MockQuestions

Tanium Mock Interview

Question 9 of 25 for our Tanium Mock Interview

Get More Information About Our Tanium Interview Questions

Question 9 of 25

What's the difference between a threat, vulnerability, and a risk, and how do you assess the severity of a threat for example?

If you're a (CISSP) Certified Information Systems Security Professional, then you should know the difference between a threat, a vulnerability, and a risk. When you're starting a new job, you don't know the new environment, so you need to gather some basic information about where everything is, and how things were operating before you came along.

One of the first things you'll need to do is assess the landscape. You'll probably need to locate where the data resides, who is or was managing the data, and what the network diagram looks like. The hiring manager wants to see if you are experienced enough to ask these questions so that they know they're not dealing with a junior level candidate with limited experience in these areas.

After you have outlined what you would do when you start, they will dig a little deeper and ask you to explain the differences between threat, vulnerability and risk, and how you assess threats. As a general rule, you should talk about the differentiators among the three first, and then the process you follow to assess a threat. The interviewer's attention will be focused on how you assess a threat.

Here are a few items you may want to research further regarding assessments. Visibility touch points, Ingress and Egress filtering, and Vulnerability Assessments.

Next Question

How to Answer: What's the difference between a threat, vulnerability, and a risk, and how do you assess the severity of a threat for example?

Advice and answer examples written specifically for a Tanium job interview.

  • 9. What's the difference between a threat, vulnerability, and a risk, and how do you assess the severity of a threat for example?

      How to Answer

      If you're a (CISSP) Certified Information Systems Security Professional, then you should know the difference between a threat, a vulnerability, and a risk. When you're starting a new job, you don't know the new environment, so you need to gather some basic information about where everything is, and how things were operating before you came along.

      One of the first things you'll need to do is assess the landscape. You'll probably need to locate where the data resides, who is or was managing the data, and what the network diagram looks like. The hiring manager wants to see if you are experienced enough to ask these questions so that they know they're not dealing with a junior level candidate with limited experience in these areas.

      After you have outlined what you would do when you start, they will dig a little deeper and ask you to explain the differences between threat, vulnerability and risk, and how you assess threats. As a general rule, you should talk about the differentiators among the three first, and then the process you follow to assess a threat. The interviewer's attention will be focused on how you assess a threat.

      Here are a few items you may want to research further regarding assessments. Visibility touch points, Ingress and Egress filtering, and Vulnerability Assessments.

      1st Answer Example

      "My answer is that vulnerabilities should usually be the main focus of an organization since there is little control over the volume and consistency of threats that come in daily. In past roles when I started with a new company, the first thing that was on my task list was to perform a vulnerability assessment. This revealed a lot about the current state of risks and vulnerabilities to the network, and what needed to be done to close those gaps and secure all entry ports into the network. After doing a full assessment, I recorded visibility touch points to monitor where threats came from, and the strength and weakness of our vulnerabilities which helped me map out a long-term IT Security strategy plan."

      2nd Answer Example

      "I've always been a strong believer that the best defense is a good offense. Companies are always under network security attacks, and if you leave yourself vulnerable, it's almost like playing whack-a-mole. You're constantly on the defensive when you should be pro-actively offensive. One of the methods I implemented in my last company was a Defense Threat Modeling method. This method takes monitoring to a new level by pro-actively seeking out methods that hackers use to infiltrate systems while being undetected. At the same time, I keep up to date with online periodicals from IT Security sources to learn about new threats and the risks they represent. Another way that I combat threats is by using Ingress and Egress Filtering. The Ingress method is used to prevent suspicious traffic from entering a network, and the Egress method is used to monitor or restrict data by means of a firewall that blocks packets that fail to meet the established security requirements."