IT Interview Questions Cheat Sheet

IT Interview Questions Cheat Sheet

  • https://www.simplilearn.com/aws-solution-architect-associate-job-interview-questions-and-answers-article
  • POSSIBLE “JUNIOR CYBER SECURITY ANALYST” INTERVIEW QUESTIONS AND ANSWERS
  • Day 51: Understanding the OSI Model - int0x33 - Medium
  • Explain RPO/RTO?
    • RTO has a broader purpose because it sets the boundaries for your whole business continuity management, while RPO is focused solely on the issue of backup frequency. 
  • How do you troubleshoot CloudFormation – Use the CloudFormation Console.
  • Explain SOAR
  • Example MITRE
  • Explain Crossite Scripting
  • Explain SQL Injection
  • How do you stop SQL injection,
  • Explain Durability?
  • Stateful vs. Stateless Firewalls?
    • Stateless firewalls are designed to protect networks based on static information such as source and destination. Whereas stateful firewalls filter packets based on the full context of a given network connection, stateless firewalls filter packets based on the individual packets themselves
  • Explain the difference between AWS SecurityGroups and VPC peering?
  • Explain a 3 tier application
  • DMARC (Domain-based Message Authentication, Reporting and Conformation)
  • How can you create a Web site using AWS? Enable HTTP on S3 and E2 instance
  • trace syscalls, understand TCP, care about the difference between sysvinit/runit/systemd,
  • linux AuditD and Sysmon
  • Explain how to migrate high OPS into AWS? (EBS, NetApp CloudVolumes.)
  • What is the difference between Backup/Data Protection and Data Archival?
  • Explain TCP 3-Way Handshake (SYN,SYN-ACK,ACK) – http://support.microsoft.com/kb/172983
  • What is a 301 and 404 error
    • HTTP 404, 404 Not Found, 404, Page Not Found, or Server Not Found error message is a Hypertext Transfer Protocol (HTTP
  • What is the difference between Truncate database and drop table?
    • quickly removes all data from a table, typically bypassing a number of integrity enforcing mechanisms.
    • dropping a table. Deleting a table will result in loss of complete information stored in the table!
  • Explain Public Key Cryptography (PKI)
  • What is the difference between TCP and UDP.
  • What is the meaning of TCP and IP in the term TCP/IP
    • Transmission Control Protocol/Internet Protocol
  • What is Virtulization
  • What is Cloud Computing
  • what is a Neural Networks
    • recognize underlying relationships 
  • What is CI/CD and DevOps
    • Continuous Integration and Continuous Deployment.
    • Dev/Test/PrePod/Prod/DR
  • What is NoSQL
    • nosql key value store
    • Key value pairs
    • NoSQL taxonomy supports key-value stores, document store, BigTable, and graph databases.
  • Give 3 examples of a NoSQL in-memory database
    • hadoop
    • MongoDB
    • AWS DynamoDB
  • symmetric and asymmetric security
  • what options are there for database optimisation
  • how would you secure data in motion as well as data at rest?
  • What is autoscalling and Horizontal and Vertical scalling
  • https://www.whizlabs.com/blog/aws-solution-architect-interview-questions/
  • https://www.edureka.co/blog/interview-questions/cybersecurity-interview-questions/
  • SQL Injection
  • Docker
  • Machine Learning
  • Block Chain
  • Pre vs Post Routing
  • What type of virus protection would us use on a Linux OS. (Trick questions, Linux does not need virus protection.)
  • Cyber Security
    • Confidentiality Integrity Availability
    • Confidentiality is the term used to describe information/data privacy which means the information is not made available or disclosed to unauthorised entities or individuals.
    • Integrity is the term used to describe information/data accuracy and completeness throughout its lifecycle. That means that the data cannot be modified by an unauthorised entities or individuals.
    • Availability is the term used to describe information/data being available when needed. Availability systems needs to remain available at all times preventing service disruptions due to the power outages, hardware failures or system upgrades.
    • What event logs would you review to look for an IOC?
    • What is an IOC?
    • What is an APT?
      Also asked about knowledge of ports, and a handful of scenario based questions related to IR. 
    • an interrupt is a response by the processor to an event that needs attention from the software. An interrupt condition alerts the processor and serves as a request for the processor to interrupt the currently executing code when permitted, so that the event can be processed in a timely manner. If the request is accepted, the processor responds by suspending its current activities, saving its state, and executing a function called
    • Logon Types
  • Authentication is the process of determining if a user is legitimate to use the system and the network. Authentication is usually done using login and password. For example, you will use a username and password to access your email. The email server authenticates your username and password and provides further access.
  • Authorization refers to the access control rights. This implies every user on the network is allowed access to certain portions of data and information and applications according to his/her level in the organization. For example, a marketing person will not be able to record financial transactions. Hence, a user is authorized to perform only certain functions on the network system. These authorization levels are defined by the system administrator who has access to all the resources and user policies in the network.
  • Accounting is known as network accounting which is used to gather all activity on the network for each use. Hence, AAA is a framework for network security which is used to control user access, implement policies, audit usage and keep track of all activities in the network. AAA helps the system administrators and security experts to identify any malicious activity on the network.
  • MITM attack happens when a communication between two parties is intruded or intercepted by an outside entity.
    – Use encryption (public key encryption) between both parties
    – Avoid using open wi-fi networks.
    – Use HTTPS, forced TLS or VPN.
  • What the difference between RFI vs LFI
  • CSRF
    • Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated.
  • XSS Cross Site Scripting
    • Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it.

