Here is a list of most commonly asked interview questions compiled by the best in industry. if you are aspiring to be an infosec security specialist or looking for that dream job in your dream organization you are at the right place. These question will give you the idea or what industry demand and help you prepare better for your upcoming interview.
1 Architecture and placement of hardware of HP Arcsight.
2 Briefly explain the Splunk Architecture.
3 Can you briefly describe the four most widely-used threat-hunting techniques?
4 Can you explain SSL encryption?
5 Differentiate between Vulnerability Assessment & Penetration testing.
6 Do you know about ITGC?
7 Explain encoding, hashing, and encryption?
8 Explain how data ages in Splunk?
9 Explain how Splunk works.
10 Explain SSL and TLS?
11 Have you faced any attack in your current organization and what are the steps taken to reduce it?
12 How could identity theft be prevented?
13 How do u maintain a customized T_Code? GRC Access Control Configuration for a new client? how to create a new SOD? how to maintain roles?
14 How do you report a risk?
15 How often should you perform Patch management?
16 How will you prevent data leakage?
17 How would you choose which license you buy for SIEM?
18 How would you specifically describe data leakage?
19 What are the components of Splunk?
20 Suppose you have been asked by your CIO/CISO what kind of threat-hunting tools your team plans to use. He or she is not interested in tools that are developed in-house; rather, they want a list of available commercial products. What would you recommend that they invest in?
21 Explain about Risk assessment methods and client handling procedures in the current organization?
22 What are some common cyber-attacks?
23 What is the difference between Log Normalization and Log Aggregation in SIEM?
24 what are Component of ARCSIGHT?
25 What are black hat, white hat and grey hat hackers?
26 What are common risks at ArcSight? And how to face?
27 What are salted hashes?
28 What are the key differences between Symmetric and Asymmetric encryption?
29 What are the stages to implement a security architecture in a new environment?
30 What are the steps to set up a firewall?
31 What are the things checked for Testing the Security Architecture of your organization?
32 What are the unique benefits of getting data into a Splunk instance via Forwarders?
33 What do you know about the implementation and auditing of Information Systems using ISO-27001 and Risk management, asset management, Network Security, Cryptography?
34 What do you know about Cyber security Frameworks?
35 What do you know about incident handling/triaging?
36 What do you know about owasp top 10 and metasploit?
37 What do you know about the threat model?
38 What do you know about Vulnerability Assessment, Tools for Penetration Testing?
39 What do you mean by Cyber security?
40 What do you understand by Risk, Vulnerability & Threat in a network?
41 What have you worked on in ECC security?
42 What have you worked on in ECC security?
43 What have you worked on in GRc?
44 What have you worked on in GRc?
45 what if we are getting .bad files in incident folder?
46 What is 2FA and how can it be implemented for the public websites?
47 What is a CIA triad?
48 What is a DDoS attack? How is it mitigated?
49 What is BCP in your organization and explain disaster recovery procedure?
50 What is Cognitive Cyber security?
51 What is Cross Site Scripting?
52 what is cypto master files?
53 What is data protection in transit vs data protection at rest?
54 What is Encryption? Why is it important?
55 What is information security and business continuity?
56 What is ISMS and tell me about Organization ISMS Dashboard?
57 What is the ATT&CK framework?
58 What is threat hunting??What are the needed skills in order to be a successful threat hunter?
59 What is weak information security?
60 What steps will you take to secure a server?
61 What technique can be used to prevent brute force login attack?
62 what types of issues you faced during implementation of DLP?
63 Why do you need DNS monitoring?
64 Why should we use Splunk Alert? What are the different options while setting up Alerts?