Cyber Security Interview Questions
Cyber Security Interview Questions

Cyber Security field can be very exiting and thrilling, specially for those who are passionate to get into Cyber Security. Real Cyber Security interview questions can help you land at Cyber Security jobs. We are sharing some real interview questions asked in various interviews that I faced, and few from other experiences.

I will also soon be sharing many interview experiences , yes I got rejected allot so I have quite a collection of questions. But hope this helps you.

We will keep updating the questions as I experience more or get genuine questions from reliable people. So this page will get more populated soon. and the questions maybe classified later into various fields if we make enough into the list.

1 – Basic Leve Questions
2 – Intermediate/Medium Level Questions
3 – Advanced/Intermediate+ Level Questions

I earlier thought to separate posts for basic , intermediate , advanced. But it seems all questions on same page in different sections would be better. So merging all here.

This page is updated on – 19 May 2021

Basic Cyber Security Interview Questions

What is Cyber Security

Variations : What are your your thoughts when you hear Cyber Security ?

Protecting , maintaining the digital applications and supporting infrastructures, there are various fields like threat and vulnerability management, penetration testing, audit and compliance, Antivirus, Infrastructure security like firewalls, Antivirus, emails, patch management, asset security, web application security, threat intelligence and much more. So in very brief it is protecting the digital flow of information and the infrastructure that is supporting the information flow. We club everything as whole and call it Cyber Security.

What are Different types of Hackers?

What is Firewall ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What are different Networking Devices?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What Do you have on Your Network ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is NAT ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is VPN ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is HoneyPot ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is IDS & IPS ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What are Different IP Ranges ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What are Phases of Hacking ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What are Different IP Ranges ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What are Different layers of OSI Model ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is Traceroute ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Tell me About Commonly used port numbers along with Protocol ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What are Phases of Hacking ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is Difference Between a threat, a vulnerability and a risk ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is Difference Between a threat, a vulnerability and a risk ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is Difference Between SSL & TLS ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is SSL ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is Difference Between VA & PT ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Define CIA Traid ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is OWASP ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Tell me about OWASP Top 10 Vulnerabilities ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is Difference Between Events, Alerts & Incidents ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is DoS & DDoS ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is Salting ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Can List Some Common Cyber Security / web attack?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Intermediate/Medium Level Cyber Security Interview Questions

What is BotNet ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Do you Know any Cyber Security Frameworks ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Explain SSL Encryption ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Explain System Hardening ? How would you do it for Windows and Linux Servers ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Explain Difference Between Process ,Guidelines and Polices?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is false positive and false negative in case of IDS ? Which is more acceptable ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is the use of patch management & How often you should perform it ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

SSL or HTTPS which is more secure ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

How to Reset or Remove BIOS password ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Do you Telnet ? what is it's weakness ? and how was this weakness removed ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

How to find IP address of Machine ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What are Certificates why do we need them ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is AV ? What are types of Antivirus ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

How to prevent DDoS attacks ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

How to prevent DoS attacks ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What are System logs & How to read them ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is DLP ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is Brute Force Attack ? and How to Prevent Brute Force attack ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Explain 3-way Handshake?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What are MiTM Attacks ? and How to Prevent MiTM attacks ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is Difference Between TCP & UDP ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is Encryption ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is 2FA and How it can be implemented for Public Website ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

How do you Handle antivirus alerts?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

How do you secure mobile devices across Enterprise Networks ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is Remote Desktop Protocol(RDP) ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Can you name a few high-profile recent cyber attacks that have happened ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Advanced Level Cyber Security Interview Questions

What are Different SOC models ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Explain SOC team Hierarchy ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is Cognitive Cyber Security ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What are top benefits of SOAR ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is log Aggregation? what are common ways to aggerate logs for SIEM ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is log Enrichment?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is log Normalization and Categorization ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is Log parsing ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is difference between Encryption and Hashing ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is forward Secrecy and how does it work ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Explain Different types of firewall in details ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is Difference between HIDS & NIDS ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

How to protect data in transit VS rest ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is Difference between Diffe hellman and RSA ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What are HTTP error codes ? name few ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is cipher text ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What are various types of Data breach ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is perimeter-based and data-based protection ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What do you document in an Incident ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Why do we need SOC team ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What ticketing tool you have worked on ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is SLA ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What are different types of VLAN ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

How will you detect WAF or firewall ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

what type of patching tool you are familiar with ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What types of lg you will receive everyday ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Explain Splunk Architecture ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

How do you provide email security ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

How you Detect Ransomware though SIEM ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is session Hijacking & how it is different from session fixation ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What steps you will take in company as Security Analyst , in case of Ransomware attack ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What are Splunk ports ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is Mitre Att&ck Frame work ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is AAA ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is Zero day attack ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is inbound and outbound traffic ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What command you will you use to check packet loss or not and the connection is working fine or not ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

How will you forward logs and add log source ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Assume you are head of security in you organization , a breach happen in your org how will you handle it ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What are different dashboard you generate ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Apart from SIEM what other tools have you worked on ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

How does OpenVPN works ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Explain SIEM Implementation phases ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Explain the incident response/process lifecycle ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Explain SOC workflow ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What do you document in Shift handover ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

what is SOP/playbook/runbook?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Difference between Blue-team and red-team ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is Difference between VPN & VLAN ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Explain CSRF & security Misconfiguration ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is Difference between stream cipher and block cipher ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

How can identity theft be prevented ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What are steps to setup a firewall?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is difference between information protection and information assurance ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What are several Indicators of compromise that an organization should look for ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is difference in Find & locate in Linux ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What will you do if there are 200 alerts triggered at once ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

what is Cyber kill chain ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Explain Trojan Infection process ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

How do you handle P1 incident in SOC ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

Take me though cyber security incident handling process ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is data exfiltration ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What are Risk management phases ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is difference between symmetric and asymmetric Encryption ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is PKI ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

How will you secure server ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is web Cache poisoning ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

How do you Continously monitor a file in linux, you want to the file changes being displayed in screen frequently ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is RCE on Website ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What is kerberosting ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

How to avoid looping while sending packets from one switch to another ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

If IP is provided to you what will be your approach to do Vulnerability Assessmentd ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

How you stay updated with currently threats, vulnerabilities, security issues, Data breach ?

Answer to be updated here soon as I get time, the answer will be an example answer of what I would have said, is not perfect nor ideal, I expect you to answer them correctly with confidence.

What Do You Think on This ? Say Here