Cyber Security Job Interview Questions

Published
12 Apr 2018

12 Apr 2018

The first thing to remember in an interview for a job in cyber security is to keep your answers relevant, simple and concise. The realm of information security is as broad as it’s wide, ranging from entry level techs to top level security clearance positions. As a result the types of questions you can expect at interview of course evolve with seniority. Starting at the point of entry level we’ve identified the areas you should swot up on if you are hoping to work in cyber security.
 

Entry Level

Interview questions for entry level cyber security jobs are primarily focused on your basic skillset, understanding and personality.
 

What is the difference between risk, vulnerability and threat?

Use simple examples to explain. The vulnerability is the weak spot in the system, the threat is the attacker looking to expose that weak spot and the risk is the possible loss that would be incurred should the system’s weaknesses be attacked.
 

Where do you source your daily news checks?

Your interviewer wants to see that you’re keeping abreast of cyber security trends and breaches. Good sources to follow or subscribe to include IT Security Guru (@IT_SecGuru), Paul’s Security Weekly (@securityweekly), Dark Reading, InfoSecurity Magazine, Naked Security, CSO Online, ThreatPost, Pentest mag and the hacker news among others. Do your research and pick the ones that are relevant to you and the type of security you’re interested in working in.
 

Talk about your home network

Your answer will show your individual process and commitment to constantly learning by disassembling and fixing things in your own time.
 

Name your personal achievements and/or certifications

Keep it simple and relevant to the job you’re interviewing for. Here you want to demonstrate what motivates you, what got you excited about cyber security and where you hope to progress to.
 

What is the difference between symmetric and asymmetric encryption?

This is a very big topic so keep your answer short. Simply put, symmetric is faster as it uses the same key for encryption and decryption unlike asymmetric which uses different keys for each.
 

When would you use traceroute?

Also known as tracert, you should be familiar with it as a tool used to identify where along the chain of communications eg. Firewall, router, IP etc the connection was broken.
 

What is a firewall?

Every cyber professional worth his salt hashing* should know the answer to this one.
 

In light of recent cyber-attacks, give us examples of what you’ve done to protect your organisation as a security professional?

Your interviewer is looking for an answer which points to the process you employed to manage the incident.
 

Knowledge of coding languages?

As long as you know what the likes of C, SQL, C#, HTML, Ruby, Java, Python, PHP, C++ and JavaScript are here, you’re good to go. You need to show some understanding though not necessarily be an expert.
 

What is CSRF?

Cross Site Request Forgery, or when the server doesn’t first check the authenticity of where the request came from to ensure it’s a trusted source.
 

What is a security misconfiguration?

This is a simple case of a vulnerability being created by lazy login handling, ie. not changing the default username or password or choosing a login that’s so simple your kid brother could guess it.
 

Can you identify the difference between a white, black and grey hat hacker?

White hack with authority, black hack without and grey are mostly white but sometimes perform unauthorised activities.
 

Difference between encryption and hashing?

Encryption is about ensuring the confidentiality of information, while hashing seeks to preserve its integrity. Plus the former is reversible while the latter is not.
 

What is XSS?

To answer this effectively you need to be well-versed on the different types of XSS (cross site scripting) and how their countermeasures work, the most common of which is input validation.
 

Difference between IPS and IDS?

Operating on the same principle, both detect an intrusion but IPS goes one step further to prevent it. They are also positioned at different points in the network.
 

Are you familiar with the CIA triangle?

Knowing the answer to this is more about showing your understanding of how information within cyber security should be treated. From confidentiality in keeping the information secret, to integrity which ensures it is not altered and finally availability to make it accessible to relevant authorised parties at all times.