With the ever increasing demand of internet, everyone is connected through internet like never before. Internet is responsible for our easy bill payments and error-free bank transactions. But, with the increase in cyber crimes, how can we completely rely on the connections? Security is our primary concern. So, hiring the security professionals is not only important but is difficult as well. As someone with years of experience in the cybersecurity space, I’ve interviewed hundreds of prospective applicants for roles ranging from network security specialist to senior executive positions for large IT security multinational organizations.
Here are 15 informative cyber security interview questions for job professionals in the field:
1) What’s the one thing that you have found that contributes the most to software security risks?
Budget, lack of buy-in, communication breakdowns between development, IT/security operations, and management come to mind.
2) Which cyber security project you handled on your own or you call it as an achievement?
For some people, this would be the first computer they ever built, or the first time they modified a game console, or the first program they wrote, the list can go on and on. In my case, that would be a project for work that I was working on for years. It started out as an Excel spreadsheet that the Engineering department were using to keep track of their AutoCAD drawings, and ended up evolving through a couple hundred static HTML pages, an Access Database and frontend, and finally to a full on web application running in MySQL and PHP. This simple little thing ended up becoming an entire website with dedicated Engineering, Sales and Quality web apps used by the company globally, which just goes to show you you never know where something might lead.
3) Explain data leakage? Also, mention the factors responsible for it.
The separation or departing of IP from its intended place of storage is known as data leakage. The factors that are responsible for data leakage can be
- Copy of the IP to a less secure system or their personal computer
- Human error
- Technology mishaps
- System misconfiguration
- A system breach from a hacker
- A home-grown application developed to interface to the public
- Inadequate security control for shared documents or drives
- Corrupt hard-drive
- Back up are stored in an insecure place
4) What are the most challenging aspects of software security impacting businesses today?
Things like getting right the first time, finding the low-hanging fruit promptly before the bad guys/ hackers do, and even the various complexities associated with people/politics.
5) Mention what are personal traits you should consider protecting data?
- Install anti-virus on your system
- Ensure that your operating system receives an automatic update
- By downloading latest security updates and cover vulnerabilities
- Share the password only to the staff to do their job
- Encrypt any personal data held electronically that would cause damage if it were stolen or lost
- On a regular interval take back-ups of the information on your computer and store them in a separate place
- Before disposing off old computers, remove or save all personal information to a secure drive
- Install anti-spyware tool
6) What is SSL and why is it not enough when it comes to encryption?
SSL is identity verification, not hard data encryption. It is designed to be able to prove that the person you are talking to on the other end is who they say they are. SSL and its big brother TLS are both used almost everyone online, but the problem is because of this it is a huge target and is mainly attacked via its implementation (The Heartbleed bug for example) and its known methodology. As a result, SSL can be stripped in certain circumstances, so additional protections for data-in-transit and data-at-rest are very good ideas.
7) What is XSS?
8) Do you know about the 80/20 rule of networking?
80/20 is a thumb rule used for describing IP networks, in which 80% of all traffic should remain local while 20% is routed towards a remote network.
9) Suggest 3 ways to authenticate any person?
Something they know (password), something they have (token), and something they are (biometrics). Two-factor authentication often times uses a password and token setup, although in some cases this can be a PIN and thumbprint.
10) Mention what is WEP cracking? What are the types of WEP cracking?
WEP cracking is the method of exploiting security vulnerabilities in wireless networks and gaining unauthorized access. There are basically two types of cracks
- Active cracking: Until the WEP security has been cracked this type of cracking has no effect on the network traffic.
- Passive cracking: It is easy to detect compared to passive cracking. This type of attack has increased load effect on the network traffic.
11) How would you judge if a remote server is running IIS or Apache?
Error messages oftentimes giveaway what the server is running, and many times if the website administrator has not set up custom error pages for every site, it can give it away as simply as just entering a known bad address. Other times, just using telnet can be enough to see how it responds. Never underestimate the amount of information that can be gained by not getting the right answer but by asking the right questions.
12) How do you protect your home Wireless Access Point?
This is another opinion question – there are a lot of different ways to protect a Wireless Access Point: using WPA2, not broadcasting the SSID, and using MAC address filtering are the most popular among them. There are many other options, but in a typical home environment, those three are the biggest.
13) How can you safeguard a company or an institute from SQL injection?
An organization can rely on following methods to guard themselves against SQL injection
- Sanitize user input: User input should be never trusted it must be sanitized before it is used
- Stored procedures: These can encapsulate the SQL statements and treat all input as parameters
- Regular expressions: Detecting and dumping harmful code before executing SQL statements
- Database connection user access rights: Only necessary and limited access right should be given to accounts used to connect to the database
- Error messages: Error message should not be specific telling where exactly the error occurred it should be more generalized.
14) List out the techniques used to prevent web server attacks?
- Patch Management
- Secure installation and configuration of the O.S
- Safe installation and configuration of the web server software
- Scanning system vulnerability
- Anti-virus and firewalls
- Remote administration disabling
- Removing of unused and default account
- Changing of default ports and settings to customs port and settings
15) What is CIA triangle?
Confidentiality, Integrity, Availability. As close to a ‘code’ for Information Security as it is possible to get, it is the boiled down essence of InfoSec. Confidentiality- keeping data secure. Integrity- keeping data intact. Availability- keeping data accessible.
Hope the above cyber security interview question and answer will be helpful to get you dream job