N/a - read comments above
Threat Analyst Interview Questions
483 threat analyst interview questions shared by candidates
The interviewer talked about using brute force for lateral movement .. ->which is not stealth and most attackers do NOT use this technique instead they leverage existing tools on the network such as vulnerable remote access tools
For initial access i talked about drive by downloads/watering hole techniques and methods to mitigate and detect it. After a while the other interviewer asks me - tell me a way an attacker from the outside would get into an organization?? well, drive by downloads is one such technique. I also mentioned valid accounts and spear phishing. Also when i mentioned drive-by downloads the interviewer mentioned that this technique is after an attacker has access to the system (LOL *BANGS MY HEAD TO THE WALL*). This technique is USED for initial compromise. How are these people even security professionals?
Asked about privilege access .. when trying to explain from attacker perspective they cut me off to say in a large environment an attacker would use user accounts with lower privileges to admin accounts and then establish lateral movement - which is just one vector? I guess that is all he knew?
VLAN-related questions from CCNA Security. What is VLAN double-tagging and VLAN hopping?
If you do not find evidence of a threat during a threat hunt, does that mean the hypothesis is wrong/bad?
What are golden/silver tickets? How to detect golden tickets. Projects you've worked on in the past year How to detect if a user visited a site in incognito mode.
What are the latest cybercrime and dark web marketplace trends in Southeast Asia?
They asked was how I would approach specific case scenarios. The task wasn’t about getting a "right" answer, but about showing how I would analyse a threat or how I would handle an incident.
What do you know about the RecordedFuture platform? Have you used it?
Viewing 281 - 290 interview questions