25 Questions to Ask During an Information Security Interview

Here is another question. “How do you keep up on hacker tools, and how do you test them?”.

The lower skill level answer would be, “I don't! I swore I wouldn't associate with Hackers or use their tools when I got my CISSP!” The “better” IMO
answer would be, “I use a sacrificial lamb computer to get them off The Net”
(because a lot of hacker sites will, in fact, hack you while you get the tool).
As for testing them, the best answer(s) might be “I test them in the SANS 504 class” (or at a hackers conventiuon, or I set up a disposable network at home (or in a detached lab) so as to not be the cause of bringing down production or personal computers. Bonus points for things like, “afterwards I do a 6 pass destructive format on my HD, including boot sectors, and reflash my BIOS from a LINUX booted OS disk, stuff like that.

Reading about them on a security site shows less enthusiasm.

“Know thy enemy”

Timberland is known globally for providing world class and distinct style shoes. Such shoes can be explored by people of any age, but they are more popular among teenagers. Available in an assortment of designs, colors and sizes, they can surprise any wearer. Timberland Shoes The company introduces boots for working professionals to offer relaxation, dependability and comfort on the job. Timberland shoes are not only trendy and fashionable, but are also lightweight. With a number of shoe manufacturers, Timberland obviously faces stiff competition; therefore it provides high quality products at economical rates. It is seen that Timberland shoes protect feet of individuals irrespective of their age and sex.Reasons behind popularity of Timberland shoesSuch shoes not only protect feet of individuals, but also provide maximum comfort when they go for outdoor activities such as shopping, visiting friends, camping, playing, tripping and so on. They are made by employing suede material; thus they are durable and reliant in all kinds of weather conditions. In fact, such shoes comprise of inbuilt suede materials. Timberland Boots Their feature of being durable and look stylish make them sought after by wearers located anywhere in the world. Their feature of being water resistant makes them one stop solution in the rainy season. Such shoes are durable and reliant; therefore they have been considered as perfect for a number of outdoor activities like hiking, climbing and so on. Timberland shoes are not only perfect for protecting the feet from the dust or cold, but also has become a fashion statement.Knowing about the history of Timberland shoesSince its inception in 1973, the company has been serving its a wide range of clients located anywhere in the world with casual shoes and boots. Later, it has started to manufacture designer shoes. High quality leather, soft suede and unique details are employed to prepare such Cheap Timberland boots shoes; therefore they are demanded by people from all walks of life. In addition, the great fitness and the superior quality features of such shoes attract people.Buying Timberland shoesOnline market has been considered as perfect place to buy different types of Timberland shoes at economical rates. Apart from products, their shipment facility is also economical and reliable.

Good list.

Some of them I guess should be asked at every technical interview (like the ICMP one), some of them quite security specific. Thanks for putting this out for the community.

I guess the thing we’d all expect from a candidate is “security judgement” skills.

Regards

Ionut

PS: can you guys believe somebody actually thought it’s a good idea to spam us about Timerland boots .. on a security topic/ site? ….

I am witness to many interviews of infosec professionals. I’ve seen these exact questions (literally printed from your website) and asked VERY BADLY. It’s an important point that the interviewer fully understand and be able to answer these questions. Otherwise, using them is a waste. I witnessed a developer using these questions to interview an INFOSEC management candidate. He asked the candidate the ping/port questions and the candidate answered correctly immediately – ICMP. The interviewer said “no, you have to give me a tcp or udp port number”. The interviewee was clearly frustrated and rolling his eyes and trying to be polite. I eventually stepped in and told the interviewer to take a break and I’d finish the interview. Unreal!!!