1. What type of Security you use in your Home Network?
2. What you know about global information Security policy or Information Security
policy in the organization / Does your organization have a security policy ?
If you say yes – then make sure you have read it because they might ask you leading
question from there.
3. Differentiate between Vulnerability, Threat and Risk and give any real life analogy?
4. How you Secure you Windows and Linux Server ?
5. What is the difference between filter and blocked ports ?
6. What ports does Ping uses ?
7. Why it is important to monitor DNS ?
8. What is the difference between MD5 , SHA1 and AES ?
9. If you have to store a password in the database how will you store it ?
10. What is a salt in Security?
11. What is rainbow table attack and how you protect your system against it ?
12. Do you know what is OWASP can you tell me top 5 vulnerabilities?
13. What is SQL injection / CSRF / Cross site scripting ?
14. What is the difference between SSL and HTTPS?
15. Where do you get your cybersecurity news/ updates ?
16. Difference between IPS / IDS ?
17. Difference between Symmetric and Asymmetric Encryption?
18. Know the port numbers DHCP, DNS, HTTP/S and others?
19. What is the difference between FTPS and SFTP?
20. What is white-box and black-box pentesting ?
21. What you know about GDPR ?
22. What are the different response codes?
23. What you know about Tracert / Traceroute?
24. What is DOS / DDOS and how you mitigate against it ?
25. What is WAF and what you know about it ?
26. What are iptables in Linux?
27. What is False positive / False negative / True positive and True Negative ?
28. What does this command do “chmod 777 *”? Is there any security concern?
29. What does this command do in linux “kill -9 2173”?
30. Explain OSI Layer model in as much detail you can ?
31. What is False positive / False negative / True positive and True Negative ?
32. Name some InfoSec conferences you attend ?
33. What you know NIST , USCert , ISO27001 , PCI DSS ?
34. What is @virtustotal ?
35. What is ARP spoofing and how you protect your network from it ?
36. What is the difference between TCP / UDP and what you prefer ?
37. How does a key logger works ?
38. What is a Malware ?
39. What is a TCP Flag ?
40. What is difference between SIEM and Network Forensic ?
41. What is TCP transport layer protocol ?
42. What is TCP transport layer protocol ?
43. What does CIA stand for ?
44. Video communication uses TCP od UDP ?
45. Which version is vulnerable for heartbleed vulnerability ?
46. What is ARP poisoning ?
47. What is Smurf Attack ?
48. What is MITM, Man-in-the-Mid attack?
49. What are 7 Layers of OSI Model ?
50. What is Encoding, Encryption and Hashing ?
51. What happened when you type http://google.com in your browser?
52. What would you do if your organization attacked by a Malware?
53. What is the last known worldwide attack and how did you managed it?
54 How will you test Financial applications. ?
55. How will you manage vulnerabilities and approaches in case you headstart from very bottom.
56. What Tools you worked on and how long?
57. Which security certifications you have?
If You want to share detail answers let me know i will love to publish them with proper credit.
Hi Mate,
ReplyDeleteI checked your whole blog on Cyber Security questions. This the best collection of questions. Keep posting such type of Knowledgeable content.