Security consultant Interview Questions
16K
Security Consultant interview questions shared by candidates
What would you do if you see two guests fighting on the floor.
2 Answers
What is the best procedure to take if you see someone suspicious lurking in the vicinity.
1 Answers↳
Document the time, description, be alert and notify supervisor.
The most difficult question I was asked concerned my availability to work odd shifts on short notice.
1 Answers↳
I responded by pointing out that in my military service and subsequent civilian jobs, I worked all manner of shifts and hours. If something came up on short notice, all I need is enough time to clean up and get dressed and I would be there. Less

What sort of anomalies would you look for to identify a compromised system?
1 Answers↳
I used a whiteboard to draw out a basic network architecture including security technologies like IPS/IDS, Firewalls, AV, etc, and described the type of traffic and logs I could use to identify a compromised system. Less

What are the three biggest factors to a successful Information Security plan?
1 Answers↳
Upper management needs to be involved and on board, you must be able to accept that no system is completely secure so you must have a great defense in depth strategy, and users need to be trained and kept involved. Users are your biggest threat and your greatest assets as well. If your users are in the know, your system is much more secure than if users are not trained to constantly think secure. Less

I was asked about XSS, SQL Injection, Tools I have used for pen testing.
1 Answers↳
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side script into Web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same origin policy. - SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). Less


Assume you are the people who help balance between student campus and the society. The student campus set a budget of 50%, but the society set a budget of 75% after conference. And both of them don't want to decrease their budget. What will you do ?
22 Answers↳
Got a similar question. Interviewed on the 26th of January. Will hear back in a couple of weeks too! Really scared. Less
↳
Got the offer!
↳
I also haven't heard back
