Inspira Enterprise India Limited
20+ Omidyar Network Interview Questions and Answers
Q1. What is private and public IP address
Private IP addresses are used within a local network, while public IP addresses are used to identify a network on the internet.
Private IP addresses are not unique on the internet and are used within a local network to identify devices.
Public IP addresses are unique on the internet and are used to identify a network on the internet.
Private IP addresses are in the range of 10.0.0.0 to 10.255.255.255, 172.16.0.0 to 172.31.255.255, and 192.168.0.0 to 192.168.255.255.
Public IP add...read more
Q2. How would you troubleshoot the logs which is stopped from a device coming on port 514 UDP
To troubleshoot logs stopped from a device on port 514 UDP, check firewall settings, network connectivity, and device configurations.
Check firewall settings to ensure port 514 UDP is allowed for logging traffic
Verify network connectivity between the device and the logging server
Review device configurations to ensure logging is properly configured and enabled
Q3. How many hosts in class C IP address
There are 256 hosts in a class C IP address.
Class C IP addresses have a subnet mask of 255.255.255.0
The first three octets are used for network identification
The last octet is used for host identification
The range of IP addresses in a class C network is from 192.0.0.0 to 223.255.255.255
Each octet has 8 bits, so the last octet can have 2^8 (256) possible values
Q4. Have you worked as a Server Admin ?
Yes, I have worked as a Server Admin.
Managed and maintained server infrastructure
Performed server installations, configurations, and upgrades
Monitored server performance and resolved issues
Implemented security measures and backups
Collaborated with cross-functional teams to optimize server functionality
Q5. What is the most recent vulnerability
The most recent vulnerability is the PrintNightmare vulnerability in Windows Print Spooler service.
The vulnerability allows attackers to remotely execute code with system-level privileges.
It affects all versions of Windows and has a CVSS score of 8.8.
Microsoft has released patches for the vulnerability, but some experts suggest disabling the Print Spooler service as a temporary fix.
Q6. What is dhcp,dns,ospf,isi model,stp,FTP,TCP and UDP.
DHCP, DNS, OSPF, IS-IS model, STP, FTP, TCP, and UDP are all networking protocols and technologies.
DHCP (Dynamic Host Configuration Protocol) is used to automatically assign IP addresses to devices on a network.
DNS (Domain Name System) is used to translate domain names into IP addresses.
OSPF (Open Shortest Path First) is a routing protocol used to determine the best path for data to travel on a network.
IS-IS (Intermediate System to Intermediate System) model is a routing prot...read more
Q7. What is the role of Endpoint Detection and Response (EDR) in incident response?
EDR plays a crucial role in incident response by continuously monitoring and analyzing endpoint activities for signs of malicious behavior.
EDR solutions provide real-time visibility into endpoint activities, allowing for quick detection of potential threats.
They use advanced analytics and machine learning to identify suspicious behavior and indicators of compromise.
EDR tools can automatically respond to threats by isolating infected endpoints, blocking malicious processes, an...read more
Q8. 1) What is firewall work ? 2) Describe OSI layer?
Firewall works as a barrier between internal and external networks. OSI layer is a model for network communication.
Firewall filters incoming and outgoing traffic based on predefined rules.
OSI layer has 7 layers: Physical, Data Link, Network, Transport, Session, Presentation, and Application.
Each layer has its own set of protocols and functions.
Firewalls operate at the network and transport layers of the OSI model.
Firewalls can be hardware or software-based.
OSI layer helps in ...read more
Q9. What is Sql injection ? Epo installation and implementation steps
SQL injection is a type of cyber attack where malicious SQL code is inserted into input fields to manipulate a database.
SQL injection occurs when an attacker inserts malicious SQL code into a query to manipulate the database.
It can be prevented by using parameterized queries and input validation.
Example: SELECT * FROM users WHERE username = 'admin'; DROP TABLE users;
Q10. What is sql injection
SQL injection is a type of cyber attack where malicious SQL statements are inserted into an entry field to manipulate a database.
Allows attackers to access sensitive data or execute unauthorized actions
Occurs when user input is not properly sanitized
Can be prevented by using parameterized queries and input validation
Example: Entering ' OR 1=1;--' into a login form to bypass authentication
Q11. Give some example of vulnerable ports
Vulnerable ports are those that are commonly targeted by attackers to gain unauthorized access to a system.
Port 21 (FTP)
Port 23 (Telnet)
Port 25 (SMTP)
Port 80 (HTTP)
Port 443 (HTTPS)
Port 3389 (Remote Desktop Protocol)
Q12. How to create active directory in user
Active Directory can be created in user by using the Active Directory Users and Computers tool.
