Cyber Security Interview Tips | Interview Topics Cyber Security Interview Preparation 2021

00:00

hey guys welcome and welcome back to my

00:01

channel this is sandra and i make videos

00:03

all about work blog cyber security and

00:05

having a career in technology

00:06

and if this video was helpful to you

00:07

please give it a thumbs up so more

00:09

people can find it through the youtube

00:10

algorithm

00:11

so today we're going to be discussing a

00:12

highly requested video from you guys

00:14

which is interview prep for cyber

00:16

security jobs and this is definitely a

00:17

big topic especially when i was

00:18

interviewing graduating college

00:20

and looking for entry-level

00:21

cybersecurity roles so i kind of split

00:23

this into the more technical side of

00:24

cybersecurity questions

00:26

and topics as well as the more

00:27

behavioral interviews where you're kind

00:29

of just answering questions about

00:30

walkthroughs scenarios

00:31

and just basic behavioral tell me about

00:34

yourself questions

00:35

and i also have time stamps all over the

00:36

video so you can definitely jump around

00:38

depending on what topics that you

00:39

already know okay so from my experience

00:41

interviewing for cyber security roles a

00:43

lot of it comes down to questions that

00:45

are easy to ask and unfortunately a lot

00:47

of the questions are either you know it

00:48

or you don't

00:49

because if someone asks you like what

00:51

port is https that's something you know

00:53

or you don't know you know it's not

00:54

something that you can like bs around

00:56

or try to like talk around and that's

00:58

what makes cyber security interviews a

00:59

bit harder

01:00

especially because i come from a coding

01:01

background where you're kind of

01:03

able to solve a problem using multiple

01:05

different scenarios

01:06

like even if you don't know how to use

01:07

hash maps you can get to a problem

01:09

maybe trying to use a different way or

01:10

brute force so if that noted

01:12

one of the first topics is encryption

01:14

this goes from encryption algorithms

01:15

hashing algorithms the differences

01:17

between the few which ones are secure

01:18

and which ones are depreciated and no

01:20

longer being used

01:21

or which ones you would use in which

01:22

scenarios and there's also very niche

01:24

algorithms like two fish and you should

01:25

try to look up the most common

01:26

algorithms

01:27

to just have an idea of what they are

01:29

and what they do of course the most

01:30

common ones are aes

01:31

sha md and everything in those families

01:34

so i would definitely recommend at least

01:35

looking into those

01:36

so you have an idea as well as the

01:38

differences between a symmetric and

01:39

asymmetric encryption as well as block

01:41

ciphers versus stream ciphers and those

01:43

will be the main things in encryption

01:45

that are very high level enough to be

01:47

asked during a standard cyber security

01:49

analyst or cyber security interview and

01:50

honestly a lot of the topics that are

01:52

interviewable

01:53

are actually found in the comptia

01:55

security plus exam which is a

01:56

certification that i actually took last

01:58

year so if you guys are interested

01:59

definitely check out the link below i

02:01

made a video about resources i use

02:02

and even if you don't want the

02:04

certification it's always good to study

02:06

because it's also a very good resource

02:07

for all the material in cyber security

02:09

at a high level

02:10

that you can study just for interviews

02:12

okay so the next thing is security

02:13

protocols and port numbers so in my

02:15

first interview for a cyber security

02:16

role

02:17

it was actually for a cyber security

02:18

internship i was given a quiz

02:20

that literally asks me things like what

02:22

is the port number for this um what port

02:24

number is this

02:25

one would you use this protocol versus

02:26

the other and different things like that

02:28

and then afterwards we kind of went over

02:30

the answers and reviewed them

02:31

so that was definitely a very

02:33

anxiety-inducing interview

02:35

but also it just goes to show that a lot

02:37

of these questions

02:38

are straight up like you know it or you

02:40

don't and that's why i feel like i

02:41

really want to stress the importance of

02:43

you should know standard port numbers

02:45

you should know what they do you should

02:46

know when to use them

