

Model Specifications:

• ProxySG Product Family
• License Capacity – Concurrent Users
• Proxy Edition License

50. Where can you go online to find the Blue Coat knowledge base?

Ans:

Having moved to Symantec Knowledge base as part of the migration, the old links may not work properly.

51. What are the three principal physical deployment methods for the ProxySG?

Ans:

Inline, virtually inline, out of path

52. What are the two main client connection methods for the ProxySG?

Ans:

Explicit proxy, transparent proxy

53. In which type of physical deployment is a ProxySG out of path but still has potential visibility to all traffic through the use of a device such as a WCCP-capable router or a Layer 4 switch?

Ans:

Virtually inline.

54. Name three methods by which client configuration can be performed in an explicit ProxySG deployment.

Ans:

• Configure the user agent to point to the IP address or hostname of the ProxySG;
• configure the user agent to use WPAD; configure the user agent to point to the location of a PAC file.

55. In which client connection type are user agents aware that a proxy has been deployed?

Ans:

Explicit proxy-In an explicit ProxySG deployment, the TCP packet sent from the client to the ProxySG contains.

56. What value as the destination IP address?

Ans:

• The IP address of the ProxySG or a load balancer
• In a transparent ProxySG deployment, the TCP packet sent from the client to the ProxySG contains

57. Which server contains what value as the source IP address?

Ans:

It depends on whether client IP address reflection is enabled. If so, the client IP address; if not, the ProxySG IP address.

58. In NTLM authentication, are passwords transmitted in plaintext, base 64-encoded, or encrypted?

Ans:

The challenge-response architecture of NTLM allows the client to be authenticated without ever trans

59. Which SGOS edition is designed for Secure Web Gateway deployments?

Ans:

Proxy Edition

60. If you enable client IP address reflection for all proxy services, what could cause client traffic to be handled incorrectly?

Ans:

Asymmetric routing could cause TCP connections to be dropped and client requests to fail.

61. If you lose the password to the setup console, what methods can be used to regain access to the setup console?

Ans:

62. What happens if two administrators on separate web browsers both change the time zone of the ProxySG?

Ans:

Last one wins.

63. When configured as part of an IPv6 network, how does the ProxySG gets its IP address?

Ans:

The administrator must supply an IPv4 address manually. The ProxySG obtains an IPv6 address for each interface automatically, and the administrator can change these after completing initial configuration.

64. What client-side technology does the Management Console use?

Ans:

Java applets

65. What are the three main tabs of the Management Console?

Ans:

Statistics, Configuration, Management.

66. In the Management Console, how can you determine the serial number of the ProxySG?

Ans:

The serial number is contained in the header, or you can go to Maintenance > System and Disks.

67. How does the Management Console perform commands on the ProxySG?

Ans:

• By generating the appropriate CLI commands and executing them.
• Can an access control list for built-in ProxySG administration contain IP addresses, subnet masks.

68. What are the domain names, or some combination of these?

Ans:

IP addresses and subnet masks.

69. If you click Revert three times in the Management Console, what happens?

Ans:

Only the most recent uncommitted changes are undone; changes that already have been applied cannot be undone.

70. When you click the Help button in the Management Console, what type of help can you expect to receive?

Ans:

Context-sensitive help related to the page from which you clicked Help.

71. How many SGOS images can reside on one ProxySG at the same time?

Ans:

Up to five.

72. Which WebPulse uses URL information from which Blue Coat products?

Ans:

ProxySG, ProxyClient, K9.

73.In WebPulse, does background analysis of URLs use human raters?

Ans:

Yes, but only if machine analysis is inconclusive.

74. Where is the WebFilter database stored?

Ans:

On both the ProxySG and at several data centers around the world.

75. Why does the Internal HTTP proxy service use the TCP Tunnel proxy by default?

Ans:

Many internal applications are not fully HTTP-compliant, which might cause the ProxySG to reject connections.

76. When WebFilter is enabled, how often does the ProxySG check for updates to the WebFilter database?

Ans:

Every five minutes, during the hours of the day that are specified in the Management Console.

77. When dynamic categorization is disabled, what information is sent to WebPulse for each transaction?

Ans:

The ProxySG does not contact WebPulse when dynamic categorization is disabled.

78. If both WebFilter and a local content filtering database are enabled on the ProxySG, which set of categories takes priority in policy processing?

Ans:

Neither has automatic priority. The order of rules and layers in policy determines how categories affect the decision to allow or deny a transaction.

79. If a URL is categorized by WebFilter as “None,” what does this mean?

Ans:

The URL is for a site that has not been categorized by WebFilter. This is common for intranet sites.

80. A URL that is categorized by WebFilter can have how many applications associated with it?

Ans:

Zero or one.

81. What list on the ProxySG can be configured to prevent requests to specific URLs from being shared with WebPulse?

Ans:

The private networks list.

82. What types of authentication credentials are supported in an IWA realm?

Ans:

Basic, NTLM, and Kerberos.

83. When does the ProxySG require the use of BCAAA with an IWA realm?

Ans:

When your organization does not permit the ProxySG to join the Windows domain of the authentication server.

84. What service group does Blue Coat recommend for the Telnet service, and why?

Ans:

Bypass recommended, because it is an interactive service that cannot benefit significantly from caching or optimization.

85. In which type of IWA realm, BCAAA or direct, does the administrator specify the IP address of an authentication server?

Ans:

BCAAA.

86. How can you prevent passwords from being sent in plaintext between the ProxySG and an LDAP server?

Ans:

By enabling SSL communication between the ProxySG and the authentication server.

87. When specifying a search user for an LDAP authentication realm, what administrative permissions are required on the search user account?

Ans:

No special permissions are required.

87. A ProxySG has its Explicit HTTP proxy service set to Intercept with all of the default settings. An LDAP authentication realm is in use, and the authentication mode is set to “auto.” Whena client connects via HTTP and an explicit proxy connection to the Internet for the first time through this ProxySG, what isthe first response code that the client receives?

Ans:

407.

89. When the ProxySG performs LDAP authentication with an explicit proxy connection, how often does theProxySG send a bind request with the search user DN to the authentication server?

Ans:

The first time that an authentication request is made using this realm since the ProxySG was last rebooted, or when the credential cache expires for the user in question.

90. For how long are LDAP user credentials cached on the ProxySG?

Ans:

The default is 15 minutes, but the administrator can change this.

91.Listeners, services, or proxies: Which of these are responsible for detecting incoming traffic that matches specific IP addresses or subnets?

Ans:

Listeners.

92. What are the four components of a proxy service?

Ans:

Listener parameters to match against, whether to intercept or bypass, which proxy to use, and attributes to control proxy processing.

93. When a proxy service listener matches incoming client traffic and is set to Bypass, what happens to the traffic?

Ans:

The answer depends on whether the client is using an explicit or transparent proxy Connection.

94. What are the four components of a proxy service listener?

Ans:

Source addresses, destination addresses, TCP port, action.