Most threats initiated from endpoint devices are stealthy and difficult to detect. How do you help your clients understand this and what do you recommend they do to expose and quickly resolve the attacks?

How to Answer
1st Answer Example
2nd Answer Example

The interviewer is trying to determine if you can make a recommendation for a solution which addresses the issue, meets the client requirements and uses Tanium's products or services to solve the problem.

"Threats originating on endpoint devices are often caused by bad behavior (usually unintentional) by the users and are generally not immediately reported. System administrators need to have measures in place to automatically detect and respond to the threats. I believe Tanium's suite of products and services offer remote analytics, threat intelligence and always-on services which respond to the threat. The software provides higher visibility into endpoint devices and stronger detection analytics than other products. It also employs technologies such as sandboxing, security information and event management (SIEM) and orchestration. All of these are critical to effective endpoint security. When selecting a security management product, you need to make sure that it has these features and a high degree of automation."

"The problem with intrusions which originate from endpoint devices is that they are hard to detect and respond to. It is important to select a security management product suite which is highly automated, so it detects threats from endpoint devices quickly and takes immediate action to resolve the issue. I believe Tanium's products and services accomplish this by employing remote analytics, threat intelligence and always-on services which respond to the threat. The software provides higher visibility into endpoint devices and stronger detection analytics than other products. It also employs technologies such as sandboxing, security information and event management (SIEM) and orchestration. All of these are critical to effective endpoint security. "

Next Question

How to Answer: Most threats initiated from endpoint devices are stealthy and difficult to detect. How do you help your clients understand this and what do you recommend they do to expose and quickly resolve the attacks?

Advice and answer examples written specifically for a Tanium job interview.

11. Most threats initiated from endpoint devices are stealthy and difficult to detect. How do you help your clients understand this and what do you recommend they do to expose and quickly resolve the attacks?

How to Answer

The interviewer is trying to determine if you can make a recommendation for a solution which addresses the issue, meets the client requirements and uses Tanium's products or services to solve the problem.

1st Answer Example

"Threats originating on endpoint devices are often caused by bad behavior (usually unintentional) by the users and are generally not immediately reported. System administrators need to have measures in place to automatically detect and respond to the threats. I believe Tanium's suite of products and services offer remote analytics, threat intelligence and always-on services which respond to the threat. The software provides higher visibility into endpoint devices and stronger detection analytics than other products. It also employs technologies such as sandboxing, security information and event management (SIEM) and orchestration. All of these are critical to effective endpoint security. When selecting a security management product, you need to make sure that it has these features and a high degree of automation."

2nd Answer Example

"The problem with intrusions which originate from endpoint devices is that they are hard to detect and respond to. It is important to select a security management product suite which is highly automated, so it detects threats from endpoint devices quickly and takes immediate action to resolve the issue. I believe Tanium's products and services accomplish this by employing remote analytics, threat intelligence and always-on services which respond to the threat. The software provides higher visibility into endpoint devices and stronger detection analytics than other products. It also employs technologies such as sandboxing, security information and event management (SIEM) and orchestration. All of these are critical to effective endpoint security. "

Next Question