02:47

and you should also know if you're given

02:49

a network scenario which also i'm going

02:51

to talk about later

02:52

and they're asking you what's wrong with

02:53

this network and maybe you're doing an

02:54

nmap scan of all the open ports

02:56

and you're there to see okay so what's

02:58

wrong with this right now are there any

03:00

port numbers that are open that are

03:01

really suspicious so that's why it's

03:02

really important because if you see

03:04

a port number for a remote desktop

03:05

protocol but you don't know that that's

03:07

what that port is for

03:08

then that question is already like over

03:10

your head and then that's when you might

03:11

start like getting worried a little bit

03:12

so that's why i feel like it's really

03:14

important to know those basic standard

03:15

protocols

03:16

and again comptia security plus has a

03:18

pretty good list of protocols

03:20

and port numbers that you should at

03:21

least know and i believe there's about

03:23

20 or 30 of them so i will link that

03:26

below okay so another thing is security

03:28

tool

03:28

knowledge this one sounds really basic

03:30

but honestly when i was even studying

03:31

for software development or software

03:33

engineering roles

03:34

they would ask me questions like oh what

03:35

is mongodb what kind of language is

03:37

python

03:37

is python interpreted language and

03:39

different standard general questions

03:41

like that

03:41

so that's why i feel like you should

03:42

have a general knowledge of the

03:43

different tools that are used

03:44

for example burp suite is probably one

03:46

of the biggest ones in pen testing

03:48

fiddler is a big one metasploit is also

03:50

a big one but it may not be as commonly

03:51

used as something like burp suite

03:53

but generally you should know that oh

03:54

yeah burp suite is used as a proxy and

03:56

you can use that to take in traffic from

03:58

your browser and basically analyze it

04:00

you should also know the difference and

04:01

know different examples of packet

04:03

sniffers

04:04

network scanners port scanners as well

04:06

as just different tools

04:07

that the community uses as well as open

04:09

source tools whether that's for open

04:10

source intelligence or any other role

04:12

that you're looking for

04:13

especially if you're going for a

04:14

beginner type role the most easiest

04:16

thing that you could do

04:16

is look up top 10 most common tools used

04:19

in cybersecurity

04:20

and then you'll find those and at least

04:22

you'll know the idea so if a scenario

04:24

comes up or a walkthrough

04:25

or a question comes up like do you know

04:27

what burp suite is or what does burp

04:29

suite do or

04:30

what is verbs be used for like you at

04:31

least know how to answer high level

04:33

those questions and then you can always

04:34

go from there and say hey i know high

04:36

level what this is

04:37

it's xyz but i would also love to learn

04:39

more and do my own research on the job

04:41

and i'm willing to learn

04:43

so i feel like that's the key point the

04:45

fact that you know a bunch of high level

04:46

things

04:47

but you're always willing to learn and i

04:48

feel like that's one big thing that a

04:50

lot of the interviews

04:51

that you're going to be going in at

04:52

least for cyber security are going to be

04:54

looking for and honestly any role

04:55

like every interview is really trying to

04:57

see like how much your willingness is to

04:59

learn

04:59

and how passionate you are about the

05:01

topic so that's why i feel like those

05:02

are really important

05:03

especially for entry-level roles okay so

05:05

the next thing is the cia concepts

05:07

and the cia triad or the cia triangle is

05:09

kind of like

05:10

the really basic foundation of cyber

05:11

security all right this looks weird but

05:14

and it's basically confidentiality

05:15

integrity and availability these are the

05:17

three

05:17

pillars of cyber security

05:19

confidentiality of course is just making

05:20

sure that outsiders don't know your

05:22

information

05:23

they don't know any confidential info

05:24

integrity is can we make sure that

05:27

no one is changing this information

05:28

without our permission or only the right

05:30

people are changing this information

05:31

and how can we trust this information

05:33

and making sure that it's you know as

05:35

accurate as possible and availability is

05:37

