Master 47 Cyber Security interview questions covering threat analysis, incident response, and security frameworks.
Question 19 of 47
Why the Interviewer Asks This Question
Example Answer
Example Answer 2
How to Answer
Community Answers

Tom Dushaj is a business and technology executive and the author of 'Resumes That Work.' Tom has vast experience providing solutions to Fortune 500 companies in the areas of Information Technology Consulting, ERP Software, Personnel Management, and Intern
Every company with an intrusion detection system will likely come across a false positive or false negative. If you've ever done test cases for your company, and the results gave you a false positive or false negative, it could be because of a software bug, a hardware failure, or perhaps the functionality is not working properly. In any case, the hiring manager will ask this question to gauge if this problem is caused by manual intervention or a failure of the systems.

Tom Dushaj is a business and technology executive and the author of 'Resumes That Work.' Tom has vast experience providing solutions to Fortune 500 companies in the areas of Information Technology Consulting, ERP Software, Personnel Management, and Intern
"While we try to protect any sort of intrusion or hacking of our systems, we do get the occasional attempted intrusion alerts that tell us where the intrusion is coming from and how they are able to get through the first level of security. This is where we implement a false positive and false negative to give them the impression that they are penetrating our system, but in reality, we are watching them monitor which areas of our network they are attempting to attack so that we can strengthen that area and other areas of attempted attacks."

Tom Dushaj is a business and technology executive and the author of 'Resumes That Work.' Tom has vast experience providing solutions to Fortune 500 companies in the areas of Information Technology Consulting, ERP Software, Personnel Management, and Intern
"I've worked with intrusion detection software, anti-virus, and malware software for many years, and have found that even when you test your system, you might get a false positive or false negative. It's not uncommon for this to happen, and I've always proactively planned for it since it's very likely to happen. My approach is to explore why it happens, or what might have caused it to happen, and work towards a preemptive strike to prevent it from happening again. Since both are damaging, and they create a false sense of security, it makes it even more important to me to address them very early in the process. One of the areas I look closely at is test cases. I tend to break them down to the granular level and analyze every detail to get to the core of the problem. I do this by using different test data, metrics, and analysis to review test cases, and I do this process manually and also use automation scanning tools as well."

William Swansen has worked in the employment assistance realm since 2007. He is an author, job search strategist, and career advisor who helps individuals worldwide and in various professions to find their ideal careers.
When answering this question, t's important to highlight your knowledge and understanding of this topic by talking about the steps you take to monitor the reliability of the hardware and software and use corrective actions to prevent future alerts of this kind. For example, did you have to do further testing or change the code or functionality in the software to correct this problem? You can use an example from one of your previous jobs to illustrate your proficiency in this area and how you go about determining if your intrusion detection system is providing a false negative or false positive.

Interview Coach
Jaymie
A real coach, not AI. I read every answer myself and write back with personalized feedback.
Typically responds within 24 hours.
0 - Character Count
Prepare for technical scenarios and security assessments that interviewers prioritize.
Get StartedJump to Question

Written by William Swansen
47 Questions & Answers • Cyber Security

By William

By William