Information Security Manager Mock Interview
Master 45 Information Security Manager interview questions covering risk assessment, compliance frameworks, and incident response.
Question 15 of 45
Would you consider it an issue if you detected that a user had logged in as root to perform basic functions? If so, what actions would you take to prevent this?
Why the Interviewer Asks This Question
How to Answer
Example Answer
Community Answers
William Swansen has worked in the employment assistance realm since 2007. He is an author, job search strategist, and career advisor who helps individuals worldwide and in various professions to find their ideal careers.
Root access is usually restricted to key information security and system management personnel. This is because root access enables the user to make changes to the system, which are potentially disruptive and harmful. If regular users are allowed root access, they may inadvertently make changes that disrupt the system's operation and may take a great deal of effort to reverse. Employers want to make sure that you can detect and prevent unauthorized root access to their systems.
William Swansen has worked in the employment assistance realm since 2007. He is an author, job search strategist, and career advisor who helps individuals worldwide and in various professions to find their ideal careers.
The interviewer is asking for your opinion about whether this is a problem or not. Even though this format provides you with options when responding to the question, the interviewer probably has a specific answer in mind. When faced with a question like this, the best strategy is to choose the more conservative answer. This tells the interviewer that you are primarily concerned about the organization's information security. You can note that there may be exceptions to this primary responsibility as dictated by the company's information security policies and protocols.
William Swansen has worked in the employment assistance realm since 2007. He is an author, job search strategist, and career advisor who helps individuals worldwide and in various professions to find their ideal careers.
"I believe the best practice is to only provide root access to qualified and approved systems administrators and information security personnel. Keeping the list of these users short ensures that no unauthorized root access will occur and that the systems will be safe and secure. If an unauthorized user gained root access, I would first deauthorize the access and kick them off the system. I would investigate how they were able to gain root access and patch any security vulnerabilities I discovered. On occasion, it may be appropriate to provide temporary root access, but only if the user is closely supervised."
Interview Coach
Jaymie
A real coach, not AI. I read every answer myself and write back with personalized feedback.
Typically responds within 24 hours.
0 - Character Count
Unlock All 45 Information Security Manager Questions
Unlock expert responses to technical security scenarios and leadership questions interviewers prioritize.
Get StartedJump to Question