If you have a technical interview coming up, make sure to review the topics below. This list is expansive but not inclusive of everything you need to know. For those who don’t know, technical interviews are usually organized in a way that there are two rounds – one has direct questions and the other has scenario(s).
Important topics:
OWASP: OWASP (Open Web Application Security Project) is an organization that provides unbiased and practical, cost-effective information about computer and Internet applications.
TCP handshake and TCP tear down. In addition, the TCP teardown is like logging off an application. The sender sends a FIN packet and waits for a reply and the recipient sends an ACK and then sends a FIN. The sender responds with an ACK. Done. But, you can also do an abrupt termination by just sending a RST packet from either sender or transmitter and the session ends abruptly. For example if you are using telnet CTRL-D will send a RST to close the session.
SSL certificate
Proxy
Hashing, encoding and encryption
MITM attack and methods of MITM attack
Process of malware analysis
SYN flood attack
Process of getting webpage in the browser in detail
Cross Site Scripting and Cross Site Forgery
Public Key Cryptography
ARP and RARP
TCP and UDP protocols
Windows system processes — svchost.exe, explorer.exe, lsass.exe, winlogon.exe, services.exe etc.
Run-levels and Rings and concept of different modes i.e. user mode and kernel mode
Breakdown of topics
Computer Networking
Well known services and their ports (SMTP-25, Telnet-23, FTP-20/21, SSH-22, POP3-110, IMAP-143, HTTP-80, HTTPS-443, LDAP-389, RDP-3389, DNS-53, DHCP-67, NetBios-137-139, SNMP-161/162, SMB-445, Kerberos-88, NTP-123, IRC-6667)
OSI layer
TCP Handshake
Protocols – Transport layer, Network layer
Router/Switches
CAM/MAC tables
IP Addressing, Subnetting
Private IP range
DNS — Zone file, Source records
Computer Forensic
File Systems – NTFS (MFT, System Files, Attributes, ADS), FAT(Directory Entry, FAT Table), EXT(Inodes, Super Blocks, Group Descriptor Table, Groups)
Imaging tools, Imaging method of Mac OSX
FTK, EnCase
Memory Capture – What can we find in memory
Disk Encryption
Live Analysis
Windows Registry
Windows Event Files
Memory analysis
Volatility
Computer Security
Encryption Algorithms –
SSL
Security tools
IDS/IPS
Firewall, Sensors/Sniffers
Dual homed/ three homed
DMZ
Proxy
Snort
Comments from a real-life InfoSec Job Hiring Manager:
Real-life tests are THE best thing to send job candidates. It scales well (you don’t have to spend personal hours on them) and you get real information. This applies even to sysadmins. We have a favourite: set up a VM with a slightly-broken application in a slightly-broken Apache and Tomcat, and get them to ssh in and document the process of fixing it. Even people who aren’t a full bottle on Tomcat will give useful information, because we get an insight into their thought processes. I recommend this to all.
(I note we’ve just done a round of interviews where we get a nice-looking CV and conduct a technical grilling. Hideous waste of time for everyone involved. All CVs should be regarded, on the balance of probabilities, as works of fiction. Do a remote self-paced test like this. You won’t regret it.)