If you have a technical interview coming up, make sure to review the topics below. This list is expansive but not inclusive of everything you need to know.  For those who don’t know, technical interviews are usually organized in a way that there are two rounds – one has direct questions and the other has scenario(s).

Important topics:

OWASP: OWASP (Open Web Application Security Project) is an organization that provides unbiased and practical, cost-effective information about computer and Internet applications.

Rootkit

Botnet – common botnet

TCP handshake and TCP tear down. In addition, the TCP teardown is like logging off an application. The sender sends a FIN packet and waits for a reply and the recipient sends an ACK and then sends a FIN. The sender responds with an ACK. Done. But, you can also do an abrupt termination by just sending a RST packet from either sender or transmitter and the session ends abruptly. For example if you are using telnet CTRL-D will send a RST to close the session.

Https

SSL certificate

Symmetric encryption methods

Proxy

Hashing, encoding and encryption

MITM attack and methods of MITM attack

Process of malware analysis

SYN flood attack

Process of getting webpage in the browser in detail

Cross Site Scripting and Cross Site Forgery

Public Key Cryptography

ARP and RARP

TCP and UDP protocols

Windows system processes — svchost.exe, explorer.exe, lsass.exe, winlogon.exe, services.exe etc.

Run-levels and Rings and concept of different modes i.e. user mode and kernel mode

Breakdown of topics

Computer Networking

Well known services and their ports (SMTP-25, Telnet-23, FTP-20/21, SSH-22, POP3-110, IMAP-143, HTTP-80, HTTPS-443, LDAP-389, RDP-3389, DNS-53, DHCP-67, NetBios-137-139, SNMP-161/162, SMB-445, Kerberos-88, NTP-123, IRC-6667)

OSI layer

TCP Handshake

Protocols – Transport layer, Network layer

Router/Switches

CAM/MAC tables

IP Addressing, Subnetting

Private IP range

DNS — Zone file, Source records

Computer Forensic

File Systems – NTFS (MFT, System Files, Attributes, ADS), FAT(Directory Entry, FAT Table), EXT(Inodes, Super Blocks, Group Descriptor Table, Groups)

Imaging tools, Imaging method of Mac OSX

FTK, EnCase

Memory Capture – What can we find in memory

Disk Encryption

Live Analysis

Windows Registry

Windows Event Files

Memory analysis

Volatility

 

Computer Security

Encryption Algorithms –

SSL

Security tools

IDS/IPS

Firewall, Sensors/Sniffers

Dual homed/ three homed

DMZ

Proxy

Snort

Comments from a real-life InfoSec Job Hiring Manager:

Real-life tests are THE best thing to send job candidates. It scales well (you don’t have to spend personal hours on them) and you get real information. This applies even to sysadmins. We have a favourite: set up a VM with a slightly-broken application in a slightly-broken Apache and Tomcat, and get them to ssh in and document the process of fixing it. Even people who aren’t a full bottle on Tomcat will give useful information, because we get an insight into their thought processes. I recommend this to all.

(I note we’ve just done a round of interviews where we get a nice-looking CV and conduct a technical grilling. Hideous waste of time for everyone involved. All CVs should be regarded, on the balance of probabilities, as works of fiction. Do a remote self-paced test like this. You won’t regret it.)