Skip to content

Instantly share code, notes, and snippets.

@namishelex01

namishelex01/Security Engineer - Interview Questions.md

Last active February 28, 2024 03:47
Show Gist options
  • Star 69 You must be signed in to star a gist
  • Fork 27 You must be signed in to fork a gist
  • Save namishelex01/b5555edbdcdf5597174ddce5c86d3192 to your computer and use it in GitHub Desktop.
Save namishelex01/b5555edbdcdf5597174ddce5c86d3192 to your computer and use it in GitHub Desktop.
Download ZIP
Cyber security engineer, Security Engineer, Security Analyst, Information Security Analyst and many more names
Raw
Security Engineer - Interview Questions.md

Core Information Security

  • What is information security and how is it achieved?

  • What are the core principles of information security?

  • What is the CIA triangle?

  • What is non-repudiation (as it applies to IT security)?

  • What is the relationship between information security and data availability?

  • What is the difference between logical and physical security? Can you give an example of both?

  • What are the most common types of attacks that threaten enterprise data security?

  • Can you give me an example of common security vulnerabilities?

  • What are your professional values? Why are professional ethics important in the information security field?

  • Where do you get your security news from?

  • What kind of network do you have at home? How do you protect your home wireless access point?

  • What are the advantages offered by bug bounty programs over normal testing practices?

  • Who’s more dangerous to an organization, insiders or outsiders?

  • What is the difference between a black hat and a white hat?

  • What do you think of social networking sites such as Facebook and LinkedIn?

  • Why are internal threats often more successful than external threats?

  • Why is deleted data not truly gone when you delete it?

  • How would you permanently remove the threat of data falling into the wrong hands?

  • What is your opinion on hacktivist groups such as Anonymous?

Security Frameworks, Assurance and Governance

  • What is Information Security Governance?

  • Can you describe the information lifecycle? How do you ensure information security at each phase?

  • What is a security control? What are the different types of security controls?

  • Are you familiar with any security management frameworks such as ISO/IEC 27002?

  • What is the difference between information protection and information assurance?

  • What is a security policy and why do we need one?

  • What is change management?

  • What types of RFC or change management software have you used?

Network security

  • What port does ping work over?

  • Do you prefer filtered ports or closed ports on your firewall?

  • How exactly does traceroute/tracert work at the protocol level?

  • What are Linux’s strengths and weaknesses vs Windows?

  • What is a firewall? And provide an example of how a firewall can be bypassed by an outsider to access the corporate network

  • Besides firewalls, what other devices are used to enforce network boundaries?

  • What is the role of network boundaries in information security?

  • What does an intrusion detection system do? How does it do it?

  • What is a honeypot? What type of attack does it defend against?

  • What technologies and approaches are used to secure information and services deployed on cloud computing infrastructure?

  • What information security challenges are faced in a cloud computing environment?

  • Can you give me an overview of IP multicast?

  • How many bits do you need for a subnet size?

  • What is packet filtering?

  • Can you explain the difference between a packet filtering firewall and an application layer firewall?

  • What are the layers of the OSI model?

  • How would you login to Active Directory from a Linux or Mac box?

  • What is an easy way to configure a network to allow only a single computer to login on a particular jack?

  • What are the three ways to authenticate a person?

  • You find out that there is an active problem on your network! You can fix it, but it is out of your jurisdiction! What do you do?

  • How would you compromise an “office workstation” at a hotel?

  • What is worse in firewall detection, a false negative or a false positive? And why?

  • How would you judge if a remote server is running IIS or Apache?

  • What is the difference between an HIDS and a NIDS?

  • What are your first three steps when securing a Linux server?

  • What are your first three steps when securing a Windows server?

Secure development

  • If you were going to break into a database-based website, how would you do it?

  • Are open-source projects more or less secure than proprietary ones?

  • Describe the last program or script that you wrote, what problem did it solve?

  • Can you briefly discuss the role of information security in each phase of the software development lifecycle?

  • How would you implement a secure login field on a high traffic website where performance is a consideration?

