MockQuestions MockQuestions
Interviews Questions by Career
Interviews Questions by Company
Interviews Questions by Topic
Get Started
Interview Coach 1:1
Gain the confidence you need by asking our professionals any interview scenario, question, or answer you are unsure about.
Let Us Review Your Answers
Our interviewing professionals will gladly review and revise any answer you send us. Allowing you to craft perfect responses for your next job interview.
Interview Questions by Topic
Interview Questions by Career
Interview Questions by Company

Cyber Security Interview
Questions

24 Questions and Answers by Tom Dushaj

Updated December 6th, 2019 | Tom Dushaj is a business and technology executive and an accomplished author of the book "Resumes That Work".
Question 1 of 24
Explain the differences between TLS, SSL, and HTTPS, and what are the cyber security benefits?
Click to View Answers
How to Answer
TLS means Transport Layer Security. HTTPS is a hyper-text transfer protocol. In a network, HTTPS secures communications. HTTPS is a secure HTTP version. An SSL/TLS connection secures any communication sent online. All ongoing communications between the browser and servers are encrypted safely. Your cyber security depends on HTTPS, SSL and TLS. Websites that don't include all the cyber security measures will get a penalty by Google. Interviewers will ask a number of different questions about TLS, SSL, and HTTPS. Some of the common ones will be how each one of these work, and how they are used. You'll probably be asked to give examples of each in a hypothetical environment. I'll cover a few scenarios below in my answers. It's important to do a thorough walk-through and give examples with scenarios of each.
1000s of Interview Questions
Win your next job by practicing from our question bank. We have thousands of questions and answers created by interview experts.
1.
Explain the differences between TLS, SSL, and HTTPS, and what are the cyber security benefits?
TLS means Transport Layer Security. HTTPS is a hyper-text transfer protocol. In a network, HTTPS secures communications. HTTPS is a secure HTTP version. An SSL/TLS connection secures any communication sent online. All ongoing communications between the browser and servers are encrypted safely. Your cyber security depends on HTTPS, SSL and TLS. Websites that don't include all the cyber security measures will get a penalty by Google. Interviewers will ask a number of different questions about TLS, SSL, and HTTPS. Some of the common ones will be how each one of these work, and how they are used. You'll probably be asked to give examples of each in a hypothetical environment. I'll cover a few scenarios below in my answers. It's important to do a thorough walk-through and give examples with scenarios of each.

Tom's Answer #1
"Securing and protecting our corporate website has always been our highest priority. When I assess how secure our sites are, I look at all the possible vulnerabilities within our systems, and take steps necessary to identify where those weaknesses might be. Let's say your site takes your viewers to a different page to use their credit cards and make purchases. If you did not use HTTPS to secure your site (that padlock image at the top left where the domain address is listed), or if it is incorrectly set up, the content can be intercepted by bad actors (hackers) on your site. I'm tuned into multiple IT news sources and software updates from all our software vendors on the latest hack attempts so that I'm always In the know. I've always had the practice of utilizing two SSL keys, one private key, and the other a public key that everyone knows."
Tom's Answer #2
"Say a client visits your site and sees that the information on your site can be easily intercepted; it does not leave an impression of credibility or trust. If your site is not reliable, secure or safe, why would any client risk a purchase? If they can purchase something similar on a safer site, what would stop them? As a general rule, I always use the Handshake Protocol of TLS which enables authentications for clients and servers. I find this a more secure communication method after the first handshake is a success. If there is a failed handshake the first time, the connection terminates. I also use the STARTTLS (or STLS for POP3 protocol) command for outbound email connections for extra safety. A secure connection is required by specific ports to be able to connect. For example, i would use 995 for secure POP3, 443 for HTTPS and 993 for IMAP. I already have these ports set up on our server."
2.
How will you detect an incident or data breach, and what steps do you take to prevent it from happening?
There are many software and hardware detection systems in the market that help prevent incidents and data breaches. Hiring managers will ask situational questions about detection and how they start. Explaining to the manager that organizations need to change their mindset about how detection is addressed will definitely give you points in the interview. Furthermore, Cyber experts should be able to articulate the procedures involved in tracking an intruder and where most companies fail with their detection systems. Don't be shy; tell the manager how much you enjoy your work, and how proud you are for setting up and maintaining an environment that that has 0% intrusion as a direct result of your security strategy and vision.

Tom's Answer #1
"An incident can happen at any time without warning, so being ready is critically important. I strongly believe that every company should have a plan B for attacks that take place without warning. Once a hacker gains access to a system, there are two main directives that they pursue. Doing reconnaissance, and exploring to understand the system. Their next steps are to find assets (Data), how to access them, all while acting in a stealth mode in the system. This is where I would be able to detect their movements, and track activity."
Tom's Answer #2
"The trick is having a strong detection system that finds an attacker early in the process to thwart or minimize data theft or other significant damage. In order to find an active attacker, there are two challenges must be addressed and solved:

1) You need to change your approach on what you look for and how you identify them
2) Look at full network activity, rather than limited packet routing

I find that the whole mindset has to change, because identifying an active attacker through the typical process of pre-defined signatures, entry behaviors, and other signs isn't the most efficient way of protecting your systems. These hackers are meticulous, and follow a step-by-step campaign to gain entry."
3.
What are the various ways to inform employees about information security policies and procedures?
Anyone in IT leadership that is responsible for establishing and maintaining company policy and procedures for security needs to ensure that there's a system in place for monitoring corporate computers and mobile devices to protect against email viruses, malware, and data breaches. You'll find that hiring managers tend to spend a bit more time on this question because they want to gauge your level of confidence on how you implement these practices across the company and the way you communicate the procedures to all employees. The experience you share with the manager will be a reflection of your capabilities and will show that you can think outside the box. It's not uncommon for a manager to ask you to talk at length about communicating effective ways to identify phishing emails, transferring confidential files securely, password management tips, and applying privacy and security updates for all employees. This helps the manager see the level of detail that you go through to protect your company's employees.

