Cyber Sec Interview Questions Flashcards
What are three ways to authenticate someone?
something you know, something you have, and something you are.
How would you secure a network? What factors would you take into account?
First, ask about the network. Ask what devices are on it, its routing method (SDN, MPLS, etc.), what data is on it, how many users access to it at any given time, and so on. Note if there are regulations involved in the data on the network.
Using a chart or whiteboard is also helpful, as is the STAR method, which outlines the methodology and impact of the protocol you implement in a given situation
What is the difference between data protection in transit and data protection at rest?
Data protection at rest means protecting data that is in storage. Attackers can gain access to this data if they gain access to the storage device it is on, either physically or digitally.
Data protection in transit means securing data that is sent over the network, such as to and from the internet.
Both of these types of data can be protected with security tools such as firewalls and network access control. As well, both types of data should be encrypted. That way, an attacker gains access, they cannot read the data without cracking the encryption.
What do you do if someone higher on the work hierarchy than you demands you break protocol for them?
The key here is to take this issue up the chain. The Infosec Institute recommends checking with your manager to confirm if doing such a thing is acceptable. Even if you already know the answer, having someone on your side can bolster your argument.
How do you keep company devices secure if they’re on public/hotel wifi?
Users should use a VPN, avoid using public cell phone chargers, which have been used in the past to hack into devices, and avoid connecting to unknown Bluetooth devices.
What is a three-way handshake?
A Transmission Control Protocol (TCP) three-way handshake is a way for two devices on a network to start and confirm a session.
What is the residual risk?
Residual risk is risk that’s leftover after inherent risk has been mitigated.
How do you permanently disable bad actors from accessing sensitive data?
destroying the data.
What is phishing? How can you stop it?
Phishing is when bad actors gain authentication factors, such as usernames and passwords, by posing as reputable sites and login apps through email. When a user clicks the link for the faux site, they will enter their login information, and the site will steal the information they entered.
Information security analysts should educate users not to click on links or login prompts from any email, even if it appears reputable; instead, they should go directly to the site. As well, having a robust firewall and spam filter can block malicious emails.
Why does security matter?
This is an information security analyst interview question you’ll get not only in your interview but also throughout your job. Information security analysts will constantly have to justify the time, expense, and personnel it takes to secure a system.
The correct response should highlight the costs of not having security — how high-profile data breaches can cost companies millions in fines and revenue losses, how identity theft can devastate individuals, and that constant attacks and leakages can bring a company down just as easily as a natural disaster. Make sure that you make it understandable and not full of jargon, which is what interviewers will want you to be able to do when explaining it to non-IT employees.