My First IT Security Interview

danny069

Hello All,

I have my first IT Security related interview for an IT Analyst position at a University setting and I was wondering what kind of technical questions you have all been asked? I have been reviewing everything I learned in school, such as red team/blue team simulations, password salting, hashing, wireshark, nessus, etc. This would be my first IT Security job if I am offered, so I hope I get the chance to apply what I have learned. Thanks!

BlackBeret

What experience do you have using Linux? What can you tell me about how DNS functions? Analyze this traffic capture, what do you notice about it? What is the fourth image (based on time stamps) a picture of? If you were capturing traffic on a network built as X, where and how would you capture traffic for analysis?

NetworkNewb

Also, what is the description of the position? IT Analyst could mean almost anything

danny069

Thanks BlackBeret! This really helps!

scaredoftests

Be ready, basically, for all types of questions. Also, YOU bring questions for them to answer.

danny069

This is the description:

Responsible for implementation and maintenance of security policies and procedures (e.g., security breach escalation procedures, security auditingprocedures and use of firewalls, encryption and endpoint security)Performs security assessments through vulnerability assessments and penetration testsReviews infrastructure and implementation of new security-based technologiesProactively assesses potential items of risk and opportunities of vulnerability in the networkRespond, investigate and track SPAM and phishing schemes.Update an internal security web site, blog and other social networking resources to share and warn about IT Security related topics and issues.Perform IT Security forensic analysis on desktops, laptops, servers and various removable mediaRepresent the security needs of the University by providing expertise and assistance in moderately complex IT projects with regard to securityissues.Lead and/or participate in Incident Response. This includes but is not limited to virus/botnet outbreaks, email/phishing scams, account compromisesand security breaches)Support day-to-day administration of various firewalls, network access control and intrusion detection systems, as well as monitor these systems forsuspicious activity.Manage and create Active Directory objectsParticipates in Security Awareness Programs (including but not limited to creation of awareness material and training)

danny069

@scaredoftests you are absolutely right about that, thank you!

NetworkNewb

Sounds like a good position! Definitely prepare for them to ask you what resources your use to stay current on events and how you keep your knowledge up to date.

Best of luck!

danny069

Thanks NetworkNewb, I appreciate your input!

tpatt100

scaredoftests wrote: »

Be ready, basically, for all types of questions. Also, YOU bring questions for them to answer.

I did my first interview in almost 10 years a couple of months ago and that was some feedback the group gave me was that I didn't ask enough questions. I tried to but this group of people liked to talk a lot and I was trying not to interrupt lol.

danny069

That is too funny Tpatt100, I think I would rather have them do most of the talking too lol

beads

In an University setting be prepared to answer a question or two from a "prisoner's dilemma" point of view. Colleges and Universities are often difficult political environments in which to navigate. Lots of "slow-go and no-go" areas.

Be prepared to ask and answer those questions as well. Understand the layer 8 of the requirements before moving forward.

Sympathies

- b/eads

joemc3

I worked for a university for 14 years. Do understand that long tenured professors are also your boss. If you don't believe me get the job and then piss off one.

SaSkiller

Ugh, I hate that job posting. Lots of policy and mentions leading when you are supposed to be an analyst. Sounds like: We want a security person but we don't really know what you are going to be doing!"

danny069

I totally agree with what all of you are saying. Being that this is my first opportunity to land a position in an IT Security role, I will go to the interview and see how it goes. I currently work in a university setting now, but primarily tech support. The number one factor that will sway me is if they will pay for my Master's degree, so we'll see. Thanks again for everyone's input, everything helps!

TechGuru80

They will probably ask you about experience with any of the tools or systems/networks, probably about how you get information about security such as blogs, any type of attacks you know about, any projects you have helped with...to be honest the description is lengthy enough that you could get questions on a lot of stuff. Is the job listed as entry level? That will impact how deep they expect answers to be.

the_Grinch

Know your ports, expect some scripting questions (or at least be prepared to show you know scripting or have the ability to learn it), be able to speak about the various command line tools (grep, cut, etc) on Linux and be able to answer questions about how to respond to an incident. I'd also speak about any hunting skills you might have as a lot of organizations are moving towards it. Finally, be able to articulate what you would look for in order to detect an attack and how to mitigate it's effect(s). Good luck!