Tom's Answer #1
"If you look at statistics on how attacks were established. You will find that over 50% of attacks came from employees within a company that inadvertently allowed access to a hacker, or simply disregarded company security policy. At my last company, I was directly involved in writing the security policies and procedures, as well as setting guidelines and conducting training sessions with employees to teach them to detect phishing emails and similar scams. I demonstrated in detail what a phishing email looks like, and what to look for when they receive one, and the procedure to follow once this type of scam is identified. I created an email account so that anyone who received these phishing emails,l could send them straight to that account."
Tom's Answer #2
"During my security training sessions with employees, I explained the importance of cyber security, and pointed out the risks of an attack and the negative impact it could have on our organization if personal employee or company information is compromised. As part of the training sessions, I discussed in detail the use of and management of strong passwords, and how to use unique characters when selecting new passwords. As a way of making sure all employees were adhering to our security policies, I set quarterly reminders for everyone to change their passwords. I also had everyone apply updates to their systems and privacy settings."
4.
Give me your opinion on Blockchain technology, and how do you think it will revolutionize cyber security?
Ever since Blockchain was introduced to the market, security technologists have been busy trying to keep Blockchain transactions secure through distributed networks so people can use bitcoin or crypto-currency as a payment gateway. Hiring managers, especially in the finance/banking industries, are well aware of this technology, so when they ask this question, they are looking for your opinion on how it applies to cyber security. If you have experience working in an environment that uses Blockchain, showcase that experience in a way that makes you stand out from the crowd. For example, use a scenario (without giving away sensitive company information) where you used it, and how you were able to protect web servers and ID systems so the transactions were safe and secure. If you have limited knowledge in Blockchain, show your eagerness to learn the technology, and how your skills would apply in those situations.

Tom's Answer #1
"Anytime I see the introduction of a new technology or payment gateway, I take it upon myself to research that technology to see where it is relevant in the world of Cyber Security. When Blockchain came out, I did extensive research on where it might have vulnerabilities, and susceptible to attacks. According to my research, Blockchain has around for about a decade and was initially introduced to store and/or send crypto-currency like Bitcoin. Blockchains are distributed networks with millions of users all over the world. Since Blockchain uses cryptology, it's easier for businesses to authenticate devices and users without the need for a password. This definitely eliminates manual intervention in the process of authentication, thereby avoiding potential attacks."
Tom's Answer #2
"The way I view Blockchain revolutionizing Cyber Security is through decentralized storage, record keeping, and peer-to-peer sharing. Furthermore, Blockchain users will be able to store all their data on their network or computer if they choose to do so. Basically, a blockchain is a decentralized, digitized, public ledger of all cryptocurrency transactions known as Distributed Ledger Technology. One of the big reasons why I think blockchain is going to be an integral part of Cyber Security is (Distributed Denial of Service. In a nutshell, Blockchain transactions can be denied easily if the send-receive participants are impeded from sending transactions. Blockchains provide a non 'hackable' entrance point, thereby, provide more security when compared with database-driven transactional structures."
5.
In a situation where a user needs admin rights on his system, what is the protocol that you follow to grant or restrict admin access?
I have seen on numerous occasions where someone needed an important document for a proposal, and the only place the data that was needed was on a server or drive that required administrative access. If you've ever needed to access folders or files that are locked or inaccessible, then you know what I mean. This is a common question asked by hiring managers to limit the number of users accessing sensitive data. They want to know if you follow security protocols and best practices for roles and privileges. In an interview, you might hear the term (Greenplum). Greenplum is a database system that manages access to those databases using roles. Giving an example of some challenges you had with restricting access for a good reason, and then granting access after approval was given shows the manager how well you followed protocol.

Tom's Answer #1
"Managing roles and privileges has its challenges because the user could be a database administrator seeking access to specific tables or objects. As part of our security best practices, I assign rules by role membership by group. I find this to be the best way of managing privileges, this way privileges can be revoked or granted from a group as a whole. I'm intimately familiar with a Greenplum database and how it works. For example, Greenplum requires a UNIX user ID to initialize and access the Greenplum database. This protocol is pretty standard in the industry, and widely used for creating new rules, and protecting passwords in the Greenplum database."
Tom's Answer #2
"If you look at various network infrastructures and architectures within companies, you will find a variety of user/role attributes. One of the user roles that I keep a close watch on is giving access to SUPERUSERS. I like to limit access to SU's for a number of reasons, one of the biggest is SU's bypass all access privilege checks in Greenplum dataset. In my humble opinion, I think only administrators should have that access, since we are intimately involved in the protection and security of the organization."
View All 24 Cyber Security Questions and Answers
Sign up to access our library of 50,000+ Q&As,
plus coaches for one-on-one support, so you can interview more confidently.
More Interview Q&As
Explore expert tips and resources to be more confident in your next interview.
Behavioral
Common
Phone
Tough
Leadership
All Interview Topics
All Career Q&As
About Our Interview Q&As
Our interview questions and answers are created by experienced recruiters and interviewers. These questions and answers do not represent any organization, school, or company on our site. We do not claim they will be asked in any interview you may have. Our goal is to create interview questions and answers that will best prepare you for your interview, and that means we do not want you to memorize our answers. You must create your own answers, and be prepared for any interview question in any interview.