Last Minute Revision for Cyber Security Interview !!!

7 min readSep 28, 2021

Hello Magnificent Readers ,

This blog is all about potential question that can be asked by interviewer.

These all questions you can consider at final preparation of the interview.

1. What is a Firewall? Explain its need in brief.

Firewalls are the defense system to any network that keeps your systems, devices, and other network touchpoints safe from any external threats like viruses, worms, trojans, DDoS attacks, Waterhole attacks and more. Firewalls are additionally used for filtering the communications that are happening between the internal and external touchpoints.

2. What are social engineering attacks?

When a cyber criminal manipulates their targets using normal communication medium like calls, texts, and emails to fetch the confidential information directly from the target without any technical expertise it is called as social engineering attacks. For example Tail gaiting, Spear Phishing, Pretexting, Baiting, Whaling attack, Waterhole attacks and more.

3. Mention what are web server vulnerabilities?

The common weakness or vulnerabilities that the web server can take an advantage of are

Default settings
Misconfiguration
Bugs in operating system and web servers

4. Can You Name Eight Common cyber attacks?

Ransomware
DDoS attacks
Malware
Phishing
Zero-day attacks
Brute force attacks
XSS
Man-in-the-middle attacks

5. What is SSL and why is it not enough when it comes to encryption?

SSL is identity verification, not hard data encryption. It is designed to be able to prove that the person you are talking to on the other end is who they say they are. SSL and its big brother TLS are both used by almost everyone online, but the problem is because of this it is a huge target and is mainly attacked via its implementation (The Heartbleed bug for example) and its known methodology. As a result, SSL can be stripped in certain circumstances, so additional protections for data-in-transit and data-at-rest are very good ideas.

6. What is XSS?

Cross-site scripting, the nightmare of Javascript. Because Javascript can run pages locally on the client system as opposed to running everything on the server side, this can cause headaches for a programmer if variables can be changed directly on the client’s webpage. There are a number of ways to protect against this, the easiest of which is input validation.

7. What are the OSI model and name their types?

OSI model is an inter-operative framework that developers would need to make their applications work along with the network. The types are:

Application layer
Presentation layer
Network layer
Transport layer
Session layer
Data link layer
Physical layer

8) Name the attack technique that implement a user’s session credential or session ID to an explicit value?

Dictionary attack can force a user’s session credential or session ID to an explicit value

9) Explain what does OWASP Application Security Verification Standard (ASVS) project includes?

OWASP application security verification standard project includes

Use as a metric: It provides application owners and application developers with a yardstick with which to analyze the degree of trust that can be placed in their web applications
Use as a guidance: It provides information to security control developers as to what to build into security controls in order to meet the application security requirements
Use during procurement: It provides a basis for specifying application security verification requirements in contracts

10) List out the controls to test during the assessment?

Information gathering
Configuration and Deploy management testing
Identify Management testing
Authenticate Testing
Authorization Testing
Session Management Testing
Data Validation Testing
Error Handling
Cryptography
Business logic testing
Client side testing

11) Explain what the passive mode is or phase I of testing security in OWASP?

The passive mode or phase I of security testing includes understanding the application’s logic and gathering information using appropriate tools. At the end of this phase, the tester should understand all the gates or access points of the application.

12) Mention what is the threat you are exposed to if you do not verify authorization of user for direct references to restricted resources?

You are exposed to threat for insecure direct object references, if you do not verify authorization of user for direct references to limited or restricted resources.

These are the most common question that you will find in an interview.
Now , The following sets of questions are creative and live scenario basis.

Question: What do you do to relax outside of work when you’re not focused on cybersecurity?

Explanation: This is a general question which the interviewer will ask early in the interview to begin the conversation, learn more about you, and collect information they can use throughout the interview. This provides you the opportunity to move the interview in a direction you are comfortable with and will be able to address.

Question: What steps do you take to ensure a server is secure?

Explanation: This is an operational question which the interviewer will ask to better understand how you go about doing your job. Operational questions are best responded to briefly and directly, with little embellishment. The interviewer will ask a follow-up question if they need additional information or want to explore the topic in more detail.Question: Can you discuss the differences between encoding, encrypting, and hashing?

Explanation: This is an example of a technical question. Technical questions usually ask you to define a term and then explain how it is used in your profession. Like operational questions, technical questions should be answered directly and briefly. You should also anticipate follow-up questions.

Question: Can you discuss the differences between encoding, encrypting, and hashing?

Question: What would you do first when preparing to transmit data, compress it, or encrypt it?

Explanation: This technical question is meant to test your knowledge of a specific process. As an information security analyst, you should be able to discuss a variety of different processes used to secure data. When answering this type of question, you should address the question and then give your rationale behind your answer.

Question: What methods do you use to strengthen user authentication?

Explanation: Yet another operational question. As mentioned earlier, most questions you will be asked during an interview will be either technical or operational. Keep in mind that any time you give an answer, the interviewer may ask follow-up questions. This is why you should keep your answers brief and to the point because it allows them to follow up.

What is the CIA triangle?

Confidentiality, Integrity, Availability. As close to a ‘code’ for Information Security as it is possible to get, it is the boiled-down essence of InfoSec.

Confidentiality- keeping data secure.

Integrity- keeping data intact.

Availability- keeping data accessible.

What is the difference between a vulnerability and an exploit?

A lot of people would say that they are the same thing, and in a sense they would be right. However, one is a potential problem while the other is an active problem. Think of it like this: You have a shed with a broken lock where it won’t latch properly. In some areas such as major cities, that would be a major problem that needs to be resolved immediately, while in others like rural areas its more of a nuisance that can be fixed when you get around to it. In both scenarios it would be a vulnerability, while the major cities shed would be an example of an exploit — there are people in the area, actively exploiting a known problem.

What’s better, a red team or a blue team?

Another opinion question, more along the lines of where your interests lie. In penetration testing scenarios, a red team is trying to break in while a blue team is defending. Red Teams typically are considered the ‘cooler’ of the two, while the Blue Team is usually the more difficult. The usual rules apply like in any defense game: the Blue Team has to be good every time, while the Red Team only has to be good once. That’s not entirely accurate given the complexities at work in most scenarios, but it’s close enough to explain the idea.

What is residual risk?

Consider an example — A new car built by my company leaves somewhere traveling at 60 mph. The rear differential locks up. The car crashes and burns with everyone trapped inside. Now, should we initiate a recall? Take the number of vehicles in the field, A, multiply by the probable rate of failure, B, multiply by the average out-of-court settlement, C. A times B times C equals X. If X is less than the cost of a recall, we don’t do one.

What is Exfiltration?

Infiltration is the method by which you enter or smuggle elements into a location. Exfiltration is just the opposite: getting sensitive information or objects out of a location without being discovered. In an environment with high security, this can be extremely difficult but not impossible. Again we turn to our friends in the fake delivery uniforms wandering around the building, and see that yes there are ways to get in and out without a lot of issues.

What are various response codes from a web application?

1xx- Information responses
2xx- Success
3xx- Redirection
4xx- Client side error
5xx- Server side error

What do you mean by Incident? How do you manage it?

Any event which leads to the compromise of the security of an organization is an incident. The incident method goes like this:

Closure report
Remediation steps
Logging it
Identification of the incident
Investigation and root cause analysis
Escalation

I hope you guys love this , These all questions are for last minute preparation.

Do not relay on only this questions. All the best for your interview :)