Master 47 Cyber Security interview questions covering threat analysis, incident response, and security frameworks.
Question 21 of 47
Why the Interviewer Asks This Question
Example Answer
Example Answer 2
How to Answer
Community Answers

Tom Dushaj is a business and technology executive and the author of 'Resumes That Work.' Tom has vast experience providing solutions to Fortune 500 companies in the areas of Information Technology Consulting, ERP Software, Personnel Management, and Intern
Hiring managers ask this common question to confirm that you limit the number of users accessing sensitive data. They want to know if you follow security protocols and best practices for roles and privileges. In an interview, you might hear the term (Greenplum). Greenplum is a database system that manages access to those databases using roles. Giving an example of some challenges you had with restricting access for a good reason and then granting access after approval shows the manager how well you followed protocol.

Tom Dushaj is a business and technology executive and the author of 'Resumes That Work.' Tom has vast experience providing solutions to Fortune 500 companies in the areas of Information Technology Consulting, ERP Software, Personnel Management, and Intern
"Managing roles and privileges has its challenges because the user could be a database administrator seeking access to specific tables or objects. As part of our security best practices, I assign rules by role membership by group. I find this to be the best way of managing privileges, this way privileges can be revoked or granted to a group as a whole. I'm intimately familiar with a Greenplum database and how it works. For example, Greenplum requires a UNIX user ID to initialize and access the Greenplum database. This protocol is pretty standard in the industry, and widely used for creating new rules, and protecting passwords in the Greenplum database."

Tom Dushaj is a business and technology executive and the author of 'Resumes That Work.' Tom has vast experience providing solutions to Fortune 500 companies in the areas of Information Technology Consulting, ERP Software, Personnel Management, and Intern
"If you look at various network infrastructures and architectures within companies, you will find a variety of user/role attributes. One of the user roles that I keep a close watch on is giving access to SUPERUSERS. I like to limit access to SU's for a number of reasons, one of the biggest is SU's bypass all access privilege checks in Greenplum dataset. In my humble opinion, I think only administrators should have that access since we are intimately involved in the protection and security of the organization."

William Swansen has worked in the employment assistance realm since 2007. He is an author, job search strategist, and career advisor who helps individuals worldwide and in various professions to find their ideal careers.
There are numerous occasions when someone needs an important document for something like a proposal, and the only place the data needed is on a server or drive that requires administrative access. If you've ever needed to access folders or files that are locked or inaccessible, you understand this issue. When answering this question, you need to point out that you always follow protocol when granting admin-level permission to a user. This demonstrates your adherence to company cyber security policies, and your understanding of how having admin access can cause serious security breaches. You may want to note that your old and two exceptions to this role, but only with the appropriate approval by individuals with authority to grant this.

Interview Coach
Jaymie
A real coach, not AI. I read every answer myself and write back with personalized feedback.
Typically responds within 24 hours.
0 - Character Count
Anonymous Answer
I occasionally encounter this situation at ****. If access is needed as a one and done I dispatch a tech to assist the user if is needed on an ongoing basis I have the data owner of the unit request the access from us and state for how long. On a larger organization, it would be the department head. Once we review the ticket I usually have the user moved to a different staff network that we have reserved for special cases, that network has its own firewall in front and a NIDS too and we use DAC to assign back access to only the resources needed by the employee. After the period of time ended, we moved back the user to its default privileges which are based on his group and role. This allows us to keep the attack surface area as restricted as possible.

Amanda's Feedback
Fantastic! You've clearly outlined how you all restrict admin access to meet different needs and minimize the attack surface. The confidence in your answer makes it clear that you're comfortable working with this protocol.
Prepare for technical scenarios and security assessments that interviewers prioritize.
Get StartedJump to Question

Written by William Swansen
47 Questions & Answers • Cyber Security

By William

By William