Open the Active Directory Users and Computers tool
Right-click on the domain name and select 'New' and then 'User'
Fill in the required user information and click 'Next'
Set the user's password and click 'Next'
Review the user's information and click 'Finish'
Q13. Overall understanding of Data center projects
Data center projects involve the planning, design, construction, and management of data centers.
Data center projects require a thorough understanding of networking, server hardware, and storage systems.
They involve the installation and configuration of data center infrastructure, such as racks, power distribution units, and cooling systems.
Data center projects also include the implementation of security measures, such as firewalls, access controls, and surveillance systems.
Mo...read more
Q14. What is IAM and its best practices?
IAM stands for Identity and Access Management, which is a framework of policies and technologies that ensure the right individuals have the appropriate access to technology resources.
IAM involves defining and managing the roles and access levels of users within an organization.
Best practices include implementing strong authentication methods like multi-factor authentication, regularly reviewing and updating access permissions, and monitoring user activity for any suspicious b...read more
Q15. Common ports you have encountered while doing PT
Common ports encountered during penetration testing
Port 80 - HTTP
Port 443 - HTTPS
Port 22 - SSH
Port 21 - FTP
Port 3389 - RDP
Q16. What are the basics of cybersecurity
Cybersecurity basics involve protecting computer systems, networks, and data from unauthorized access, attacks, and damage.
Implementing strong passwords and multi-factor authentication
Regularly updating software and systems to patch vulnerabilities
Using firewalls and antivirus software to protect against malware
Encrypting sensitive data to prevent unauthorized access
Training employees on cybersecurity best practices
Monitoring network traffic and detecting anomalies
Creating ba...read more
Q17. What is Rag in Gen Ai
Rag in Gen Ai refers to the process of generating random text or code snippets for training AI models.
Rag in Gen Ai is used to create synthetic data for training AI models.
It involves generating random text or code snippets that mimic real data.
Rag in Gen Ai helps improve the performance of AI models by providing diverse training data.
Examples include generating fake news articles for training a language model or creating synthetic images for training a computer vision model.
Q18. All type of basic networking
Basic networking includes understanding of network topologies, protocols, IP addressing, subnetting, and troubleshooting.
Understanding of network topologies such as star, bus, ring, and mesh
Knowledge of network protocols like TCP/IP, DNS, DHCP, and HTTP
IP addressing and subnetting including CIDR notation
Troubleshooting network issues using tools like ping, traceroute, and Wireshark
Q19. describe everything about machine learning
Machine learning is a branch of artificial intelligence that involves developing algorithms and models that enable computers to learn from and make predictions or decisions based on data.
Machine learning uses algorithms to analyze data, learn from it, and make predictions or decisions without being explicitly programmed.
There are different types of machine learning, including supervised learning, unsupervised learning, and reinforcement learning.
Examples of machine learning a...read more
Q20. Approach for web, Mobile and Infra PT
Utilize a comprehensive approach for penetration testing on web, mobile, and infrastructure.
Conduct thorough reconnaissance to gather information on the target systems.
Perform vulnerability scanning and assessment to identify potential weaknesses.
Exploit identified vulnerabilities to gain unauthorized access.
Document findings and provide recommendations for remediation.
Test for common web application vulnerabilities such as SQL injection, cross-site scripting, and insecure di...read more
Q21. Architecture of the current environment
The current environment architecture includes...
The environment consists of multiple servers and network devices
It is designed with a layered security approach
The servers are hosted on-premises and in the cloud
There are firewalls, intrusion detection/prevention systems, and SIEM solutions in place
The architecture is regularly reviewed and updated to ensure optimal security posture
Q22. Project successful implementation
Successful project implementation requires clear goals, effective communication, and efficient resource management.
Define project goals and objectives
Create a detailed project plan with timelines and milestones
Assign tasks and responsibilities to team members
Establish effective communication channels
Monitor progress and adjust plans as needed
Manage resources efficiently
Ensure quality control and risk management
Celebrate successes and learn from failures
Q23. Edr and implementation steps
EDR stands for Endpoint Detection and Response. Implementation steps include planning, deployment, configuration, testing, and monitoring.
Plan the deployment of EDR solution based on organization's needs and requirements
Deploy the EDR solution on endpoints across the network
Configure the EDR solution to detect and respond to security threats
Test the EDR solution to ensure it is functioning correctly
Monitor the EDR solution for any alerts or anomalies
Q24. Ctc nd negatitiations thats it
I'm sorry, but the question is not clear. Could you please rephrase it?
Top HR Questions asked in Omidyar Network
Interview Process at Omidyar Network
Top Interview Questions from Similar Companies
Reviews
Interviews
Salaries
Users/Month