Master 47 Cyber Security interview questions covering threat analysis, incident response, and security frameworks.
Question 24 of 47
Why the Interviewer Asks This Question
Example Answer
Example Answer 2
How to Answer
Community Answers

Tom Dushaj is a business and technology executive and the author of 'Resumes That Work.' Tom has vast experience providing solutions to Fortune 500 companies in the areas of Information Technology Consulting, ERP Software, Personnel Management, and Intern
There are many software and hardware detection systems in the market that help prevent incidents and data breaches. Hiring managers will ask operational questions about detection and how they start. They expect you to answer by describing the methodologies you use to employ intrusion detection systems and the success you have had with these. Providing concrete examples of your work will convince the manager that you are up to this task and can do the work for which they are hiring you.

Tom Dushaj is a business and technology executive and the author of 'Resumes That Work.' Tom has vast experience providing solutions to Fortune 500 companies in the areas of Information Technology Consulting, ERP Software, Personnel Management, and Intern
"An incident can happen at any time without warning, so being ready is critically important. I strongly believe that every company should have a plan B for attacks that take place without warning. Once a hacker gains access to a system, there are two main directives that they pursue. Doing reconnaissance, and exploring to understand the system. Their next steps are to find assets (Data), and how to access them, all while acting in a stealth mode in the system. This is where I would be able to detect their movements and track activity."

Tom Dushaj is a business and technology executive and the author of 'Resumes That Work.' Tom has vast experience providing solutions to Fortune 500 companies in the areas of Information Technology Consulting, ERP Software, Personnel Management, and Intern
"The trick is having a strong detection system that finds an attacker early in the process to thwart or minimize data theft or other significant damage. In order to find an active attacker, there are two challenges that must be addressed and solved:
1) You need to change your approach on what you look for and how you identify them
2) Look at full network activity, rather than limited packet routing
I find that the whole mindset has to change because identifying an active attacker through the typical process of pre-defined signatures, entry behaviors, and other signs isn't the most efficient way of protecting your systems. These hackers are meticulous, and follow a step-by-step campaign to gain entry."

William Swansen has worked in the employment assistance realm since 2007. He is an author, job search strategist, and career advisor who helps individuals worldwide and in various professions to find their ideal careers.
You can answer this question by explaining to the manager that organizations need to change their mindset about how detection is addressed. This will give you points in the interview. Cyber experts should be able to articulate the procedures involved in tracking an intruder and where most companies fail with their detection systems. Tell the manager how much you enjoy your work and how proud you are of setting up and maintaining environments with 0% intrusions due to your security strategy and vision.

Interview Coach
Jaymie
A real coach, not AI. I read every answer myself and write back with personalized feedback.
Typically responds within 24 hours.
0 - Character Count
Prepare for technical scenarios and security assessments that interviewers prioritize.
Get StartedJump to Question

Written by William Swansen
47 Questions & Answers • Cyber Security

By William

By William