As you might know, I’ve finalized my relocation to Australia last week. After roughly 2 years getting prepared and waiting for the Skilled Migrant visa to be granted, my patience has paid off and I say with authority that this is a land of opportunities! The Information Security market is heated right now, and I’ve attended 7 interviews during my first 3 days in Sydney. Hopefully I’ll get myself a job very soon!
But since I’ve been going through the interview process for several positions with different requirements (Infosec Auditor, Security engineer, Security Manager and so on), and now that you know how to deal with the HR interview, I’ve decided to share with you some of the Information Security questions I’ve been asked so far, plus some I’ve researched on Internet. The purpose of this article is to aid during your preparation for an interview (regardless whether you are a senior professional going for your first managerial role or just starting your Infosec career), and my plan is to update it on a regular basis with further questions I’ll be asked and also hoping to get some feedback from you. Hopefully after some time this article will become a solid repository for IT/Information Security interview questions.
The questions are not following the order they were asked. I have roughly divided them into major topics but further organization will be necessary.
Please note: I won’t publish the answers, since the aim of this article is to give you inspiration to research and learn something new, or just refresh your knowledge.
- What’s the difference between a router, a bridge, a hub and a switch?
- Please explain how the SSL protocol works.
- What is a Syn Flood attack, and how to prevent it?
- Your network has been infected by malware. Please walk me through the process of cleaning up the environment.
- What kind of authentication does AD use?
- What’s the difference between a Proxy and a Firewall?
- What is Cross-Site Scripting and how can it be prevented?
- What’s the difference between symmetric and asymmetric encryption?
- What’s the difference between encryption and hashing?
- Why should I use server certificates on my e-commerce website?
- What’s port scanning and how does it work?
- Please explain how asymmetric encryption works
- Can a server certificate prevent SQL injection attacks against your system? Please explain.
- Do you have a home lab? If so, how do you use it to perfect your skills.
- What is a Man In The Middle attack?
- Take me through the process of pen testing a system.
- What is vulnerability test and how do you perform it?
- What are the latest threats you foresee for the near future?
- How would you harden a Windows Server? What about a Linux Server?
- What do you understand by layered security approach?
- What’s the better approach setting up a firewall: dropping or rejecting unwanted packets and why?
- Please detail 802.1x security vs. 802.11 security (don’t confuse the protocols).
- What is stateful packet inspection?
- What is NAT and how does it work?
- What is a buffer overflow?
- What are the most common application security flaws?
- What is a false positive?
- What is ISO 27001 and why should a company adopt it?
- Please describe step-by-step how you would prepare and perform an audit of any given system.
- What is a “RISK”, how can it be measured and what actions can be taken to treat it?
- Please describe the steps to be taken by a company implementing an ISMS framework
- Why did you become (CISSP/CISA) certified?
- During an audit, an interviewee is not disclosing the information being requested. How would you overcome this situation?
- Within the PCI-DSS sphere, what is a compensating control?
- Who is the ultimate responsible to classify a company’s information: the Infosec Team or the information owner?
- Please describe the process of evaluating and analysing risks.
- What actions would you take to change end user behavior towards InfoSec?
- How do you ensure a secure software development? What are the best practices to be followed?
…and more to come!
I’m putting the questions down as they were asked to the best of my memory. I invite you all to share some of the questions you’ve been asked during your IT/Information Security Interviews so it can help those out there looking for a job after several years without attending an interview.