Cyber Security is an interesting domain and so are the interviews. Owning to the broad range of topics in the information security domain, identifying the key areas seems challenging. From the perspective of the industry, some concepts definitely need a strong hold to stay firm in this domain. A few questions mentioned below constitute the most frequently asked interview questions and make sure you understand all of the clearly.
2. What is a risk matrix. why its important?
Risk Matrix is a methodology adopted to map the results of risk assessment process for appropriate handling. An organization management typically adopts risk treatment for “Extreme” and “High” risks. “Medium” risks are usually decided upon the risk appetite of the organization. Low risks are
L : Low Risk
H: High Risk
E: Extreme Risk
Read the Cyber Incident Response Checklist
3. What is SSL and why its important
SSL (Secure Sockets Layer) is a standard security protocol used for establishing encrypted communication channel between a browser and web server in an online communication.
The advantage of SSL lies in the fact that since the data is encrypted, any attempt to intercept the data may give access to encrypted data only. This results in secure transmission of data including identity information like username, passwords e.t.c.
4. Where do you get your security news?
Its of utmost importance to stay updated in the field of information security. The treat landscape is constantly evolving with new threat vectors getting introduced. Numerous sources for security news are available today. The ones that are followed by me are as follows:
- The Hacker News
- Krebs on Security
- Trend Micro Blog
- Threat Post
- Naked Security
5. Explain phishing and how it can be prevented.
Phishing is a method of trying to gather personal information such as usernames, passwords and credit card details using deceptive e-mails and websites.
Phishing can be prevented and/or the damages can be minimized by adopting advanced technical security measures, specialized trainings, public awareness etc. ‘
6. What do you understand by hashing. Explain
Hashing is a technique for ensuring the integrity of the data, as it helps to ascertain that data has not been modified from its original form. With the use of hashing algorithms like MD5, SHA1, SHA2 amd SHA3, an irreversible fixed length hash value is generated for the provided dataset. This hash value is unique to the supplied input and will drastically change in case of the slightest modification to the supplied input.
Hashing is commonly used in implementing digital signatures and back-end password storage.