  • What are the various ways to handle account brute forcing?

  • What is cross-site request forgery?

  • How does one defend against CSRF?

  • If you were a site administrator looking for incoming CSRF attacks, what would you look for?

  • What’s the difference between HTTP and HTML?

  • How does HTTP handle state?

  • What exactly is cross-site scripting?

  • What’s the difference between stored and reflected XSS?

  • What are the common defenses against XSS?

  • You are remoted in to a headless system in a remote area, you have no physical access to the hardware and you need to perform an OS installation! What do you do?

  • On a Windows network, why is it easier to break into a local account than an AD account?

Security architect

  • Explain data leakage and give examples of some of the root causes

  • What are some effective ways to control data leakage?

  • Describe the 80/20 rules of networking

  • What are web server vulnerabilities and name a few methods to prevent web server attacks?

  • What are the most damaging types of malwares?

  • What’s your preferred method of giving remote employees access to the company network and are there any weaknesses associated to it?

  • List a couple of tests that you would do to a network to identify security flaws

  • What kind of websites and cloud services would you block?

  • What type of security flaw is there in VPN?

  • What is a DDoS attack?

  • Can you describe the role of security operations in the enterprise?

  • What is layered security architecture? Is it a good approach? Why?

  • Have you designed security measures that span overlapping information domains? Can you give me a brief overview of the solution?

  • How do you ensure that a design anticipates human error?

  • How do you ensure that a design achieves regulatory compliance?

  • What is capability-based security? Have you incorporated this pattern into your designs? How?

  • Can you give me a few examples of security architecture requirements?

  • Who typically owns security architecture requirements and what stakeholders contribute?

  • What special security challenges does SOA present?

  • What security challenges do unified communications present?

  • Do you take a different approach to security architecture for a COTS vs a custom solution?

  • Have you architected a security solution that involved SaaS components? What challenges did you face?

  • Have you worked on a project in which stakeholders choose to accept identified security risks that worried you? How did you handle the situation?

  • You see a user logging in as root to perform basic functions, Is this a problem?

  • What is data protection in transit vs data protection at rest?

  • You need to reset a password-protected BIOS configuration, What do you do?

Security Risk and Management

  • Is there an acceptable level of risk?

  • How do you measure risk? Can you give an example of a specific metric that measures information security risk?

  • Can you give me an example of risk trade-offs (eg risk vs cost)?

  • What is incident management?

  • What is business continuity management? How does it relate to security?

  • What is the primary reason most companies haven’t fixed their vulnerabilities?

  • What’s the goal of information security within an organization?

  • What’s the difference between a threat, vulnerability, and a risk?

  • If you were to start a job as head engineer or CSO at a Fortune 500 company due to the previous guy being fired for incompetence, what would your priorities be? [Imagine you start on day one with no knowledge of the environment]

  • As a corporate information security professional, what’s more important to focus on: threats or vulnerabilities?

  • If I’m on my laptop, here inside my company, and I have just plugged in my network cable, How many packets must leave my NIC in order to complete a traceroute to twitter(dot)com?

  • How would you build the ultimate botnet?

  • What are the primary design flaws in HTTP, and how would you improve it?

  • If you could re-design TCP, what would you fix?

  • What is the one feature you would add to DNS to improve it the most?

  • What is likely to be the primary protocol used for the Internet of Things in 10 years?

  • If you had to get rid of a layer of the OSI model, which would it be?

  • What is residual risk?

  • What is the difference between a vulnerability and an exploit?

  • How would you lock down a mobile device?

Security Operations & Incident Response

  • What is an IT security audit?

  • What is an RFC?

  • What is exfiltration?

  • What is the Chain of Custody?

  • What type of systems should be audited?

  • Have you worked in a virtualized environment?

  • What is the most difficult part of auditing for you?

  • Describe the most difficult auditing procedure you’ve implemented?

  • What do you do if a rollout goes wrong?

  • How do you manage system major incidents?

  • How do you ask developers to document changes?

