🎯 Cybersecurity Interview Questions
502 interview questions with STAR format answers across 20 categories. Prepare for your next security role.
502Questions
20Categories
25Entry
468Mid
9Senior
🔥 Most Popular Questions
What is the CIA triad in cybersecurity?
What is the difference between a threat, vulnerability, and risk?
What is the difference between symmetric and asymmetric encryption?
What is the OWASP Top 10?
Describe the incident response lifecycle
What is the shared responsibility model?
What is zero trust security?
What is a SIEM and how does it work?
What is the MITRE ATT&CK framework?
How do you perform a web application penetration test?
What is SQL injection?
What is cross-site scripting XSS?
What is multi-factor authentication?
What is social engineering?
What is the difference between IDS and IPS?
What is a firewall and how does it work?
What is the difference between hashing and encryption?
What is a DDoS attack and how do you mitigate it?
What is ransomware and how do you respond to it?
What is phishing and how do you prevent it?
What is the NIST cybersecurity framework?
What is CVSS scoring?
What is Nmap and how do you use it?
What is Metasploit and how is it used?
What is Active Directory penetration testing?
How do you escalate privileges on Linux?
How do you escalate privileges on Windows?
What is the kill chain model?
What is threat hunting?
How do you secure Kubernetes?
📋 All Questions
What is the CIA triad in cybersecurity?
What is the difference between a threat, vulnerability, and risk?
What is the difference between symmetric and asymmetric encryption?
What is the OWASP Top 10?
Describe the incident response lifecycle
What is the shared responsibility model?
What is zero trust security?
What is a SIEM and how does it work?
What is the MITRE ATT&CK framework?
How do you perform a web application penetration test?
What is SQL injection?
What is cross-site scripting XSS?
What is multi-factor authentication?
What is social engineering?
What is the difference between IDS and IPS?
What is a firewall and how does it work?
What is the difference between hashing and encryption?
What is a DDoS attack and how do you mitigate it?
What is ransomware and how do you respond to it?
What is phishing and how do you prevent it?
What is the NIST cybersecurity framework?
What is CVSS scoring?
What is Nmap and how do you use it?
What is Metasploit and how is it used?
What is Active Directory penetration testing?
How do you escalate privileges on Linux?
How do you escalate privileges on Windows?
What is the kill chain model?
What is threat hunting?
How do you secure Kubernetes?
What is two-factor authentication?
What is a brute force attack?
What is credential stuffing?
What is session hijacking?
What is DNS spoofing?
What is a botnet?
What is a rootkit?
What is a trojan horse?
What is fileless malware?
What is a watering hole attack?
What is an insider threat?
What is data exfiltration?
What is steganography?
What is system hardening?
What is attack surface reduction?
What is cyber kill chain?
What is risk appetite vs risk tolerance?
What is residual risk?
What is cyber insurance?
What is responsible disclosure?
What is bug bounty program?
What is deception technology?
What is DREAD risk model?
What is cyber resilience?
What is privacy by design?
What is data minimization principle?
What is security by obscurity?
What is defense in depth strategy?
What is separation of duties?
What is need to know principle?
What is data classification scheme?
What is security information sharing?
What is threat landscape assessment?
What is security posture assessment?
What is mean time between failures?
What is recovery time objective?
What is recovery point objective?
What is business impact analysis?
What is continuity of operations?
What is disaster recovery testing?
What is tabletop exercise for security?
What is SYN flood attack?
What is UDP flood?
What is ICMP tunneling?
What is DNS tunneling?
What is deep packet inspection?
What is NetFlow analysis?
What is VLAN hopping attack?
What is DHCP starvation attack?
What is evil twin WiFi attack?
What is SSL stripping?
What is HSTS header?
What is mutual TLS authentication?
What is network TAP vs SPAN port?
What is web application firewall?
What is DNS over HTTPS security implications?
What is DNSSEC?
What is BGP hijacking prevention?
What is port security?
What is ARP inspection?
What is microsegmentation?
What is software defined perimeter?
What is SCADA network security?
What is Modbus protocol security?
What is 5G security concerns?
What is WiFi 6 security improvements?
What is zero trust network access ZTNA?
What is encrypted traffic analysis?
What is network detection and response?
What is east-west traffic monitoring?
What is network access control implementation?
What is 802.1X deployment?
What is network segmentation strategy?
