Incident Analyst Interview Questions | Glassdoor

Incident Analyst Interview Questions


Incident analyst interview questions shared by candidates

Top Interview Questions

Sort: RelevancePopular Date

This is the strange part about the whole process...I didn't see any of the questions as being "difficult" or "unexpected". I felt that I aced the interviews and then was shot down!

5 Answers

sometimes our perceptions of ourselves are not always accurate. Did you ask them to give you feedback? If you were that great you would have gotten the job. Maybe you should need to do a mock interview or contact a rep from progressive to go over every response you gave and tell you what they were looking for so you will know next time.

Your answer is totally WRONG! They were unwilling to speak to me about it at all. I'm not some rookie who just came into the job market. I've worked at some very prestigious companies throughout my career and have never ran into this before. Some of these past positions involved me in the hiring position. So your implication that I need to do a mock interview is both insulting and stupid on your part. You have no clue. The problem clearly was my age.

Ha ha! Your response to someone's offer to help you was arrogant and rude. No wonder you didn't get a job offer!

Will the lack of holding the required Security +, CEH and GCIH certifications impede my ability to perform in the Incident Response Analyst Role?

1 Answer

Breakdown the details of a /24 subnet mask on an IP address

1 Answer

They asked about what the ptr record for an address would look like

1 Answer

Can't recall exact questions but things about managing time, working with difficult stakeholders and meeting deadlines.

1 Answer

How would you apply your current technical skills to add value to the new position?

Methodology and technical aspects within an Incident Response investigation.

The first round will be easy and most of them will be able to make it. I had cleared the first round of interview with ease. First round only information about your resume and experience nothing technical, you may expect some behavioral question. Second Technical round will be tough and it will mostly contain situation based and technical questions. The technical round interview completely depends on the background of the interviewer. In my case the position was about Incident Response but mostly the question asked from me was from Forensic Investigation and mix of Incident Response and general technical question. I will post all the list of the technical question at last. From my experience I was able to answer most of them but the answer quality and expectation differ from different experienced professionals. I was interviewed with 25 years of Forensic Investigation experienced professional and pioneer in the cyber industry. So the answer which i gave was elementary explanation and are correct but not to quench the thirst of experienced professional. Be prepared according to the background of the interviewer and learn at every stage ahead, you may be able to crack all the interviews at right time and right day with all the knowledge and situation in favor of yours. In my case I was trying to explain the 25 year professional experienced interviewer and at last it seems that I was not able to convince him for the third and final round. Keep the high spirit folks, you may one day surely able to crack your interview. Just wait for the right time. The following questions were asked: How to generate the forensic image of the os? Where is the registry in windows? How about investigating with the log file through command line? Where is the syslog located in windows? How about investigating the CEO receiving a phishing email and analyzing it? How about windows user in the environment logging in to the server? How will you analyze the log? Where would you find the log on the Linux server or Linux machine? If the internal employee has posted valuable information on the public domain how will you handle that and trackback? How will you analyze the log with has 6 millions of line of code and want to figure out with ip address and with command line? How would you create a forensic image of the mac os? If anyone of the employees in the company plug the USB drive and store the valuable information from the laptop? How will you find that? What if the information from the S3 in AWS is stored without password and how will you determine that information been compromised by the different people (inside and outside)? What will you do to perform penetration testing? If any information is compromised or attacked how ill you know whether it is internal intruders or external intruders? Is there any way to retrieve the locked file from the bit locker? All the interview were through telephonic. I got the interview through employee referral. My experience was great and the interviewer who took my interview was humble, polite and friendly. I was able to remember as much as I can. Please ignore any grammatical mistake. I guess it helps you in some way to prepare for your interview. If you think it helped then please leave a positive comment and share your story.

110 of 36 Interview Questions