IBM DataPower Interview Questions
IBM DataPower Interview Question And Answers:
Q.What is the value timestamp format in logtarget for?
Timestamp Format: syslog
Q.What is the default log size in the logtarget? What happens when that log size is reached?
Log size: 500 kilobytes,
When the log file reached the limit, the system will uploaded it to the FTP server and if it is successfully uploaded, the appliance will delete the log in the system to free space.
Q.Why do we need logtarget when there is already a default logging mechanism available in datapower?
we need logtarget to capture messages that are posted by the various objects and services that are running on the appliance. In order to get a specific event or/and object log information, we utilize logtargets.
Q.What are the different modes of archival? Explain each mode in two lines each?
Rotate, rotate the log file when the maximum size is reached. The appliance creates a copy of the file and starts a new file. The appliance retains the archived copies up to the specified number of rotations. After reaching the maximum number of rotations and the log file reaches its maximum size, the appliance deletes the oldest file and copies the current file.
Upload, upload the log file when the maximum size is reached. The appliance uploads the file using the specified upload method.
Q.What is the difference between object type and object name and what happens when I keep the add referenced object option to ‘off’?
Object Type, specify the type of object. This filter restricts log messages to only those messages generated by the selected object.
Whereas, Object name specify the name of an existing object of the selected type.
When the add referenced object option is turned ‘off’, the appliance generates no additional object filters anymore and includes events for only the specified object.
Q.In the datapower file system, the logs are stored defaultly in logtemp? True/false, give appropriate file directory if the above statement is false.
True: logtemp, default location of log files, such as the system-wide default log.
Q.How to I collect a single log statement as alert as a mail when the object on which log target is enables goes down or comes up?
It is done by setting up Event triggers. Event triggers perform actions only when triggered by a specified message ID or event code in this case the system goes up/down. With this filter, it is possible to create a log target that collects only the results of the specified trigger action. For example, to trigger the generation of an error report when a certain event occurs use the save error-report command and transfer to SMTP target format to send as an email alert.
Q.What is the difference between object filter and event filter?
Object filters allow only those log messages for specific objects to be written to the specific log target. Object filters are based on object classes. With this filter, you can create a log target that collects only log messages generated by particular instances of the specified object classes.
Event Filter allow only those log messages that contain the configured event codes to be written to this log target. With this filter, it is possible to create a log target that collects only log messages for a specific set of event codes.
Q.What is the log target type for sending the logs to email, what is the field name that has to be given a value for subject representation of an email?
SMTP, forwards log entries as email to the configured remote SNMP servers and email addresses. Before sending, the contents of the log can be encrypted or signed. The processing rate can be limited.
Q.What is cryptography? Why do we need it?
Cryptography is to protect private communication in the public world. For example, two entities wanting to communicate – Ajitab and Mulu – are shouting their messages in a room full of people. Everyone can hear what they are saying. The goal of cryptography is to protect this communication so that only Ajitab and Mulu can understand the content of the messages.
Q.Why do we need it?
We need cryptography to share information confidentially which is ensuring the secrecy of communication
Authentication – Ajitab can sign his message and Mulu can verify that he sent it based on his signature
Integrity checking -Mulu can generate a checksum of the message. Ajitab can either extract it from the message or recalculate it and verify that the message has not been changed.
Non-repudiation – if Ajitab signs the message he cannot deny later that he sent it, because no one else could generate that same signature/private key.
Q.What are the weakness of symmetric key cryptography and what is the strength of the asymmetric key cryptography?
Symmetric key cryptography–
The biggest obstacle in successfully deploying a symmetric-key algorithm is the necessity for a proper exchange of private keys. This transaction must be completed in a secure manner. If face to-face meeting, which proves quite impractical in many circumstances when taking distance and time into account, cannot be possible to exchange private keys. If one assumes that security is a risk to begin with due to the desire for a secret exchange of data in the first place, the exchange of keys becomes further complicated.
Another problem concerns the compromise of a private key. In symmetric key cryptography, every participant has an identical private key. As the number of participants in a transaction increases, both the risk of compromise and the consequences of such a compromise increase dramatically. Each additional user adds another potential point of weakness that an attacker could take advantage of. If such an attacker succeeds in gaining control of just one of the private keys in this world, every user, whether there are hundreds of users or only a few, is completely compromised.
Both Symmetric and Asymmetric-key cryptography also has vulnerabilities to attacks such as the man in the middle attack. In this situation, a malicious third party intercepts a public key on its way to one of the parties involved. The third party can then instead pass along his or her own public key with a message claiming to be from the original sender. An attacker can use this process at every step of an exchange in order to successfully impersonate each member of the conversation without any other parties having knowledge of this deception.
Asymmetric cryptography –More secure!
Asymmetric keys must be many times longer than keys in symmetric-cryptography in order to boast security. While generating longer keys in other algorithms will usually prevent a brute force attack from succeeding in any meaningful length of time, these computations become more computationally intensive. These longer keys can still vary in effectiveness depending on the computing power available to an attacker.
Q.Why do we need a digital signature?
Digital signatures act as a verifiable seal or signature to confirm the authenticity of the sender and the integrity of the message. Users who wish to verify their identity when sending a protected message can encrypt the information with their private key. The recipient can then decrypt the message with the sender’s public key in order to confirm the sender’s identity and the integrity of the message.
Q.Who issues a certificate, explain in detail?
Certificate authorities act as trusted third parties that verify the identity of the sender of an encrypted message and issue digital certificates as evidence of authorization. These digital certificates contain the public key of the sender, which is then passed along to the intended recipient. The Certificate authorities do extensive background checks before giving an organization or a given individual a certificate.
Q.Give three popular algorithms used for encryption?
- Triple DES-uses three individual keys with 56 bits each. The total key length adds up to 168 bits, but experts would argue that 112-bits in key strength is more like it.
- RSA- is a public-key encryption algorithm and the standard for encrypting data sent over the internet.
- AES-it is extremely efficient in 128-bit form, AES also uses keys of 192 and 256 bits for heavy duty encryption purposes.
Q.How do you gauge the strength of the key, what is the parameter used?
The algorithm should be known to the public; but the key needs to be confidential
- Key size
- Performance/ Response time for Encryption or Decryption (depends on the system we use)
- Mathematical proof for standardization of security provided by that algorithm
- Who provided the certificate for the algorithm and the date of expiration date?
Q.What is a trust store?
A trust store contains certificates from other parties that we expect to communicate with, or from Certificate Authorities that we trust to identify other parties. For example, google (chrome) contains certificate of many companies or websites. Whenever we browse that site the browser automatically check the site for its certificate form the store and compare it. If it is true, google will add the ‘s’ on ‘HTTP’. That way we know that website is secured and trust worthy.