the last pillar which a lot of people

05:38

don't know is

05:39

actually a really super important part

05:40

of cyber security because availability

05:43

talks about ddos attacks talks about

05:44

being able to keep

05:45

your applications online for users to

05:47

use because that in itself is a cyber

05:49

security attack

05:50

if someone brings down your network and

05:52

your customers are no longer able to

05:53

access your website

05:54

that is an attack on availability and if

05:56

you worked at any company

05:58

for any amount of time you know that

05:59

availability costs a lot of money

06:01

all the downtime that your company has

06:02

especially on an application that might

06:04

be widely used by clients that could

06:06

potentially be thousands millions of

06:08

dollars going down the drain because

06:09

your application is offline so that's

06:11

why availability is one of the most

06:12

important parts of cyber security

06:14

hence the cia triad so i would

06:16

definitely try to hammer down

06:18

these concepts and know if you're given

06:20

a scenario like you work at x by company

06:22

there's like this application that needs

06:23

to be secure

06:24

you want to implement these logs and you

06:26

also want to implement some kind of

06:27

preventative measures for ddos attacks

06:29

what are the cia concepts that are used

06:31

in this scenario and then you can know

06:33

okay well if you want logs that means

06:34

you want to make sure you know who's

06:36

changing the data know that they're

06:37

trustworthy make sure that integrity

06:39

is there for any information that's on

06:41

that application and then if they're

06:43

trying to prevent a ddos attack then

06:44

they're mostly trying to

06:45

account for availability for the

06:47

application and of course that's just an

06:48

example question that i just thought of

06:50

and there's also going to be a lot of

06:51

deductive reasoning

06:52

so you should always try to think as

06:53

logically as possible okay what's the

06:55

first step i should do

06:56

and what does this mean and you should

06:57

always ask why and how

06:59

for these questions especially when

07:00

you're in an interview where they're

07:01

doing some kind of walkthrough

07:03

or scenario and they're trying to get

07:04

you to give them a solution or trying to

07:06

get you to say what would you do if this

07:08

happened

07:08

so you should always think with the end

07:10

user in mind the client in mind

07:11

protecting as much

07:12

of the customers or the clients or the

07:14

company's assets as possible

07:16

which leads me pretty well into the

07:18

cyber kill chain

07:19

and this is something that one of my red

07:21

team mentors says is really really

07:23

important

07:23

and honestly i never thought about this

07:25

before i actually got into cyber

07:26

security even when i was studying for

07:28

interviews i didn't really think about

07:29

this but this was originally used as a

07:31

military term

07:32

that basically talks about the structure

07:34

of an attack and i can include some kind

07:36

of

07:36

diagram on the screen that can

07:38

potentially help as well as links below

07:40

if you guys are interested in learning

07:41

more

07:42

but this is one of the most important

07:43

things that pen testers and red tumors

07:45

and ethical hackers think about because

07:47

this is basically the anatomy of an

07:48

attack from the time when an attacker

07:51

identifies a target to deciding how they

07:53

can

07:53

attack a vulnerability that the target

07:55

might have exploiting the target

07:56

controlling the target and then

07:58

basically reach command and control so

07:59

you want to keep in mind these concepts

08:01

and try to understand

08:02

potentially if you're given a scenario

08:03

for this attack happen where in the

08:05

cyber kill chain is this um how can we

08:07

stop it and different things like that

08:08

so you always want to keep that in mind

08:09

especially when you're going for a pen

08:11

testing role or some kind of ethical

08:12

hacking role

08:13

okay so the next thing is security

08:14

prevention and security detection so

08:16

there are a bunch of different tools out

08:17

there that are very high level

08:19

again you should really look at comptia

08:21

security plus concepts because i feel

08:22

like they were just really helpful in

08:23

helping a beginner like me understand

08:25

especially because i haven't been in