  • SQL Injection
  • What are Linux C groups
  • Control groups, usually referred to as cgroups, are a Linux
           kernel feature which allow processes to be organized into
           hierarchical groups whose usage of various types of resources can
           then be limited and monitored.  The kernel's cgroup interface is
           provided through a pseudo-filesystem called cgroupfs.  Grouping
           is implemented in the core cgroup kernel code, while resource
           tracking and limits are implemented in a set of per-resource-type
           subsystems (memory, CPU, and so on).

  • What is Linux Shadow groups
  • https://www.deepshankaryadav.net/cyber-security-and-dfir-interview-questions/
  • https://www.threatvectorsecurity.com/blog/Junior-Cyber-Security-Analyst-Interview-Questions-and-Answers
Port Service name Transport protocol
 20, 21  File Transfer Protocol (FTP)  TCP
 22  Secure Shell (SSH)  TCP and UDP
 23  Telnet  TCP
 25  Simple Mail Transfer Protocol (SMTP)  TCP
 50, 51  IPSec  
 53  Domain Name System (DNS)  TCP and UDP
 67, 68  Dynamic Host Configuration Protocol (DHCP)  UDP
 69  Trivial File Transfer Protocol (TFTP)  UDP
 80  HyperText Transfer Protocol (HTTP)  TCP
 110  Post Office Protocol (POP3)  TCP
 119  Network News Transport Protocol (NNTP)  TCP
 123  Network Time Protocol (NTP)  UDP
 135-139  NetBIOS  TCP and UDP
 143  Internet Message Access Protocol (IMAP4)  TCP and UDP
 161, 162  Simple Network Management Protocol (SNMP)  TCP and UDP
 389  Lightweight Directory Access Protocol  TCP and UDP
 443  HTTP with Secure Sockets Layer (SSL)  TCP and UDP
 989, 990  FTP over SSL/TLS (implicit mode)  TCP
 3389  Remote Desktop Protocol  TCP and UDP

 Questions to Ask

  • Do yo have any concerns for my suitability for the role or anything else I can clarify
  • Do you have any concerns or final questions?”
  • What is the current workload?
  • What are the current pain points?
  • What is required for this role?
  • What capabilities do you need for this role?
  • Are there many opportunities for professional development within the company?
  • Where do you see this role in 2 Years? 5 Years?
  • How would you describe the office culture?
  • What do you think are the biggest challenges of the role?
  • Why did you choose this company?
  • What are your growth plans?
  • What does a typical week look like?

Soft Skills

Leave a Reply