Security interview upcoming, what do you think I should be ready for?

MasterBullfrogMasterBullfrog Member Posts: 28 ■□□□□□□□□□
The focus is going to be Network security and Web application based security.

Can anyone give me any tips on types of things that I should be well versed on? This position revolves around vulnerability/security assessments/ethical hacking and some incident response. I'm sure I should also remain up to date with current trends in the security field too for talking points.

For the most part I feel that I am ready, however, there are things that I'm sure I could do more reading about.

Thank you

Comments

  • ChooseLifeChooseLife Member Posts: 941 ■■■■■■■□□□
    If you have a detailed job description, read it thoroughly and brush up on the parts that you are least comfortable about.

    Good luck!
    “You don’t become great by trying to be great. You become great by wanting to do something, and then doing it so hard that you become great in the process.” (c) xkcd #896

    GetCertified4Less
    - discounted vouchers for certs
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Off the top of my head without seeing the job description:

    OSI Model and the attacks that pertain to each layer
    Port numbers and the services that run on them
    Various security acronym
    Know how common attacks work and how to mitigate them
    Study the job requirements (as others have said)
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • MasterBullfrogMasterBullfrog Member Posts: 28 ■□□□□□□□□□
    the_Grinch wrote: »
    Off the top of my head without seeing the job description:

    OSI Model and the attacks that pertain to each layer
    Port numbers and the services that run on them
    Various security acronym
    Know how common attacks work and how to mitigate them
    Study the job requirements (as others have said)

    Thanks!

    Yeah that was my problem by the way, no job description. I was recruited.
  • jasong318jasong318 Member Posts: 102
    There was a blog posting a while back about 'Questions for an Intrusion Analyst' that was pretty good, let me find it...

    20 Questions for an Intrusion Analyst » ActiveResponse.org
  • docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    I felt IT Security Interviews Exposed did a good job of covering what's expected in infosec professionals:

    http://www.amazon.com/IT-Security-Interviews-Exposed-Information/dp/0471779873

    For me it's about a lot of the core basics, a decent amount of domain-specific knowledge (applicable to the type of position you're applying for), attitude, and mindset. Technical chops are just part of the overall picture.
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
  • MasterBullfrogMasterBullfrog Member Posts: 28 ■□□□□□□□□□
    jasong318 wrote: »
    There was a blog posting a while back about 'Questions for an Intrusion Analyst' that was pretty good, let me find it...

    20 Questions for an Intrusion Analyst » ActiveResponse.org

    docrice wrote: »
    I felt IT Security Interviews Exposed did a good job of covering what's expected in infosec professionals:

    http://www.amazon.com/IT-Security-Interviews-Exposed-Information/dp/0471779873

    For me it's about a lot of the core basics, a decent amount of domain-specific knowledge (applicable to the type of position you're applying for), attitude, and mindset. Technical chops are just part of the overall picture.


    Awesome!

    Much appreciated guys - I'll get to reading asap.
  • pseniorpsenior Member Posts: 28 ■□□□□□□□□□
    I had an interview for a SOC job a few months ago. It was the toughest interview I ever had, technically. Technical phone interview, written quiz and lots of questions during the in-person interview. I was studying a lot around this time for my CCNA exam, so I thought I did pretty well on the networking questions. However, I didn't (and still don't) have any experience with firewalls, so I couldn't answer any of the questions having to do with iptables commands. Wish I had known about the above mentioned resources back then; will have to check them out myself as time and funds permit.
  • docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    The great thing about firewalls is that anyone can set one or more up and learn for free. For host-based firewalls, Windows has one built-in, and especially when you start using Windows Firewall with Advanced Security you get even greater flexibility. For a network-based firewall, iptables on a Linux host with IP forwarding enabled is a good one, as well as pf on OpenBSD. You also have GUI-managed firewall packages (many with free community editions) that are built on top of these open source solutions. However, as a start I recommend getting dirty with the command-line.

    Once you understand what a firewall looks and feels like, you then move into differentiating between static packet filters, stateful filtering, stateful inspection, and the latest incarnation which many vendors refer to as "next-generation" which is really mostly about application awareness / control (Fortinet, Sourcefire, Cisco, Check Point, Palo Alto Networks, Juniper...). Even Untangle supports application control these days on the free version.

    But yes, there are lots to learn and lots of traffic to understand. For free. The only thing it really costs you is time and effort.
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
  • doverdover Member Posts: 184 ■■■■□□□□□□
    MasterBullfrog,

    I had a similar interview not long ago for an infosec engineer position with an organization with a ton of public web apps. The interviewer focused quite a bit on:

    XSS
    Cross site request forgery
    Newer web application firewall technologies and products
    SQL Injection
    Remote code execution
    Format string vulnerabilities

    But everyone else is dead on. Be up to date on your acronyms and current trends and also be aware of what web sites you use to stay current on security information - packetstorm, MSISAC, SANS, CERT, etc.

    Good luck!
Sign In or Register to comment.