Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding 4 questions #4

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Adding 4 questions #4

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
445e8eb
Adding 3 questions
zendannyy Jul 19, 2022
73d1309
Merge branch 'main' into zendannyy_pr
zendannyy Jul 19, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 16 additions & 0 deletions interview-questions.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,19 +19,35 @@ This is taking a concept that every internet user might take for granted, but th
## Scenario Based Questions
* You receive an alert for an incident, how would you investigate it? (There's no right or wrong answer to this situation. This is a vague question, in which you have to ask questions to gather information before deciding how you're going to answer the question. Having experience conduction investigations will help you with this, but not having experience isn't the end of the world. Think out loud of your solutions so that they can hear your thought process. Hearing your thought process is extremely important.)
* A user reports that their computer is running slow and acting abnormal. You investigate it and notice that the computer has been making requests to an unknown IP address, what do you? (This question gauges your knowledge on attack methods and networking. Hint: DNS requests is 🔑 )
* You get an email forwarded from leadership saying they're not sure of its phishing, where do you look to verify if the email is phishing or not?
(This tests email security knowledge, link analysis, headers, etc.)

* Can you tell me about a favorite threat detection that you have built? How did you build it? What problem did it solve? (This question may be geared towards security engineers and/or tier 3. This question will be to gauge the complexity of threat detections you have built, what data sources you have used, etc. It's also a time to show off your critical thinking skills on how & why you developed them. As well as how you were able to solve problems that the organization may or may not have known existed)

## Network Security Interview Questions
* Which is more secure HTTPS, SSL, or TLS. (This is a trick question. Requires basic networking knowledge. Hint: What does HTTPS use to encrypt data?)
* What is the importance of DNS monitoring? What are DNS attack methods? (Straight forward question. Intermediate networking knowledge. The interviewer is gauging your overall knowledge of DNS and how it can be exploited)

## Application Security

When interviewing for cybersecurity positions, there won't be many application security questions unless you're applying for cloud, appsec, etc type roles. You still need to understand the fundamental concept of application security, although.
* What is the OWASP Top 10? (These are the most citical security risks to web applications)
* Explain XSS and how can to prevent it? (XSS is apart of the Owasp Top 10)
* Explain SQL Injection and how to prevent it? (SQL Injection is apart of the Owasp Top 10)
* How would you prevent secrets from getting exposed in a codebase? (Tests knowledge around secure coding best practices and secrets management)

When interviewing for cybersecurity positions, there won't be many application security questions unless you're applying for cloud, appsec, etc type roles. You still need to understand the fundamental concept of application security, although.
* What is the OWASP Top 10? (These are the most critical security risks to web applications)
* Explain XSS and how can to prevent it? (XSS is apart of the OWASP Top 10)
* Explain SQL Injection and how to prevent it? (SQL Injection is apart of the OWASP Top 10)



## Splunk/SIEM Interview Questions
You will rarely have splunk specific interview questions, unless you're specifically interviewing for a splunk engineer, admin, etc. role. However, Splunk is a popular tool that many companies use for alerts, analysis, and monitoring. As a security analyst you will be using splunk or SIEM to conduct investigations.
* Explain Splunk Architecture. (Interviewer is looking for you to explain each componenet of Splunk.)
* What is the component of Splunk that does the searching? (Tests specific domain knowledge on the main Splunk components)
* What is the difference using the NOT = and != in a Splunk query? (A little in the weeds but have been asked this before, interviewer looking for SPL command specifics)

* Explain Splunk Architecture. (Interviewer is looking for you to explain each component of Splunk.)