  • How do you compare files that might have changed since the last time you looked at them?

  • Name a few types of security breaches?

  • What is a common method of disrupting enterprise systems?

  • What are some security software tools you can use to monitor the network?

  • What should you do after you suspect a network has been hacked?

  • How can you encrypt email to secure transmissions about the company?

  • What document describes steps to bring up a network that’s had a major outage?

  • How can you ensure backups are secure?

  • What is one way to do a cross-script hack?

  • How can you avoid cross script hacks?

  • How do you test information security?

  • What is the difference between black box and white box penetration testing?

  • What is a vulnerability scan?

  • In pen testing what’s better, a red team or a blue team?

  • Why would you bring in an outside contractor to perform a penetration test?

  • When will you consider an incident to be resolved?

  • How to investigate a potentially infected employee workstation?

  • How to respond to root CA breach?

  • How to analyze netstat logs for suspicious activities?

  • How to respond to a compromised server?

  • How to respond if company's chats are leaked into public(say slack data)?

  • How do you respond if you came to know a Critical Zero-day has been disclosed without any available patch?

  • How to respond if you came to know on a random Monday morning that 3 of the workstation's AV resported it cleaned password stealers from the system?

  • What details must be added in a report after a DDoS attack?

  • After analyzing active server logs, you see someone trying to break into your site, how would you respond to this incident? Is this even an incident?

  • How to detect Privilege Escalation on systems(*NIX/Win/both)? [Credit : @viswateja110]

  • How would traceroute help you find out where a breakdown in communication is?

  • Why is DNS monitoring important?

Cryptography

  • What is secret-key cryptography and public-key cryptography?

  • What’s the difference between encoding, encryption, and hashing?

  • What is a session key?

  • What would it take to break RSA? Are strong primes necessary for RSA? How large a module (key) should be used in RSA? How large should the primes be?

  • How is RSA used for authentication in practice? What are RSA digital signatures? What are the alternatives to RSA? Is RSA currently in use today?

  • What are DSS and DSA?

  • What is difference between DSA and RSA? Is DSA secure?

  • What are special signature and blind signature schemes?

  • What is a designated confirmer signatures?

  • What is a fail-stop signature scheme?

  • What is a group signature?

  • What is blowfish? What is SAFER? What is FEAL? What is Shipjack?

  • What is the advantage of public-key cryptography over secret-key cryptography?

  • What is the advantage of secret-key cryptography over public-key cryptography?

  • What is Message Authentication Code (MAC)?

  • What is a block cipher and stream cipher?

  • What are different block cipher modes of operation?

  • What is one-way hash function?

  • What is collision when we talk about hash functions? What are the applications of a hash function?

  • What is trapdoor function?

  • Cryptographically speaking, what is the main method of building a shared secret over a public medium?

  • What’s the difference between Diffie-Hellman and RSA? What kind of attack is a standard Diffie-Hellman exchange vulnerable to?

  • In public-key cryptography you have a public and a private key, and you often perform both encryption and signing functions! Which key is used for which function?

  • What’s the difference between Symmetric and Asymmetric encryption?

  • If you had to both encrypt and compress data during transmission, which would you do first, and why?

  • What is SSL and why is it not enough when it comes to encryption? What’s more secure, SSL or HTTPS?

  • What is salting, and why is it used? What are salted hashes?

  • What is the Three-way handshake? How can it be used to create a DOS attack?

  • Can you describe rainbow tables?

  • How do CAs store their private root keys?

  • How does HTTP(S) prevents a MITM attack by a proxy server?

  • How does the browser actually verify the validity of a given server certificate?

  • How can perform MITM attacks on all HTTPS traffic? Is it even possible?

  • How does my browser inherently trust a CA?

Source:- sec-community and personal experience

@viswateja110
Copy link

viswateja110 commented Jun 4, 2021
edited

you can add "How to detect privilege escalation?"

@namishelex01
Copy link
Author

you can add "How to detect privilege escalation?"

Added it. Thanks :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment