106857342-1616423218174-adviser-ambition-boss-business-businessman-calling-career-caucasian-chief-comfortable-confident-desk_t20_GJ3G00.jpegWe will be discussing five cyber security interview questions, but before we do just a quick disclaimer, these questions are not guaranteed to be asked your interview. I pulled all today's questions and answers from our website where we brought in nearly 100 different professional interviewers to create all their interview questions and answer examples.

我们将讨论五个网络安全面试问题,但在我们做一个简短的免责声明之前,这些问题不能保证在面试中被问到。我从我们的网站上下载了今天所有的问题和答案,我们在那里请了近100位不同的专业面试官来创建他们所有的面试问题和答案示例。

So in this video, we will dive into what I believe are five best cyber security interview questions with answer examples, let's get started.

因此,在本视频中,我们将深入探讨我认为最好的五个网络安全面试问题,并提供答案示例,让我们开始吧。

question one, how do you protect connected mobile devices on your network from cyber attacks? The use of mobile and connected devices is becoming a way of life in the corporate world. Network systems and cyber security engineers have to be on the defensive when it comes to mobile and connecting devices that enter their workplace. They don't know if a smartphone, for example, has delicious APP on employees phone and if by unknowingly having that in compromise or networks or systems, this is a question that interviewer likely ask. They may go as far as asking what kind of set up you have at home for your connected devices. The reason hiring manual assets is how well protected you are at home. And if you apply these same practices and principles at work, it's important that you are aware of the types of attacks that can occur on mobile and connected devices.

问题一,如何保护网络上的联网移动设备免受网络攻击?移动和联网设备的使用正在成为企业界的一种生活方式。当移动和连接设备进入他们的工作场所时,网络系统和网络安全工程师必须处于守势。例如,他们不知道智能手机是否在员工的手机上安装了Delicious应用程序,也不知道是否在不知不觉中损害了网络或系统,这是面试官可能会问的问题。他们可能会问你在家里为你的联网设备做了什么样的设置。使用手动资产的原因是您在家中受到的保护程度。如果您在工作中应用这些相同的实践和原则,了解移动和连接设备上可能发生的攻击类型非常重要。

Here's an answer example from our website. Since I also have a mobile phone and several connected devices at home and work, I do take extra precautions to make sure that what I load on my phone and device is safe and virus Free. I do this by researching the software or APP before download again. I'm also careful not to grant our permissions to access functions on my mobile device either. In my current role, I take steps necessary to safeguard noble devices and users against attacks. I've developed a checklist that I share with our employees, make sure they follow safe practices. Here's an example of my list. You strong, unique passwords at antivirus software to devices, review APP permissions before giving access used to step multi factor authentication. Keep your software up to date on a regular basis. Disabled features. You may not use question two, do you have a cyber security incident response plan?

下面是我们网站上的一个答案示例。由于我在家里和办公室也有一部手机和几个联网设备,我确实采取了额外的预防措施,以确保我在手机和设备上加载的内容是安全和无病毒的。我通过在再次下载之前研究软件或应用程序来做到这一点。我也很小心,不授予我们访问我的移动设备上的功能的权限。在我目前的角色中,我采取必要的措施来保护Noble设备和用户免受攻击。我已经制定了一份清单,并与我们的员工分享,确保他们遵循安全做法。这是我的清单的一个例子。您在防病毒软件设备上的强大、唯一的密码,在授予用于步骤多因素身份验证的访问权限之前,请查看应用程序权限。定期更新您的软件。禁用的功能。您可能不会使用问题二,您是否有网络安全事件响应计划?

First of all, companies should have a cyber security incident response plan. If you worked in Information security for any amount of time, you should be familiar with incident response. The makeup of an incident response plan will probably include the following components, a an incident response team and BA workforce continuity plan and c a summary or inventory of tools and technologies, within the environment.

