[go: up one dir, main page]
Scribd
Upload
321 views3 pages

Cybersecurity Interview Prep Guide

The document contains interview questions asked by Deloitte for security analyst roles. The questions cover topics such as investigating incidents, malware persistence stages, network monitoring tools like IDS/IPS, DNS security, registry functions, EDR technology, and investigating user web browsing and virus infections. Later rounds include scenario-based questions and topics like the cyber kill chain model, password cracking methods, and compliance frameworks.

Uploaded by

sivapavani4245
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
321 views3 pages

Cybersecurity Interview Prep Guide

The document contains interview questions asked by Deloitte for security analyst roles. The questions cover topics such as investigating incidents, malware persistence stages, network monitoring tools like IDS/IPS, DNS security, registry functions, EDR technology, and investigating user web browsing and virus infections. Later rounds include scenario-based questions and topics like the cyber kill chain model, password cracking methods, and compliance frameworks.

Uploaded by

sivapavani4245
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Deloitte Interview Questions

Round 1:

1) Tell me about your self / What are your roles and responsibilities /Walk me through your profile
2) What is that one incident investigation that you did, for which you feel proud of ?
3) Steps for investigating the spam mail ?
4) Explain about the Persistence stage ?
5) How to deal with the malware which is already in the persistence stage or How to mitigate an
incident in which the malware is in the persistence stage?
6) What is IDS, IPS & IDS vs IPS?
7) What is the significance or need of the IDS?
8) IS it necessary to monitor the DNS traffic ?
9) Tell me what you know about the DNS security ?
10) What is your understanding about the living of the land or file less malware ?
11) What is registry ?
12) What is EDR and it’s significance?
13) Port number of the Ping Protocol ?
14) Investigation steps for the user is visiting the harmful websites ?

Round 2:

1) Tell me about the roles and responsibilities in the current organization ?


2) Scenario based: Suppose a user “x” is try to logging in from different geo locations with in a
short period of time, build an use case for handling and containing the incident.
3) Scenario based: From the SOC point of view which traffic is more important between Inbound
and Outbound.
4) What is EDR ?
5) Port scanning, Vertical and horizontal scanning ?
6) What is the difference between Hash, Encryption and encoding?
7) Explain the Cyber kill chain with an real time example ?
8) Tell me about the recent Vulnerabilities and Attack vectors?
9) Tell me about the roles and responsibilities in the current organization ?
EClinical Works
Round 1:

1) Tell me about the roles and responsibilities in the current organization ?


2) Explain the ArcSight ESM architecture in a leyman terms ?
3) Difference between the Filters vs Rules vs Active Channels ?
4) What is the significance of the Logger ?
5) Tell me about the True Positive Vs False Positive ?
6) What is an Active channel ?
7) Brute Force Attack rule in the Arcsight ESM?
8) Define the SIEM in a single statement ?
9) What is a Flex connector ?
10) How do you block the bad senders in the Messaging Gateway?
11) Difference between Events & Incident?
12) IPS working ?
13) Explain about the Dash boards?
14) Tell me about the windows logs ?
15) Explain the step by step procedure for creating the Active Channel?
16) What is Spear Phishing ?
17) Syslog port?
18) Push and Pull mechanism?
19) What are the devices you have integrated with the ArcSight SIEM?
20) Explain about the integration of checkpoint Opsec with the ArcSight SIEM?
21) Cyber kill chain
22) Security aspects of windows vs Linux?
23) What should be Security Postures for preventing the Advanced malware ?
24) What is Ransome ware ?
25) DNS port?
26) What is Drive by compromise attack ?
27) Investigation steps for the user is visiting the harmful websites ?
28) Investigation steps for the virus infection ?
Round 2:

1) Tell me about the True +ve, False +ve, False –ve and True –ve?
2) Types of attacks ?
3) Explain the working of IDS and IPS
4) How IPS is different from the IDS?
5) Types of IDS & IPS?
6) What are the password cracking attacks ?
7) Difference between the Rainbow tables and Dictionary attack?
8) Explain the phases of Chain request?
9) What is CMDB?
10) Tell me about the HIPAA & NEST compliance models ?
11) Cyber kill chain stages ?
12) What is problem management ?
13) What is Diamond model?
14) What are the types of reports which you draft on day to day bases?
15) What is APT?
16) Difference between the Ransome ware and Virus ?
17) What is AAA and explain with an example ?
18) Vulnerability scanning vs Penetration Testing?
19) SPF vs DKIM
20) Symmetric and Asymmetric Encryption ?

You might also like