Cybersecurity Interview Questions

Question 1

What is Cybersecurity?

Answer 1

Cybersecurity is the combination of processes, practices, and technologies designed to protect networks, computers, data, and information from attack, damage, or unauthorized access.

Question 2

What do you have on your home network?

Answer 2

Active Directory, Domain controller, firewall, Nas

Question 3

What is the difference between Symmetric and Asymmetric Encryption?

Answer 3

Question 4

What is the CIA triad

Answer 4

The CIA Triad for InfoSec, provides a baseline standard for evaluating and implementing information security.

Question 5

What is a:

Risk

Vulnerability

Threat

Answer 5

Risk refers to a potential for loss or damage when a threat exploits a vulnerability.

Vulnerability refers to the weakness of an asset (resource) that can be exploited by one or more attackers or threat actors.

Threat refers to someone with the potential to do harm to a system or an organization.

Question 6

How do you report Risk?

Answer 6

Question 7

What is the difference between an IDS and an IPS?

Answer 7

Question 8

What are some cybersecurity frameworks?

Answer 8

The Framework is a volutary guidance, based on existing guildlines, and practices for organizations to better manage and reduce cybersecurity risk.

PCI DSS

ISO (international organization for standardization) 27001/27002

CIS Critical Security Controls

NIST Framework

Hitrust

Question 9

What Port Do You Ping Over?

Question 10

What is Weak Information Security?

Answer 10

Information security policy is considered to be weak if it does not meet the criteria of an effective one.

The criteria includes: Distribution, review, comprehension, compliance, and, uniformity.

The policy has not been made readily available for review by every employee.

The organization can not demonstrate that employees can review and understand the policy.

Question 11

Explain SSL encryption

Answer 11

SSL (Secure Socket Layer) is a protocol that enables safe conversations between two or more parties.

It is designed to identify and verify that the person you are talking to on the other end is who they say they are.

Question 12

What is HTTPS?

Answer 12

HTTPS (Hypertext Transfer Protocol Secure) is HTTP combined with SSL which provides you with a safer browsing experience with encryption.

Question 13

Which is more secure SSL or TLS?

Answer 13

SSL is meant to verify the sender’s ID, but it doesn’t search for any more hazards.

TLS is another identification tool just like SSL, but it offers better security features. It provides additional protection to the data and hence SSL and TLS are often used together.

Question 14

How can Identity theft be prevented?

Answer 14

• Strong and unique password
• Avoid sharing confidential information
• Two Factor
• Use the latest version of browsers
• Install advanced malware and spyware tools
• Appy updates and patches

Question 15

How can you prevent Man in the middle (MITM) Attacks?

Answer 15

Use encryption

Avoid open Wi-Fi networks

Use VPN’s

Question 16

State the difference between encoding, hashing, and encryption?

Answer 16

Encoding Converts the data in the desired format required for exchange between different systems.

Hashing Maintains the integrity of a message or data. Any change in any way will change the hash.

Encryption Ensures the data is secure and one needs a digital verification code or image in order to open or access it.

Question 17

Application Security

Answer 17

Application security is the practice of improving the security of applications using software, hardware, and other procedural methods.

Countermeasures are taken to ensure application security, the most common being an application firewall (WAF) that limits the execution of files or the handling of data by specific installed programs.

Question 18

Common Cyber Threats

Answer 18

Malware

Phishing

Password attacks

DDoS

Man in the Middle (MITM)

Drive-by Downloads

Malvertising

Rogue Software

Question 19

OSI model

Answer 19

Application Layer

Presentation Layer

Session Layer

Transport Layer

Network Layer

Data Link Layer

Physical Layer

Question 20

What is Cross-Site Scripting (XSS)

Answer 20

XSS refers to client-side code injection attacks wherein an attacker can execute malicious code into a legitimate website or web application.

XSS is amongst the most rampant of web application vulnerabilities and occurs when a web application makes use of unvalidated or unencoded user input.

Question 21

What is the difference between Cybersecurity and Network Security

Answer 21

Cybersecurity Describes the policies and procedures implemented by a network administrator to avoid and keep track of unauthorized access, exploitation, modification, or denial of the network and network resources.

Network Security The process and practices designed to protect networks, computers, programs and data from attack, damage, or unauthorized access.

Question 22

What protocols fall under TCP/IP internet protocol layer?

Answer 22

Question 23

Incident response Metrics

TTD

TTR

TTE

Answer 23

Time to Detect

Time to Respond

Time to Eradicate

Question 24

What Is SSL

Answer 24

SSL is a standard security technology for creating an encrypted link between clients and servers.

Question 25

Is Cloud Computing a Security Risk?

Answer 25

Even in 2018 and 2019, cloud computing is still a risk. While there are many potential dangers involved with cloud computing, it is really up to the cloud computing customer to ensure information security. These considerations really depend upon the nature of the business as well the data being stored, so a good CISO would have to make these decisions on a case-by-case basis.

Question 26

Have You Ever Been Faced With a Situation Where You Had To Modify a Security Policy and Why?

Question 27

Can You Describe an Example of a Security Issue at a Previous Position and How You Managed It?

Question 28

Tell Me About a Time When You Had to Collaborate With Stakeholders to Establish an Information Security Risk Management Program.

Answer 28

Risk Management process

Question 29

How Important Is Security Awareness Training for Your Management Style?

Answer 29

Extremely Important... Culture is Key

Question 30

What Challenges Do You Foresee in This Position?

Question 31

Does Just-In-Time Training Have a Place at an Organization You Work For?

Question 32

Give Me an Example of a New Technology You Want to Implement for Information Security.

Question 33

How Would You Describe a Strong Organization Information Security Program?

Question 34

What KPIs or Metrics Do You Use to Measure the Effectiveness of an Information Security Program?

Answer 34

When you are presented with a question like this, it’s really trying to get to the heart of the skills that you are bringing to the job. The best way to go with this question is to use a two-factor approach – productivity and recovery. A good information security program will improve productivity as security improves. On the same note, a well-rounded information security program will allow for a quick recovery without hindering productivity or shareholder interests.

Question 35

If You Were Going to Encrypt and Compress Data for a Transmission, Which Would You Do First?

Answer 35

Questions regarding the technical aspect of information security are definitely fair game. This is especially the case, as the CISO is the brain of the information security operation of an organization. You would, of course, want to compress data before encryption because encrypting data first would reduce the effectiveness of the encryption.