3 min read

Cybersecurity Interview Questions

Cybersecurity Interview Questions

Rainier Cyber originally posted this article but has since removed the content. This was recovered via archives and reposted to keep the information available since it's pretty great.

Basic Interview Preparation

Know the answers to these questions at a minimum. Each technical pipeline has its own questions. Refresh some of your interview skill by reviewing, "Seven Job Interview Mistakes You Probably Don't Realize You're Making," by Caroline Ceniza-Levine.

Basic Interview Questions

  1. What salary would you need to work here?
  2. Explain the model of what happens when you type in example.com (or google.com) into a browser and hit enter?
  • This is FAR more than just explaining DNS!
  • Be prepared to pick up a marker and walk to a whiteboard for this question.
  • As you walk through your explanation, talk about the assumptions you make: type of machine on which you press enter, operating system, browser variant, tab virtualization, etc. A great place to start is to assume that you start with a completely fresh install on an enterprise thin client that is properly physically connected, has joined the domain, and has no cache.
  • This question should take at least 45 minutes to explain and requires you to explain how an application works, how an operating system works, how the processor interacts with system interrupts and the stack/heap, how an ethernet frame is built from an application request, the difference between IPv4 and IPv6, virtualization, load balancing, ARP requests, DNS transfer type, application and network internal caching, CAM tables, routing, firewalls, TCP, IDS/IPS, client-server communication, 302 redirects, http vs https, TLS/SSL, html rendering, different routing protocols, and many, many other things.
  • At each step you need to announce your series of assumptions and explain why you are choosing to explain a particular branch: At this point we'll assume there is no network internal caching server that might respond so now I'll explain X.
  • This is a great place to start: https://github.com/alex/what-happens-when
  1. Now that you explained the model for what happens when you hit enter, how would you break that model?
  2. Since you proposed how to break the model, how would you defend against your proposed break?
  3. Explain an APT campaign and how to protect, defend, and respond to it through various stages of the process. (Hint: look at the first article in the reading list below or just click here for more info.
  4. Why should I hire you?
  5. How will hiring you increase our bottom line?
  6. Why do you want to work here?
  7. Tell me about yourself.
  8. What did you do to prepare for this interview? This should include everything including initial research, reading SEC filings, reviewing product and service offerings, looking at geographic reach, speaking with company employees, what content studied, how you practiced for interviews and what that content covered, and anything else you did you to prepare. This question could actually be the only question you get asked.
  9. What will you accomplish in your first 30/60/90 days here? Prepare for this question after researching the company and building a plan covering each 30-day block in the first quarter you will work there. Easier said than done!
  10. What is your biggest strength and weakness? Do not say you work too hard, even if you think you do. What you actually probably do is work very well in sprints, which means you are very good at project-ized work rather than marathon grinds. If your biggest strength is creativity, then your biggest weakness is probably being stuck in a repetitive environment, in which case you talk about ways that you either find creativity within that environment or how you evaluate a position to see if it aligns with your creative personality.
  11. What is an APT? Explain one framework that shows how any APT operates.
  12. Tell me a story about recent *unclassified* APT activity and how it relates to a campaign.
  13. Explain a current industry gap.
  14. Tell me about a current or recent technical side project and/or your home lab.

Questions You Can Ask at the End of the Interview

  • How is performance evaluated?
  • How does this role contribute to the company's revenue growth?
  • Why is this role available? (if you are backfilling someone, why did they leave?)
  • How can I improve my interview?
  • What about the company or market keeps you up at night?
  • Why do you keep coming in to work in the morning?
  • Could you help me understand the company's mission?
  • What is your favorite product/service at our company and why?
  • Is there any mandatory reading for the company or this position? If not, what could you recommend I study between now and a potential start date?