08:27

this field for that long

08:28

these are the concepts that would be

08:29

really good to know for a potential

08:31

interview

08:31

and this goes from intrusion prevention

08:33

and intrusion detection systems

08:35

firewalls how to configure a firewall

08:37

and you can look online for various

08:38

examples of this this is also tested in

08:40

security plus

08:41

where a potential question could be that

08:43

you're given some kind of network and

08:44

you're told

08:45

you need to secure this firewall like

08:46

what would you change based on this

08:48

example companies third-party networks

08:50

extranets

08:51

and various different secure and

08:52

non-secure zones in their network i feel

08:54

like understanding at least a high level

08:55

of

08:56

firewall configurations is also very

08:57

important and also don't forget physical

08:59

security because if you think about it

09:00

that is also really important

09:01

for example did you know that in server

09:03

rooms or like rooms with very important

09:05

machinery

09:06

they don't have crawl spaces or like

09:07

those vents in the ceilings

09:09

because someone could potentially sneak

09:10

into that essentially plug in a usb

09:12

and exfiltrate data and i feel like

09:14

that's why it's really important to know

09:15

high level

09:16

all these things to the point where

09:17

you're thinking about parking lot lights

09:19

fences faraday cages um which basically

09:22

stop electromagnetic

09:23

interference so there's basically a lot

09:25

of things that you can think about and

09:26

again these topics are on security plus

09:28

so let me just add a link below for all

09:30

this comptia security plus topics

09:32

i i just feel like it'll be really

09:33

helpful to you guys okay so this video

09:35

is getting kind of long

09:36

and the next thing is common security

09:37

attacks so the most common ones like

09:39

crosstalk scripting

09:40

sql injection cross-site request forgery

09:42

there's a lot of different attacks out

09:43

there

09:44

and there's actually a list of most

09:45

common attacks by owasp so i can link

09:47

that below and you can check it out

09:49

and a lot of pen testing teams also look

09:51

for these common attacks because

09:52

they are common vulnerabilities so

09:54

definitely check that out and learn a

09:55

bit more if you're interested

09:56

and i can also link below hack the box

09:58

as well as a few other resources that

10:00

you can use to get some

10:01

beginner pen testing experience because

10:03

even if you're not going for a print

10:04

testing role

10:05

these will be really helpful for you to

10:06

kind of understand the mind of an

10:08

attacker and what they're trying to do

10:10

so then when you get an interview

10:11

question that has to do with an attack

10:12

or some intruder in the network

10:14

then you kind of know like okay what are

10:16

you going to try to do next they're in

10:17

this person's account

10:18

they're trying to they're probably

10:18

trying to elevate their privileges or

10:20

find some kind of admin user

10:21

that they can take advantage of and run

10:23

higher level attacks or take more

10:24

control of the system

10:26

and then you can go from there so that's

10:27

why it's really good to understand high

10:28

level

10:29

all these roles and all these different

10:31

things in the network that kind of work

10:33

together

10:33

so then you can answer in the best way

10:35

possible in any scenario or walk-through

10:37

interview that you might have

10:38

and of course the next thing is the osi

10:40

model which is basically all the layers

10:42

in the network and honestly there are

10:43

acronyms out there i don't remember the

10:45

exact one that i had

10:46

but i can put some on the screen or drop

10:48

some examples on the screen

10:49

and honestly once you remember them it

10:51

would be really easy to kind of recall

10:52

them like

10:53

okay this is a data link layer oh that's

10:55

a network layer this is the physical

10:56

layer like eventually you're gonna be

10:57

able to differentiate those especially

10:59

during an interview since i feel like

11:00

those are some of the really basic

11:01

levels because from my experience even

11:03

on this current team

11:04

there are times when people are like oh

11:06

yeah that's a network layer problem so

11:07

that's probably not something that we're

11:08

worrying about or

11:09

