Here are the questions and answers asked in the interview of information security.
Q1. Explain what is the role of information security analyst?
Ans: As an information security analyst, you need to perform many tasks to secure an organization from any cyber attack. I am listing some of them:
- Conducting regular Vulnerability Assessment (VA)/Penetration Testing(PT) of IT infrastructure
- Prepare the plan to secure assets of an organization
- Updates deployed software regularly
- Implement IDS/IPS in the network for monitoring of traffic
- Recommending purchases of security infrastructure such as firewall, load balancer, antivirus etc.
- Analyse the root cause of any security breach in past
- Conduct session to impart training to employees of an organization
- Suggest tools and techniques enhance the security of an organization
- Responsible for conducting security audits
- Responsible for creating security policies for an organization
- Plan and implement recovery of organization data in case of any network disaster
Q2. Mention what is data leakage? What are the factors that can cause data leakage?
Ans: In simple terms, data leakage is defined as the availability of confidential data to the unauthorized person. There can be many reasons for data leakage such as security breach by the hacker, security misconfiguration of servers, backup is stored at the less secure place, logical flow in a web application which results in data leak etc.
Q3. List out the steps to successful data loss prevention controls?
Ans: I am listing some data loss prevention controls. Although this list is not exhaustive, by going through you have a clear idea regarding possible steps for data prevention controls.
- create an information risk profile for every data stored in the data center
- create impact severity and response chart which helps an organization to categorize data
- based on severity, plan to prioritize the breach incidents
- assign and document roles and responsibilities of the network administrator, incident analyst, auditor, and forensic investigator
- implement data loss prevention controls
- monitor and review the results of techniques you deployed for data loss prevention weekly or monthly based on criticality.
Q4. Explain what is the 80/20 rule of networking?
Ans: 80/20 is a rule used for describing the IP networks. According to this rule, 80% of network traffic should remain local while only 20% should be routed towards a remote network. This rule is more applicable for small-medium sized network environment.
Q5. Mention what are personal traits you should consider protecting data?
Ans: If you want to protect data on your personal computer, I am listing some measures:
- Always use genuine software
- Install antivirus/anti-spyware
- Never share your password with anyone
- If possible, always encrypt your personal data
- Ensure the operating system is updated with security patches
- plan to back up your data
Q6. What is WEP cracking?
Ans: WEP stands for Wired Equivalent Privacy (WEP) and it is a security algorithm for wireless networks. Now, as the name suggests, WEP cracking signifies exploitation of vulnerabilities present in the wireless network and access confidential information.
Q7. Explain what is phishing? How can it be prevented?
Ans: Phishing is a technique to fool users to submit confidential information such as passwords and credit card numbers on fake web pages.
- If possible, only interact with secure websites
- Never download an attachment from an unknown person
- Never email your financial information
Q8. Mention what are web server vulnerabilities?
Ans: There is a list of web server vulnerabilities :
- Default settings
- Default username and password
- Security Patches not installed regularly
- vulnerabilities in the operating system
Q9. List out the techniques used to prevent web server attacks?
Ans: There is a list of techniques used to prevent web server attacks:
- Secure installation and configuration of the OS
- Safe installation and configuration of the web server software
- Scanning system vulnerability
- Remote administration disabling
- Removing of unused and default account
- Changing of default ports and settings to customs port and settings
- Anti-virus and firewalls
Q10. For security analyst what are the useful certification?
- Security Essentials (GSEC): Good for systems security administration.
- Certified Security Leadership: Enhancing knowledge in how to lead the security team.
- CISSP: Good for mid-level management people in Information Security.
- Certified Forensic Analyst: It helps in enhancing knowledge to collect and analyze data from Windows and Linux computer systems.
- Certified Firewall Analyst: It helps in enhancing knowledge in configuring routers, firewalls, and perimeter defense systems.
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.