首先,公司应该有一个网络安全事件响应计划。如果您在信息安全部门工作过一段时间,您应该熟悉事件响应。事件响应计划的组成可能包括以下组成部分:a事件响应团队和BA劳动力连续性计划,以及C环境中工具和技术的摘要或清单。

It's fair to say that in a real likely wanna know what part of the incident response plan you are responsible for if a saber attack would happen, or if a critical security event has been detected, give some thought as to how you would respond to this question. I suggest you give the interview some insight until the plan was developed. And if you had any involvement or input and putting the plan together, this tells the interviewer that you are an instrumental part of the planning process from the planning to the execution of this plan.

公平地说,在一个真正可能想知道如果发生Saber攻击,或者如果检测到关键安全事件,您负责事件响应计划的哪一部分的情况下,考虑一下您将如何应对这个问题。我建议你在制定计划之前,给面试一些深刻的见解。如果你有任何参与或投入,并把计划放在一起,这告诉面试官,你是计划过程中的一个重要部分,从计划到执行这个计划。

At my current company. I was intimately involved in the development of our cyber security incident response plan. I was responsible for overseeing the planning strategy as well as operational and tactical execution of the incident response plan.

在我现在的公司。我密切参与了我们的网络安全事件响应计划的制定。我负责监督规划战略以及事件响应计划的操作和战术执行。

As for our company policy, we follow the NIST computer security incident handling Guide. Here's a breakdown of, the structure of the plan that I helped develop. One, detection and analysis includes everything for monitoring potential attacks to looking for signs of an incident to train staff on detection, containment, eradication, and recovery. Three, identifying the source of potential attacks for containment and recovery. This involves disabling network systems, access and installing security patches to resolve vulnerabilities. Five, assess the damage. Question three, which user applications have you found are most susceptible to being hacked. If you were to look at data going back to the last 10 years, you'll find the majority of applications that were hacked are in the banking and finance industry.

至于我们的公司政策,我们遵循NIST计算机安全事件处理指南。这是我帮助制定的计划结构的分解。第一,检测和分析包括监控潜在攻击、寻找事件迹象、培训员工进行检测、遏制、根除和恢复的所有内容。第三,识别潜在攻击的来源,以进行遏制和恢复。这包括禁用网络系统、访问和安装安全补丁以解决漏洞。五、评估损失。问题三,您发现哪些用户应用程序最容易被黑客攻击。如果你查看过去10年的数据,你会发现大多数被黑客攻击的应用程序都在银行和金融行业。

This is important to know because the employment prospect that you are applying to is in this industry, you likely be asked this question, answering this question with knowledge about what types of applications will get hacked the. Most will help the interviewer understand the depth of your knowledge on this subject.

知道这一点很重要,因为你申请的就业前景是在这个行业,你可能会被问到这个问题,回答这个问题的知识是关于什么类型的应用程序会被黑客攻击。大多数都会帮助面试官了解你在这个问题上的知识深度。

A good way to start answering these types of questions is to give examples of recent hacks that have happened in the industry of the company you are interviewing with. To really show your knowledge on this topic, give the interview a brief on what industries made changes that were implemented to avoid this from happening again. It's been my experience that the banking and finance industry has been especially targeted by hackers the. Most. One of the biggest reasons is obviously financial game. Hackers seem to find vulnerabilities within banking apps and exploit them. It's estimated that 85 % of web apps that are tested have flaws that hackers were able to penetrate. Using apps on your mobile phone can be risky, especially if you do any sort of financial transactions. As a company policy, we have implemented two factor authentication for all our users. This has helped reduce hacking attempts within our corporate environment significantly. We also encourage our users to update their devices on a weekly basis, too.

开始回答这类问题的一个好方法是给出你正在面试的公司所在行业最近发生的黑客攻击的例子。为了真正展示你在这个话题上的知识,请在面试中简要介绍哪些行业做出了改变,以避免这种情况再次发生。根据我的经验,银行和金融业尤其是黑客攻击的目标。大多数。其中最大的原因显然是金融博弈。黑客似乎发现了银行应用程序中的漏洞并加以利用。据估计,经过测试的85%的Web应用程序都存在黑客能够侵入的缺陷。在手机上使用应用程序可能会有风险,尤其是在进行任何形式的金融交易时。作为一项公司政策,我们为所有用户实施了双因素身份验证。这有助于显著减少我们企业环境中的黑客攻击企图。我们还鼓励用户每周更新设备。

