Security Interview Questions
Hey everyone! Recently, my friend Tyler dropped some info-sec interview questions that are really out of this world. This is a super set of questions, that are challenging, technical, and promote open ended answers, to see how people think about computers:
Windows
1. How to list network interfaces with the most available details?
2. How do you change a user password from command line?
3. Display all the listening ports.
4. Locations for automatic startup programs?
5. Where do you view application security logs?
Linux
6. What is the command used to look for strings in binary?
7. What is syslog?
8. Where are logs stored?
9. What log file would you search for data related to a application crash?
10. What is the command to list open file objects?
Server
11. Explain the architecture of Active Directory and a typical implementation.
12. What is the difference between Kerberos and NTLM?
13. Explain the different access controls used by windows and linux hosts.
14. What is the error code on a web server alerting to forbidden access?
15. How do you break from a guest to a host OS through the Hypervisor?
Networking
16. How does SSL/TLS work?
17. What is the IPv6 version of ARP?
18. What are the two primary ways an IDS can receive data in a networked environment?
19. Primary controls for locking down a routers access routes?
20. How are fragmented packets handled in IPv6?
Application
21. What is a Oracle Padding attack?
22. Explain how to perform a SQL injection and some of the tools you are familiar with.
23. Explain how session fixation works.
24. Explain the process of discovering and exploiting a stack based overflow.
25. Explain different mitigation techniques to the above exploits.
Threat Intelligence
26. How would unpack a custom packer in a piece of malware?
27. What is a method to hook a system call in the windows OS?
28. 10 assembly instructions and what they do.
29. What research have you authored?
30. What research forums or lists do you follow?
31. Explain your process for reverse engineering malware.
Windows
1. How to list network interfaces with the most available details?
2. How do you change a user password from command line?
3. Display all the listening ports.
4. Locations for automatic startup programs?
5. Where do you view application security logs?
Linux
6. What is the command used to look for strings in binary?
7. What is syslog?
8. Where are logs stored?
9. What log file would you search for data related to a application crash?
10. What is the command to list open file objects?
Server
11. Explain the architecture of Active Directory and a typical implementation.
12. What is the difference between Kerberos and NTLM?
13. Explain the different access controls used by windows and linux hosts.
14. What is the error code on a web server alerting to forbidden access?
15. How do you break from a guest to a host OS through the Hypervisor?
Networking
16. How does SSL/TLS work?
17. What is the IPv6 version of ARP?
18. What are the two primary ways an IDS can receive data in a networked environment?
19. Primary controls for locking down a routers access routes?
20. How are fragmented packets handled in IPv6?
Application
21. What is a Oracle Padding attack?
22. Explain how to perform a SQL injection and some of the tools you are familiar with.
23. Explain how session fixation works.
24. Explain the process of discovering and exploiting a stack based overflow.
25. Explain different mitigation techniques to the above exploits.
Threat Intelligence
26. How would unpack a custom packer in a piece of malware?
27. What is a method to hook a system call in the windows OS?
28. 10 assembly instructions and what they do.
29. What research have you authored?
30. What research forums or lists do you follow?
31. Explain your process for reverse engineering malware.