Cyber Security is an interesting domain and so are the interviews. Owing to the broad range of topics in the information security domain, identifying the key areas seems challenging. From the perspective of the industry, some concepts definitely need a stronghold to stay firm in this domain. A few questions mentioned below constitute the most frequently asked interview questions and make sure you understand all of the clear.
1.Why do you think that Data Classification is important?
Data classification is the process of organizing data by agreed-on categories. Data classification provides a solid foundation for a data security strategy because it helps identify risky areas in the IT network.
Data Classification is important primarily because of the following:
Security of critical data: Protecting what you know is important as per classification helps in creating a better protection strategy.
Compliance with regulatory mandates: Data Classification is an important aspect in many of the regulatory standards as it serves as the primary step for applying relevant protection mechanisms. Compliance standards require organizations to protect specific data, such as cardholder information (PCI DSS), health records (HIPAA), financial data (SOX) or EU residents’ personal data (GDPR).
2. Briefly, explain about advanced persistent threat.
An advanced persistent threat is an attack in which an unauthorized user gains access to a system or network and remains there for an extended period of time without being detected.
Advanced persistent threats, once used primarily to target high-profile organizations or companies with high-value data. Traditional cyber security measures such as defense-in-depth, firewalls and antivirus cannot protect against an APT attack and dedicated advanced security solutions are required for catering to APT threats.
3. What do you understand by zero-day attacks? Give an example.
A zero-day attack is an attack that targets publicly known but still unpatched vulnerabilities.
A zero-day attack happens once that flaw or vulnerability is exploited and attackers release malware before a developer has an opportunity to create a patch to fix the vulnerability. Zero-day exploits are extremely dangerous because product developers are unaware of them and hence no patches are available.
Once a patch is written and used, the exploit is no longer called a zero-day exploit.
EXAMPLE: The Double Kill zero-day Internet Explorer vulnerability was patched by Microsoft in May 2019. As per reports, this vulnerability was being actively exploited in the wild by hackers across the Globe.
4. What are the sources you commonly use to stay updated with recent news and trends.
There are numerous online websites and blogs dedicated to cybersecurity, however, my personal favorites are as follows: