Showing posts with label Interview Questionss. Show all posts
Showing posts with label Interview Questionss. Show all posts

Wednesday, August 8, 2012

SOC Interview Questions 2

Below are few Security Operations Center (SOC) interview questions.

Already published similar post related to SOC interview questions at
http://blog.disects.com/2012/01/soc-interview-questions-1.html

Q. What is a Proxy?
Q. What is the use of a proxy?
Q. What is the difference between HTTP, HTTPS, HTML?
Q. Explain 3-way handshake?
Q. Following hacks are happening simultaneously. Which one will you try to protect first and why?
        a. Bruteforce attack
        b. Data leakage attacks
Q. How do you protect from data leakage attacks.
Q. Out of Financial loss, reputation loss and data loss, which would you protect from and why?
Q. What is 503 error from Proxy/Cache server
Q. Lots of connections are made from LAN to Internet on a particular IP. What are your immediate steps to mitigate it.
Q. Any recent hack/compromise you came across. How did you resolve it.

Q. How do you identify data leakage hack.
Q. On what parameters will you classify the data as critical to an organization?
Q. Name few well known application protocols and on what TCP/UDP ports they run on.
Q. What is NOP sled? What is it's HEX value.
Q. Explain SYN Cookie.
Q. Different Port Scanning mechanisms.


Leave answers as comments so it might be useful to others who visit the blogpost :-) !!!

You can send me more questions related to SOC interviews which are not covered here to praveen_recker@sify.com, will update with your questions!!




Posted by at No comments:
Labels:

Wednesday, January 25, 2012

SOC Interview Questions 1

Below are the questions collected from friends who attended interviews related to Security Operations Center (SOC).

Difference between Probe vs Scan.
Difference between Security event and Security incident.
Wwhat is incident response (IR)?
How will you carry on Network forensics?
How will you carry on Memory forensics?
What is APT (Advanced Persistent Threat)?
What is IOC (related to APT)?
What is ROT13?
What is C2 (Command and Control)?
Difference between normal threat vs APT ?
Vulnerability vs Threat vs Exploit vs Risk.
Different Evasion techniques of Malware?
Different ways of compressing Malware?
What is threat agent?
Explain drive-by downloads.
Difference between Symmetric and Asymmetric encryption?
How do you collect image for Forensics without modifying the integrity of data on the PC/Laptop?
(http://darshanams.blogspot.com/2010/09/forensics-1-extracting-image.html)
Size of Registers in CPU? Are registers same for different CPU's?
How to change Linux root password?

Following articles might be of your interest
http://darshanams.blogspot.in/2012/05/cain-and-abel-password-cracking.html
http://darshanams.blogspot.in/2011/09/portable-document-files.html
http://darshanams.blogspot.in/2011/05/snort-logging-alerts-to-syslog-server.html

Will come up with more questions once I get in touch with other friends.
Posted by at 2 comments:
Labels: ,
Subscribe to: Posts (Atom)