Skip to main content

Information Security Profile Questions

One of the friend asked this question in one of the popular forums, i thought I should keep copy of my answer in my blog as well.
What sort of interview questions can be asked in information security profile?
It depends on your role under information security profile, If you are ininformation security engineering role, questions will be more from tools andtechnologies and security audit and analysis methodologies. Questions may comefrom application security(OWASP TOP10), network security or computer forensics.

 In the corporate world no one expects an information security engineer to bemaster of all the security disciplines.

 Questions from different operating system techniques and popular web serversand information security architecture will be asked. Various operating system administrationdetails questions may surface. Vulnerability assessment is another topic whichcan be discussed.

 Security consultant as a profession itself is about being specialist notjournalist. So solid understanding of how systems work is always appreciated. Inthe interview you should talk about the specifics of technologies, tools andmethods. High level overview may not help much. It’s not always about what cancome interview but it is also about projecting your knowledge and show them howthat can be beneficial for your company.

 If you are in information security management role then you are expected toknow about different compliance, policies and standards like PCI-DSS,ISO 27000etc.

 Some of the things that can help you to showcase your knowledge –

 1. Your previous speaking assignments if any
2. Publications
3. Contribution on open source security tools.
4. Any interesting threat identification and preventionexample.
5. Industry certifications

 And Yes very important thing – interviewer would definitely ask you about whatyou do to keep yourself updated on recent security incidents. Be prepared for that!
Labels:

Comments

Post a Comment

Popular posts from this blog

The Bourne Betrayal | Book Review

Novel by Eric Van Lustbader and Robert Ludlum I like all Robert Ludlum’s novels including those which are written by Evan Lastbadder. To me his novels have taken fiction to the next level. During my way back to Hyderabad from my last summer trip to hometown I bought paperback version of “The Bourne Betryal”. This novel was full of Lastbadder’s style of writing than Robert Ludlum’s one.  I took almost 6 months to complete it. This novel has something different to offer actually. Plot is exciting but the story is not very accelerating. Jason bourn and Martin Lindros, When martin Lindros decided to come back in the field operations with the aim to destroy Fadi and When Martin is out the track , Jason is the only help possible in the situation. Story takes you through various struggle of Jason to bring Martin back home. There are few things where author has not even paid any attention for example how does an ordinary Pakistani Waiter will have that much of information   Towa...
Post a Comment
Read more

ipconfig/displaydns

Why does the aboave command prints URLs, Websites addresses that we have never accessed before ? When your system communicates with the DNS server for resolvingthe name queries, Your system builds the cache over the perios of time, This cache normally contains records from the host file and also the retrieved records from the recently resolved queries. Coming to the question that the site which were never accessed showing up there. DNS cache notes down positive and negative results as well. as you know caching is all about performance improvment. Now lets say you accessed Website1 and Website1 has some functionalities which makes it to communicate with Website2. Now Fortunately or unfortunately Website2 is blocked in your network and name query for this Website is not resolved. Still this unresolved queries will be recorded in DNS cache. I think those results are coming as they were initiated from your system implicitly. Issue this command to clean the DNS cache
Post a Comment
Read more

New Programming Language, Do we really need ?

We have seen multiple new programming languages every year and question which is commonly asked is Will there always be new programming languages coming out? I believe  many new programming languages will keep coming and many are on the way. Technologies are evolving around us will make it fairly easy; everyday big corporation and tech individual/communities are making consistent progress towards technological advancement. If you observe every new programming language has one thing in common and that is they are based on software engineering principals, you will find same loop, iteration, conditional processing and stuff like that. What makes them different is Adoption, you can make your own programming language using other languages but it will only be popular when it can convince large tech community on the ground of Efficiency, Security, Agility, Portability, platform support etc. Wikipedia has impressive List of programming languages We have seen many languages in the pa...
Post a Comment
Read more