Can you tell me the difference between coding, encryption and hashing and why they are important? Let's begin with what coding encryption and hashing means and their importance it security encoding to encode something that is to communicate a message in a way that the receiver will clearly understand. Hashing is an integrity method to validate data. Encryption is making data unreadable by anyone, except those who know the secret shared key. Being able to the difference between coding encryption and hashing is very important. If you want to get past the first round interview. This is a common question. Use the weed out Junior level. It security candidates all three are important to enable security. At every level. I have a thorough understanding of encoding, passion, and impression. I know that with encoding, I need to be mindful of the standards that are used for the receiver and sender. Since every receiver will not support the same standards.

你能告诉我编码、加密和哈希之间的区别以及为什么它们很重要吗?让我们从编码、加密和哈希的含义以及它们的重要性开始。安全编码是对某种东西进行编码,即以接收者可以清楚理解的方式传递消息。哈希是一种验证数据完整性的方法。加密使任何人都无法读取数据,但知道共享密钥的人除外。能够区分编码加密和哈希之间的区别是非常重要的。如果你想通过第一轮面试。这是一个常见的问题。使用淘汰初级水平。IT安全候选所有这三项对于实现安全性都很重要。在每一个层面。我对编码、激情和印象有着透彻的理解。我知道,对于编码,我需要注意接收者和发送者所使用的标准。因为每个接收器不会支持相同的标准。

For hashing, my name purpose is secure. The storage of passwords. As far as encryption, I like to make sure that whomever I send an encrypted message to as a capability and secret key to decrypt my message, this is a safe, insecure way to communicate with others for the intended party to your message.

对于哈希,我的名字和目的是安全的。密码的存储。至于加密,我想确保无论我将加密消息发送给谁,作为解密我的消息的能力和密钥,这都是一种安全、不安全的方式,可以与您的消息的目标方进行通信。

Question five, what is the difference between ecd and CDC and it security environment? Let's start with what these two entities mean. Ecb electronic code book is basically raw cipher. You have a block that needs be encrypted as an output. If you don't encrypt the block and might show up as cipher text, CBC cipher, block chaining, essentially isn't initialization vector. It converts plain text to cyber attacks. These methods of operational configuration allow those ciphers to work with large data streams without the risk of compromising security.

问题五,ECD和CDC与IT安全环境有什么区别?让我们从这两个实体的含义开始。ECB电子密码本基本上是原始密码。您有一个需要加密为输出的块。如果你不加密块,可能会显示为密文,CBC密码,块链接,本质上不是初始化向量。它将纯文本转换为网络攻击。这些操作配置方法允许这些密码处理大型数据流,而不会有损害安全性的风险。

Essentially, what the hiring manager wants to know is if you understand the differences between ecb and CBC they'll ask questions similar to our cyber attacks blocks, decrypted separately, or is it possible to encrypt and decrypt simultaneous threads?

从本质上讲,招聘经理想知道的是,如果你了解ECB和CBC之间的区别,他们会问一些类似于我们的网络攻击块的问题,分别解密,或者是否可以同时加密和解密线程?

Other questions that may come up are how can an image be encrypted? What's the standard protocol to do so? Or perhaps what's the difference between separate text and plain text anytime that I need to encrypt blocks of data and ecb mode? I can always use many threads simultaneously, but I always encrypt plain text blocks separately for security purposes. The difference between the two is that with cbci need to add xor to each plain text block to the block that was previously produced with edc is the, simplest mode of encryption. The result is that encrypted using a cipher algorithm. In the usual way, CDC is a little different because the initialization vector needs to be created randomly by the sender.

其他可能出现的问题是如何加密图像?这样做的标准协议是什么?或者,在我需要加密数据块和ECB模式的任何时候,单独文本和纯文本之间有什么区别?我总是可以同时使用多个线程,但出于安全目的,我总是单独加密纯文本块。两者之间的区别在于,使用CBCI需要将XOR添加到每个纯文本块中,而先前使用EDC生成的块是最简单的加密模式。结果是使用密码算法加密。在通常的方式中,CDC稍有不同,因为初始化向量需要由发送方随机创建。