oh that's an application layer problem

11:11

so blah blah blah so there's a lot of

11:12

different things that you can infer

11:14

based on what layer of the network that

11:15

it is and that's why it's really

11:16

important to know the osi model

11:18

at a high level at least so you can kind

11:20

of answer questions about them in a

11:21

potential interview

11:23

i need to take a breath or something all

11:26

right network security and access

11:28

controls

11:28

so this of course is very generic you

11:31

should at least know the different

11:32

pieces of equipment

11:33

or technology that sit on your network

11:35

and control network access

11:37

for example what is a router what is a

11:38

hub what is a proxy server

11:40

where is your dns server and what are

11:42

all those little components that are in

11:43

your network that are securing it

11:45

and where are you putting each thing for

11:46

example your internal network is going

11:48

to be behind a firewall

11:49

and you might be shown a diagram during

11:51

your interview where people are like

11:52

okay this is

11:53

a example of a network setup what is

11:55

wrong with this picture is something

11:56

wrong with it or

11:57

what would you do to improve it so

11:59

there's a lot of questions that could go

12:00

into that

12:01

and of course that's another reason why

12:02

it's really important to know like hey

12:04

oh it's a dns server i know what that

12:06

does we're like oh why isn't there a

12:07

firewall between the internal network

12:09

and the extranet

12:10

which also goes into basic cyber

12:11

security concepts like honeypot or

12:13

honeynet which are basically

12:15

bait networks that companies set up to

12:17

kind of make attackers think that they

12:18

got into the real network

12:19

and they can also analyze what attackers

12:21

are doing to learn more about

12:23

how they're attacking and different

12:24

things that you're trying to do or

12:25

different things that they're actually

12:26

looking for

12:27

and the next thing is phishing attacks

12:29

so of course phishing

12:30

is very common um you guys probably have

12:32

hella spam emails

12:33

with little notes that say oh this might

12:35

be a phishing email don't click on any

12:37

links and there's lots of different

12:38

types of fishing there's fishing there's

12:40

whaling

12:40

and a bunch of different other ones so

12:42

that's definitely something that you can

12:43

look into and

12:44

fishing i feel like is more like human

12:45

psychology and a lot of people i know

12:47

actually in cybersecurity have a

12:48

psychology background

12:50

um because it's all about human behavior

12:52

and what makes humans do something

12:53

and there's actually legit concepts

12:55

around fishing that are actually studied

12:57

to understand what makes people

12:59

want to do something and a lot of that

13:01

sadly is driven on fear

13:02

greed use of authority so there's

13:04

definitely a lot you can look into there

13:05

and because of that it's actually a

13:07

really easy topic to get questions on in

13:08

an interview

13:09

and i would say that you would

13:10

definitely want to get those correct

13:12

because this is a lot of human

13:13

psychology

13:13

and if you did end up working for that

13:15

company and you click on some email that

13:17

is

13:18

really fishy you know like fishy and

13:20

that actually proves to be a threat to

13:21

the network for that company

13:23

um that could be a really bad thing so

13:24

phishing is a really important topic

13:26

that you want to get down okay so the

13:27

next thing is common security practices

13:29

these will be little scenarios like you

13:30

shouldn't plug in a personal usb

13:32

into your work computer and then try to

13:34

take home a report to work on later

13:36

or you shouldn't use public wi-fi or you

13:38

should use some kind of screen filter or

13:40

dimmer

13:40

to make sure no one is shoulder surfing

13:42

you so basically very general

13:44

common security practices that you can

13:46

look into because you don't have to know

13:47

the exact word

13:48

but you can always say like yeah i

13:50

wouldn't use public network or

13:51

or i wouldn't just plug in my usb into a

13:53

server and then the last topic i want to

13:55

talk about was scenario walkthroughs

13:57

so i kind of sprinkled them all around

14:00

this video already

14:01

but it's basically just when they give

14:02

you some kind of diagram they give you

