Reading Time: 5 minutes

Information Security Interview Questions

Information security management system is a set of policies and procedures for systematically managing an organization’s sensitive data. Here I have listed Top 25 Information Security Interview questions.

1. What is the role of information security analyst?

The Role of information security      

• Implementing security measures and protect computer systems.
• Preventing data loss and service interruptions
• Testing data processing system and performing risk assessments
• Up-to-date with the latest intelligence includes hacker’s technique known as well.
• Recommending security enhancements and purchases
• Planning, testing and implementing network disaster plans
• Staff training on information and network security procedures.

2. List out the steps for successful data loss prevention controls?

Successful steps for Data Loss Prevention Controls

• Create an information risk profile
• Create an impact severity and response chart
• Based on severity and channel determine incident response
• Create an incident workflow diagram
• Assign roles and responsibilities to the technical administrator, incident analyst, auditor and forensic investigator
• Develop the technical framework
• Expand the coverage of DLP controls
• Append the DLP controls into the rest of the organization
• Monitor the results of risk reduction

3. What is data leakage?

The separation of IP from its intended place of storage is known as data leakage.

4. What are the factors that can cause data leakage?

Data leakage

• Human error
• Technology mishaps
• System Misconfiguration
• Copy the IP to a less secure system or their personal computer
• A system breach from hacker
• Corrupt hard-drive
• Back up are stored in an insecure place
• Inadequate security control for shared documents or devices
• Application developed to interface to the public.

5. What is the 80/20 rule of networking?

80/20 is a thumb rule used for describing IP networks, 80% of all traffic should remain local while 20% is routed towards a remote network.

6. List out various WEP cracking tools?

Various tools are used in WEP cracking

• Air crack
• WEP Crack
• Kismet
• WebDecrypt

7. Mention what is WEP cracking? What are the types of WEP cracking?

WEP cracking is a method of exploiting security vulnerabilities in wireless networks and gaining unauthorized access.

8. What are the types of WEP cracking?

There are two types of WEP cracking

Active cracking

The WEP security has been cracked and this type of cracking has no effect on the network traffic.

Passive cracking

It is easy to detect compared to passive cracking. This type of attack has increased load effect on the network traffic.

9. List out the Techniques used to prevent web server attacks?

• Patch Management
• Secure installation and configuration OS
• Safe installation and configuration of the web server software
• Scanning system vulnerability
• Anti- virus and firewalls
• Remote administration disabling
• Removing of unused and default account.
• Changing default ports and settings to customs port and setting

 10. Mention what are web server vulnerabilities?

• Default settings
• Misconfiguration
• Bugs in operating system and web servers

11. Explain XSS attack?

Cross-site scripting (XSS) attacks are a kind of injection, where malicious scripts are injected into in any other case benign and depended on web pages. XSS assaults arise when an attacker makes use of a web utility to ship malicious code, often in the type of a browser part script, to an additional end person.

12. How pushing can be prevented?

• Having a guard against spam
• Communicating personal information through secure websites only
• Download files or attachments in emails from unknown senders
• Never e-mail financial information
• Beware of links in e-mails that ask for personal information
• Ignore entering personal information in a pop-up screen.

13. What are the useful certification?

Useful certification security analysis

• Security Essentials (GSEC):It declares that candidate is expert in handling basic security issues. This is the basic certification in security.
• Certified Security Leadership:It declares the certification of management abilities and the skills. It is required for lead the security team.
• Certified Forensic Analyst:It certifies the ability of an individual to conduct formal incident investigation and manage advanced incident handling scenarios including external and internal data breach intrusions.
• Certified Firewall Analyst:It declares that the individual has proficiency in skills and abilities to design, monitor and configure routers, firewalls and perimeter defense systems.

14. How can an institute or a company can safeguard himself from SQL injection?

• Sanitize user input:User input should be never trusted. It must be sanitized before it’s used.
• Stored procedures: These can encapsulate the SQL statements and treat all input as parameters.
• Regular expressions:Detecting and dumping harmful code before executing SQL statements.
• Database connection user access rights:Only necessary and limited access right should be given to accounts used to connect the database.
• Error messages:Error message should not be specific telling where the exactly error occurred. It should be more generalized.

15. What is social Engineering?

• Social Engineering is the use of human as a vector to compromise system.
• It involves fooling otherwise Manipulating Human personnel into reveling information or performing actions on the attacker’s behalf.
• Common social engineering techniques include phishing, baiting, and click jacking several other tricks are in an attacker’s disposal.

16. What is the one thing that you have found that contributes the most to software security risks?

Budget, lack of buy in communication breakdown between development, IT security operations, and management come to mind.

17. What is proxy?

PROXY

Proxy server is a computer system it acts as an intermediary for requests from clients seeking resources from other servers.

Client connects to the proxy server, requesting some services such as file, web page, connection, and other resource available from a different server and the proxy server evaluates the request as a way to simplify and control is complexity.

18. What is Firewall?

It is basically meant for network traffic control and filtering. It allows to deny packets and connections based on certain pre-defined rules. It has three layer.

19. What is the difference between IDS and IPS?

IDS

Intrusion Detection System is an application. It tries to detect intrusion attempt based on attack signature database.

IPS

Intrusion prevention system detects the intrusion and goes one step ahead to prevent it as well. It simply drops the pocket based on rules.

20. What does RSA stand for?

RSA is one of the first practical public key cryptosystems. It is widely used for secure data transmission. The acronym stands for Rivest, Shamir, and Adelman, the inventors of the technique.

21. How do you classify information security risks across an organisation?

• Assets security Risk
• People security Risk
• Operational Risk
• Communication security Risk

22. What is SIEM?

Security Information and event management is an approach to security management. It seeks to provide a holistic view an organization’s information technology (IT) security.

23. Explain the term defence in depth?

Defence in depth is the act of using multiple security measures to protect the integrity of information. This method addresses vulnerabilities in technology, personnel and operations for the duration of a systems life cycle.

24. What is honeypots?

A honeypot is a computer system. It is set up to act as a decoy to lure cyber attackers, and to detect, deflect or study attempts to gain unauthorized access to information systems.

25. Briefly describe NAT?

NAT is Network Address Translation. It is a protocol that provides a way for multiple computers on a common network to share single connection to the Internet.