A list of some of the most popular questions at the cyber security interview

5 min readJul 6, 2021

Every year the need for cybersecurity professionals grows as does the competition. in order to get the job you dream of, you have to be the best. The interview plays an important role in this process. Interview questions can often be task-oriented, but there are questions that allow the employer to understand your breadth of knowledge about different technologies.

1. Tell me about yourself?
2. Why do you want to work for our company in this Cyber Security role?
3. Why is Cyber Security important?
4. What are the steps in Cyber Kill Chain, and what is its purpose?
5. Outline a few simple steps you would take to secure a server?
6. What are your strengths and weaknesses?
7. Talk me through your Incident Handling procedure?
8. What is a Firewall and what are the benefits of one?
9. What is Data Leakage?
10. Explain the difference between Risk, Vulnerability & Threat in a network?
11. Explain a situation when you had to work under pressure?
12. What is Layer 2?
13. Describe how a Brute Force Attack takes place and what you would advise to prevent it?
14. You are working in the Cyber Security department and you receive series of complaints from staff saying they are getting spam emails from another employee’s computer who has been on holiday for the past week, and hasn’t had remote access. Upon investigation, there is malicious software on the computer that was installed whilst the absent employee was on leave. What do you think happened?
15. What digital or electronic cyber security and what offline security measures measure might you expect to implement?
16. What is the difference between an IPSec and an SSL VPN?
17. What is difference between asymmetric and symmetric encryption?
18. A colleague that is well known to you sends you an electronic birthday card to your email. To access the contents of the electronic birthday card, you need to click on an attachment. Do you click the attachment?
19. Talk me through the process of what happens when someone accesses a URL via a web browser?
20. Explain the difference between VLAN and VPN?
21. What is a DDOS attack? Is it preventable?
22. When creating an Incident Response Plan (IRP), what should you include?
23. Which is better, Cyber Security in the cloud or on premises?
24. Explain what an MITM attack is?
25. Why should we hire you in this Cyber Security role?
26. How do you keep up to date with Cyber Security and technology developments?
27. Where do you see yourself in 5 years’ time?
28. Why do you want to leave your current job?
29. What are your salary expectations in this Cyber Security role?
30. That’s the end of your Cyber Security job interview, do you have any questions for the panel?

Source: CYBER SECURITY Interview Questions And Answers! (How to PASS your Cyber Security Job interview!) (YouTube)

31. How is encryption different from hashing?
32. Describe your home Network/Lab ?
33. What is the OSI model?
34. Which is more secure: open source or closed source software?
35. Which security Framework is best?
36. What is the primary goal of information security or cyber security?
37. What is risk? What is a Threat? What is a Vulnerability?
38. Where do you get your security news from?
39. Why are preventative controls better than detective controls?
40. Should you compress or Encrypt first?

Source: Cyber Security Interview Questions You Must Know (YouTube)

41. How do you protect connected mobile devices on your network from cyber attacks?
42. Do you have a Cyber Security Incident Response Plan?
43. Which user applications have you found are most susceptible to being hacked?
44. What is the difference between ECB and CBC in an IT security environment?

Source: CYBER SECURITY Interview Questions and Answers! (YouTube)

45. Explain TCP three way handshake?
46. What is a SIEM?
47. Can you explain the SSL handshake, Can you name 5 common ports and their services?
48. Where do you find logs (Linux/windows)?
49. If you went into a room and there were two computers there and one was infected with malware, how would you find out which one it was?
50. How can you defend against ransomware? (They wanted to hear antivirus and segmented VLAN’s) What are three types of malware and then explain them in more detail)
51. What is XSS and reflected XSS?
52. If you had a botnet and you could do anything with it what would you do? (Without fear of judgement)
53. What is a DMZ and what would you most likely find in it?
54. What is a firewall, ips, and ids and where are they placed on a network?
55. What is the difference between Telnet and SSH?
56. HTTP and HTTPS?
57. If you had a botnet how would you use it to make money? (no legal constraints)
58. Subnetting (what does /16 mean in context of subnetting)?

Source: Entry Level [technical] CyberSecurity Job Interview Questions (WITH ANSWERS!) (YouTube)

59. What is IPSec?
60. At which layer IPSec works?
61. Why AH will not work through a NATed device?
62. Why ESP is more secure than AH?
63. What Ports Does IPSEC Operate On? What is IKE?
64. What are the advantages of IKEv2 as compare to IKEv1?
65. What is ISAKMP?
66. What is Diffie-Hellman?
67. What are Security Associations?
68. What is Transform set?
69. What is the use of configuring ACL in IPSEC configuration on a Cisco router?
70. Explain two methods by which two IPSEC routers can authenticate with each other?
71. In IPSEC, If ESP provides both encryption and authentication, why is AH required?
72. What is HMAC?
73. In which IPSEC Phase is the keys used for data encryption derived?
74. How many modes in IPSec can operate?
75. What are the disadvantages of IPSec?
76. How ESP & AH Provides Anti-replay Protection?
77. How do you check the status of the tunnel’s phase 1 & 2?

Source: IPSec Interview Questions and Answers || Top 20 IPSec Questions (YouTube)

A list of some of the most popular questions at the cyber security interview

Written by Redduxi

No responses yet