Master 47 Cyber Security interview questions covering threat analysis, incident response, and security frameworks.
Question 20 of 47
Why the Interviewer Asks This Question
Example Answer
Example Answer 2
How to Answer
Community Answers

Tom Dushaj is a business and technology executive and the author of 'Resumes That Work.' Tom has vast experience providing solutions to Fortune 500 companies in the areas of Information Technology Consulting, ERP Software, Personnel Management, and Intern
With a heightened level of data security throughout the world, protecting customer data has never been more important. Data has become a valuable commodity in this day and age, and companies go to great lengths to protect it at all costs. Knowing the different levels of data classification is a fundamental skill required by any cyber security professional. The hiring manager will ask you this question to confirm that you are aware of the importance of this issue and able to take steps to address it.

Tom Dushaj is a business and technology executive and the author of 'Resumes That Work.' Tom has vast experience providing solutions to Fortune 500 companies in the areas of Information Technology Consulting, ERP Software, Personnel Management, and Intern
"Setting data classification policy is very important because if you don't have a policy in place, you won't know what your level of sensitivity is, which means you have no baseline or security controls to protect your data. This is an important topic to me, and I take it very seriously. My involvement goes deeper into data classification than any other team member, so I typically take the lead for data classification on three main levels. Restricted data, private data, and public data classification. Here's how I classify these three into workable tasks.
1. Restricted data - I apply the highest level of security to a restricted classification because it has the highest level of risk.
2. Private data - This one is at a moderate risk level, but should still be treated as private data and protected nonetheless.
3. Public data - Normally this level is low or no risk. While there are still controls in place, some level of control is still required."

Tom Dushaj is a business and technology executive and the author of 'Resumes That Work.' Tom has vast experience providing solutions to Fortune 500 companies in the areas of Information Technology Consulting, ERP Software, Personnel Management, and Intern
"There are a number of different ways that classification of data can be performed. I've always had an interest in data collection and classification, which has led me into a cyber security occupation. Interestingly enough, many organizations collect and classify data in different ways. As a Data Steward, it is my obligation to reclassify data - this is conducted periodically - to determine what frequency is most appropriate based on available - if after doing a data reclassification, it is determined that the data has changed or was modified, then I look at whether existing controls are consistent with the new data classification. If gaps are found within existing controls, they are immediately corrected."

William Swansen has worked in the employment assistance realm since 2007. He is an author, job search strategist, and career advisor who helps individuals worldwide and in various professions to find their ideal careers.
When asked by the hiring manager, don't be afraid to offer examples of how you set data classification policies or reclassified data to a classified status with access limited to administrators. Also, highlight your knowledge about the different levels of data classification (ie., Restricted, private, and public). You don't need to go into too much detail because a hiring manager will ask a follow-up question if they need more information or want to explore the topic more. Once you are asked a follow-up question, you have permission to expand on your answer and possibly give an example from a previous situation you encountered.

Interview Coach
Jaymie
A real coach, not AI. I read every answer myself and write back with personalized feedback.
Typically responds within 24 hours.
0 - Character Count
Prepare for technical scenarios and security assessments that interviewers prioritize.
Get StartedJump to Question

Written by William Swansen
47 Questions & Answers • Cyber Security

By William

By William