Wednesday, August 8, 2012

SOC Interview Questions 2

Below are few Security Operations Center (SOC) interview questions.

Already published similar post related to SOC interview questions at
http://blog.disects.com/2012/01/soc-interview-questions-1.html

Q. What is a Proxy?
Q. What is the use of a proxy?
Q. What is the difference between HTTP, HTTPS, HTML?
Q. Explain 3-way handshake?
Q. Following hacks are happening simultaneously. Which one will you try to protect first and why?
        a. Bruteforce attack
        b. Data leakage attacks
Q. How do you protect from data leakage attacks.
Q. Out of Financial loss, reputation loss and data loss, which would you protect from and why?
Q. What is 503 error from Proxy/Cache server
Q. Lots of connections are made from LAN to Internet on a particular IP. What are your immediate steps to mitigate it.
Q. Any recent hack/compromise you came across. How did you resolve it.

Q. How do you identify data leakage hack.
Q. On what parameters will you classify the data as critical to an organization?
Q. Name few well known application protocols and on what TCP/UDP ports they run on.
Q. What is NOP sled? What is it's HEX value.
Q. Explain SYN Cookie.
Q. Different Port Scanning mechanisms.


Leave answers as comments so it might be useful to others who visit the blogpost :-) !!!

You can send me more questions related to SOC interviews which are not covered here to praveen_recker@sify.com, will update with your questions!!