KEMBAR78
Cybersecurity Interview QA | PDF
Scribd
Upload
4 views2 pages

Cybersecurity Interview QA

The document outlines key concepts in cybersecurity, including encryption types, firewall functions, and the CIA triad. It also covers various cyber threats, prevention strategies, and the importance of user training and incident response. Additionally, it emphasizes the need for strong password policies and multi-factor authentication for enhanced security.

Uploaded by

Oroxie Ebi Praize
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
4 views2 pages

Cybersecurity Interview QA

The document outlines key concepts in cybersecurity, including encryption types, firewall functions, and the CIA triad. It also covers various cyber threats, prevention strategies, and the importance of user training and incident response. Additionally, it emphasizes the need for strong password policies and multi-factor authentication for enhanced security.

Uploaded by

Oroxie Ebi Praize
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Cybersecurity Interview Questions and Answers

1. Symmetric vs. Asymmetric Encryption

Symmetric: Uses one key for both encryption and decryption.

Asymmetric: Uses a public key to encrypt and a private key to decrypt.

2. How Firewalls Work

Firewalls monitor and control incoming/outgoing network traffic based on security rules.

3. CIA Triad

Confidentiality: Protecting data from unauthorized access.

Integrity: Ensuring data isn't altered.

Availability: Ensuring access to data/services when needed.

4. Man-in-the-Middle Attack (MitM)

An attacker intercepts communication between two parties.

Prevention: Encryption (HTTPS), VPNs, strong authentication.

5. IDS vs. IPS

IDS (Intrusion Detection System): Monitors and alerts.

IPS (Intrusion Prevention System): Monitors, alerts, and blocks.

6. Common Cyberattacks

Phishing: Deceptive emails to steal credentials.

DDoS: Overwhelms a service to make it unavailable.

SQL Injection: Injects malicious SQL queries to access databases.

7. Securing a Network

Use firewalls, antivirus, strong passwords, patch systems, segment the network.

8. Honeypots

Decoy systems used to detect or study attackers without risking real systems.
9. Handling Ransomware

Isolate infected systems, report the incident, assess backups, don't pay ransom, begin recovery.

10. Suspicious Network Traffic

Check logs, identify source/destination, use tools (e.g., Wireshark), and block malicious IPs.

11. User Reports Phishing

Verify email, report to IT/security team, alert other users, and train the user.

12. Dealing with a Security Incident

Describe the incident, your role, how you contained it, and lessons learned.

13. Staying Updated

Follow cybersecurity blogs (e.g., Krebs, Threatpost), take courses, join forums (e.g., Reddit,

LinkedIn groups).

14. Team Collaboration

Talk about communication, division of roles, and resolution process during a past incident or project.

15. Password Policy & MFA

Strong passwords reduce risk; MFA adds an extra layer of security by requiring a second form of

verification.

16. Creating a Security Policy

Define roles/responsibilities, acceptable use, access controls, incident response, and training.

17. User Training Role

Human error is a major risk; educating users helps prevent phishing, weak passwords, and unsafe

browsing.

You might also like