By: Nihad Hassan
July 20, 2021
General Cybersecurity Interview Questions
By: Nihad Hassan
July 20, 2021
Cybersecurity is one of the fastest-growing job domains. As the digital transformation moves at a rapid pace, cybercriminals shift their activities to cyberspace. According to Cybersecurity Ventures, the global cost of cybercrime is projected to reach 6 trillion in 2021. The number is expected to reach $10.5 trillion in 2025. The massive increase in cybercrime costs will create a steady demand for cybersecurity experts to counter cyber threats and manage cyber defenses. A report published by New York Times expects 3.5 million open cybersecurity jobs across the globe in 2021.
This article will focus on 12 cybersecurity questions that any applicant for a cybersecurity vacancy is expected to have during the interview. Of course, no one can give you all the questions; however, it is advised to expand your reading around the topic mentioned in each question to make your knowledge as inclusive as possible.
Top 12 Cybersecurity interview questions
Question 1 - What is Cryptography?
Cryptography is the practice and science of hiding data by obscuring it. There are two main types of cryptography: Encryption and Steganography. Encryption protects data by scrambling it. Hence, it converts plain text into cipher text. In contrast, steganography obfuscates secret data (e.g., concealing secret text inside an image) so outside observers cannot see it.
Question 2 - Differentiate between Symmetric and Asymmetric encryption?
Symmetric or secret key encryption, the same key is used to encrypt and decrypt data. In asymmetric or public-key encryption, two keys are used, the public key to encrypt data and the private key to transforming it again to its original state.
Question 3 – What is the difference between Firewall and IDS?
Both Firewall and Intrusion Detection System monitor networks for suspicious traffic; however, the main difference lay in how each device behaves when discovering malicious activity. The firewall is configured to detect and stop possible intrusions. While the IDS system will allow the malicious traffic to enter the network; however, it will launch an alarm notifying the IT administrator about a possible attack without terminating the connection.
Question 4 – what are the elements of cybersecurity?
- Application security
- Information security
- Disaster Recovery Planning
- Network Security
- End-user Security
- Operational Security
Question 5 - What is CIA?
CIA stands for Confidentiality, Integrity, and Availability; it is a popular cybersecurity model for developing security policies.
- Confidentiality: Ensure sensitive data is only accessible by authorized users.
- Integrity: Ensure data has not changed while stored or when it is moved from one place to another (in transit).
- Availability: Ensure data is always available for the intended users when they need it.
Question 6 – What is the Traceroute command?
This network command is used to track a packet's pathway from its source to its final destination. It helps to list the IP addresses of all routers that pass through them during packet journey. On a Windows device (see Figure 1), this command is called tracert, while on Linux and Mac, it's called traceroute.
Question 7 – What is SSL?
SSL means Secure Socket Layer; it is a security protocol used to create an encrypted channel between a web browser and a web server. SSL protects the transaction of sensitive information online, such as financials and account login information.
Question 8 - What are the different layers of the OSI model?
- Physical Layer
- Data Link Layer
- Network Layer
- Transport Layer
- Session Layer
- Presentation Layer
- Application Layer
Question 9 – What is a VPN?
VPN means Virtual Private Network; it connects two devices securely over an untrusted medium such as the internet. Developed initially to connect business networks over the internet, VPN is now commonly utilized by individuals to protect their sensitive information when accessing online services or to access forbidden websites in third-world countries.
Question 10 – What is meant by OSINT?
Open Source Intelligence (OSINT) is the practice of collecting intelligence from publicly available information. The information to be considered valid OSINT sources should not be protected by any copyright or privacy laws. White hat and black hat hackers utilize OSINT information during the reconnaissance phase to discover useful information about their targets that aid them in launching their attack.
Question 11 – Differentiate between Risk, Vulnerability & Threat
Threat: A type of attack an organization or individual could be subject to. Such as DDoS or Man in the Middle attack. Vulnerability: A type of security hole that allows hackers to exploit it to gain unauthorized access or damage target computing systems. For example, outdated server OS is a vulnerability that cybercriminals can exploit to infect the server with malware. Risk: Is the potential of losing IT assets due to a threat exploiting a security vulnerability.
Question 12 – What is meant by data Exfiltration
Exfiltration refers to the unauthorized transfer of organization-sensitive data outside its systems. Exfiltration can happen manually using a disgruntled employee or via malware attacks (such as ransomware) or unpatched vulnerabilities.
This article introduces 12 cybersecurity interview questions; make sure to expand the topic behind each question to strengthen your knowledge about that specific area.