14:04

some kind of scenario

14:05

whether it's about an attack or how to

14:07

protect the network

14:08

or what to do better different things

14:10

like that those are the main questions

14:12

that are going to be

14:12

getting you to think on your feet as

14:14

well as making use of deductive

14:16

reasoning

14:16

so you can answer those questions as

14:18

best as possible based on your current

14:19

knowledge

14:20

and also i want to say that if you don't

14:23

know a question or an answer to the

14:24

question

14:24

that's okay like they don't expect you

14:26

to know everything especially

14:28

in your early career so i feel like the

14:30

best thing you can do is

14:31

take in all the information as much as

14:33

you can before your interview

14:34

and then see okay this is what i know

14:37

and that that is exactly what you're

14:38

going to tell the interviewer

14:39

so i may not be familiar with dns

14:41

servers but this is what i know about

14:43

firewalls and blah blah blah

14:45

like i feel like this shouldn't be right

14:47

or this shouldn't be placed here

14:48

um or i feel like you should add another

14:50

firewall here between this network and

14:51

this network

14:52

so there's a lot of things that you can

14:54

infer based on your current knowledge

14:56

so even if you don't know exactly

14:58

everything that's on that diagram they

15:00

don't expect you to

15:01

so that's okay don't let it freak you

15:02

out if they give you some kind of really

15:04

crazy diagram

15:05

or a scenario that you've never heard

15:06

about like oh they happen to an email

15:08

server

15:09

i don't know i never work with email

15:10

servers well that is okay

15:12

just tell them what you do know and talk

15:14

around what you think is the right

15:15

solution

15:16

but then try to put as much backing and

15:18

groundwork about it

15:19

as possible so you can explain your

15:21

ideas and kind of walk through what

15:23

you're thinking

15:23

because that's the most important thing

15:25

like knowing your mindset knowing

15:27

how you think about ideas critical

15:28

thinking and deductive reasoning

15:30

are probably the most important things

15:32

they are looking for in that interview

15:33

okay so i probably talked your ear off

15:35

but thank you guys so much for watching

15:36

and i'm sure this is not like this is

15:38

not a comprehensive list so i really

15:40

feel like you should definitely do your

15:41

own research

15:42

and look up questions for whatever

15:43

company that you're studying for and

15:45

look up glassdoor

15:46

questions and i'm sure if you look up

15:47

like the name of your company

15:49

and then like cyber security interview

15:51

questions something at least will come

15:52

up

15:53

and you can definitely use those to help

15:54

guide your studying but i feel like

15:56

these are just general topics that you

15:57

can look into

15:58

that can kind of help guide you for what

16:00

you should study for your next interview

16:02

and again i really feel like comptia

16:03

security plus topics and probably a plus

16:05

topics would be really helpful

16:07

just for studying for beginner level

16:08

interviews because they're probably not

16:10

going to be asking for like your

16:11

experience and what you've

16:12

already configured and already done

16:14

especially for you know only like

16:16

one or two years maybe zero years into

16:18

your

16:19

career so at least knowing these general

16:21

topics will show them that

16:22

hey this person kind of knows what

16:23

they're talking about even though they

16:24

haven't maybe done any hands-on work yet

16:26

they know at a high level what these

16:28

concepts are and how they work together

16:30

thank you guys so much for watching if

16:31

you like this video please give it a

16:32

thumbs up

16:32

i hope it was helpful if it was please

16:34

consider subscribing and turn on post

16:36

notifications

16:36

i post videos every wednesday at 2 p.m

16:39

and sundays at 12 p.m and feel free to

16:41

drop any ideas and suggestions that you

16:42

have

16:43

for studying for any cyber security

16:44

interviews that you've already completed

16:46

just in case it can help anyone else in

16:48

the community

16:48

and definitely drop any questions that

16:50

you guys might have as well thank you

16:51

guys so much for watching and i'll see

16:53

you guys in my next video

16:56

[Music]

17:02

bye

17:07

you