Re: Need Tips for Security Job Interview

• Previous message: Security List: "Re: RFMON detection"
• In reply to: nuerostar-basics_at_yahoo.com: "Need Tips for Security Job Interview"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 09 Jul 2004 12:25:23 -0700
To: security-basics@securityfocus.com

I would ask some of the following questions.
Do you have a home network/computer? Describe how your home
network/computer is organized and what steps have you taken to secure your
setup.
Describe the procedure you would use to restrict access to a developer
subnet from a customer service subnet and how would you know if the access
restrictions have bee bypassed?
What would you do if you discovered an employee that you had developed a
friendship with had exceeded their network access permissions? What if that
person was your manager?
What would you do if a superior asks' you to perform a task that you know
could be a network security risk?
Have you ever been disciplined by an employer or university administration
for network security violations?
How much time, on average, would you say that you spend reading on computer
security in a week?
Tell me about the latest computer security issue that you are aware of
given a computer running {$company_OS_of_choice} that has been patched to a
fully up to date state three weeks ago?
What is SYN/ACK?

Some people may be less of a BOFH, but I really do think that a good
indicator of how security conscious a potential employee is by how well
they protect their own stuff. I believe in George Carlin's perspective of
"My stuff, your cr@p". Don't be surprised if you get a quite a few ethics
questions.

-Dave Dearinger
-Network Administrator
-MD-Online Inc.
-daved@mdon-line.com
-1-888-397-3434
=============================
Email Confidentiality Notice: The information contained in this
transmission is confidential, proprietary or privileged and may be subject
to protection under the law, including the Health Insurance Portability and
Accountability Act (HIPAA). The message is intended for the sole use of the
individual or entity to whom it is addressed. If you are not the intended
recipient, you are notified that any use, distribution or copying of the
message is strictly prohibited and may subject you to criminal or civil
penalties. If you received this transmission in error, please contact the
sender immediately by replying to this email and delete the material from
any computer.

At 07:02 AM 7/8/2004 -0700, nuerostar-basics@yahoo.com wrote:
>Hi,
>
>I will be going to be interviewed for a Security
>related position - entry/mid level. I do have
>experience in the field, but I am about to finish
>college very very soon.
>
>So I was wondering could I get some questions from the
>members on here - on what you ask me if I were being
>hired about your company for a security consultant -
>entry level job. Lets say I have 3 years of IT
>experience...so I would say I am intemediate level.
>Any advice on what to prepare ? or what to expect on
>the interview is highly appreciated.
>
>Advice/guidance all appreciated.
>
>Thanks,
>
>Nuero

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

• Previous message: Security List: "Re: RFMON detection"
• In reply to: nuerostar-basics_at_yahoo.com: "Need Tips for Security Job Interview"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]