CyberSmithSecure Information Security Analyst Interview Questions and Answers

Q1. What's DNS server
Ans. 
A DNS server is a computer server that contains a database of public IP addresses and their associated hostnames.
• Translates domain names to IP addresses

• Resolves queries from clients

• Helps in navigating the internet by mapping domain names to IP addresses
Answered by AI
Add your answer

Q1. Tell us about qualys agent
Ans. 
The Qualys agent is a lightweight software installed on endpoints to collect security data and perform security assessments.
• Qualys agent is a lightweight software installed on endpoints to collect security data.

• It helps in performing security assessments by scanning for vulnerabilities and compliance issues.

• The agent continuously monitors the endpoint for any security threats and sends the data to the Qualys Cloud Plat...read more
Answered by AI
Add your answer

Q1. Tell me about yourself
Ans. 
I am a dedicated Information Security Analyst with a strong background in cybersecurity and a passion for protecting data.
• Experienced in conducting security assessments and implementing security measures

• Skilled in analyzing security breaches and responding effectively

• Proficient in using security tools and technologies such as firewalls and encryption

• Strong understanding of compliance regulations and best practices in i
Answered by AI
Add your answer

Q1. Risky user investigation and defination
Add your answer
Q2. Mitre attack frame work
Add your answer

Q1. Risk user analysis,table used for it
Add your answer
Q2. Mitre attack framework,different techniques
Ans. 
The MITRE ATT&CK framework is a knowledge base of adversary tactics and techniques based on real-world observations.
• MITRE ATT&CK provides a comprehensive list of techniques used by attackers to compromise systems.

• Techniques are categorized into tactics such as Initial Access, Execution, Persistence, etc.

• Examples of techniques include Spearphishing Attachment, Command and Scripting Interpreter, and Registry Run Keys / S
Answered by AI
Add your answer

Q1. Roles n responsibilities
Add your answer
Q2. Cyber kill chain and mitre attack
Add your answer

Q1. Basic HR questions
Add your answer

Aptitude test was taken in Round 1

Q1. Asked about CIA triad, information Security
Add your answer
Q2. Asked about ISO 27001
Add your answer
Q3. Asked about difference between threats and vulnerability and how can you link it with TCS by giving examples
Add your answer

Q1. Salary Discussion
Add your answer

General Aptitude tests

General Group Discussion Topics like - How EVs will help in future transport

Q1. Difficult situation of handling security incidents
Ans. 
Handling security incidents requires quick response, analysis, and communication to mitigate risks.
• Quickly assess the situation to determine the severity of the incident

• Isolate affected systems to prevent further damage

• Collect evidence for analysis and potential legal action

• Communicate with stakeholders, including IT teams, management, and possibly law enforcement

• Implement security measures to prevent future incidents
Answered by AI
Add your answer
Q2. Types of Malware
Ans. 
Malware refers to malicious software designed to disrupt, damage, or gain unauthorized access to a computer system.
• Viruses: self-replicating programs that attach themselves to clean files and spread throughout a computer system

• Trojans: disguised as legitimate software, they trick users into installing them and then perform malicious actions

• Worms: self-replicating malware that spreads across networks without user interv...read more
Answered by AI
Add your answer