What is DMZ architecture?
What is VPN split tunneling risk?
What is IPSec vs SSL VPN?
What is SD-WAN security?
What is network baseline monitoring?
What is traffic anomaly detection?
What is network forensics methodology?
What is wireless intrusion detection?
What is rogue access point detection?
What is PTES methodology?
How do you enumerate SMB shares?
What is Responder tool?
What is Impacket toolkit?
What is CrackMapExec usage?
What is Cobalt Strike?
How do you bypass antivirus?
What is living off the land technique?
What is DCSync attack?
What is Golden Ticket attack?
What is AS-REP Roasting?
What is DLL hijacking?
What is process hollowing?
How do you exploit SUID binaries?
What is token impersonation?
What is SSH tunneling for pivoting?
What is XXE injection?
What is SSTI template injection?
What is HTTP request smuggling?
What is subdomain takeover?
What is DNS zone transfer?
What is parameter tampering?
What is horizontal privilege escalation?
What is web cache poisoning?
What is HTTP host header attack?
What is CRLF injection?
What is GraphQL pentesting?
What is API fuzzing?
What is custom exploit development?
What is shellcode writing basics?
How do you write penetration testing report?
What is rules of engagement?
What is scope definition in pentesting?
What is retesting after remediation?
What is authenticated vs unauthenticated scanning?
What is network pivoting techniques?
What is port forwarding for pentesting?
What is SOCKS proxy usage?
What is password spraying attack?
What is Kerberoasting attack?
What is Silver Ticket attack?
What is NTLM relay attack?
What is Sigma detection rules?
What is Suricata vs Snort comparison?
What is Zeek network monitor?
How do you detect lateral movement?
What is ELK stack for security?
What is Wazuh SIEM?
What is Sysmon configuration?
How do you detect credential dumping?
What is alert fatigue?
How do you reduce false positives?
What is mean time to detect MTTD?
What is SOAR automation?
How do you create incident timeline?
How do you investigate BEC?
What is Volatility memory forensics?
What is C2 beacon detection?
How do you detect cryptomining?
What is threat hunting methodology?
What is detection engineering?
What is purple team exercise?
What is enrichment in SIEM?
What is correlation rules writing?
What is log retention policy?
What is containment strategy?
What is eradication in incident response?
What is evidence preservation?
What is post-incident review process?
What is lessons learned documentation?
What is incident severity classification?
What is escalation procedures?
What is communication during incidents?
What is regulatory notification requirements?
What is cyber insurance claims process?
What is retainer for incident response?
What is threat feed integration?
What is automated playbook execution?
What is AWS Security Hub?
What is Azure Sentinel?
What is GCP Security Command Center?
What is CloudTrail logging?
How do you secure Lambda functions?
How do you detect compromised cloud credentials?
What is cloud key management?
What is VPC security best practices?
What is cloud forensics?
What is CNAPP?
How do you scan container images?
What is Kubernetes pod security?
What is Kubernetes network policy?
How do you secure Terraform state?
What is cloud compliance automation?
What is cloud landing zone security?
What is cloud penetration testing rules?
What is confidential computing?
What is cloud-native WAF?
How do you secure S3 buckets?
What is Azure AD security?
What is GCP IAM best practices?
What is cloud transit gateway security?
What is HashiCorp Vault?
What is CIEM cloud entitlement?
What is cloud security benchmarking?
What is service mesh security?
What is API gateway security patterns?
What is cloud backup security?
What is multi-cloud strategy risks?
What is cloud asset inventory?
What is cloud misconfiguration detection?
How do you monitor cloud costs for security?
What is cloud access broker CASB?
What is cloud workload protection platform?
What is cloud security architecture?
What is OWASP ASVS?
What is OWASP SAMM maturity model?
How do you prevent XSS in modern frameworks?
What is Content-Security-Policy header?
What is insecure direct object reference?
What is mass assignment vulnerability?
What is GraphQL security?
What is WebSocket security testing?
What is CSRF protection?
What is SameSite cookie attribute?
What is Subresource Integrity?
What is dependency scanning?
What is Snyk tool?
What is Semgrep code analysis?
How do you secure microservices?
What is mTLS for service communication?
What is API security testing?
What is SSRF prevention?
What is prototype pollution?
What is ReDoS attack?
What is open redirect vulnerability?
What is security logging for applications?
What is DAST tool comparison?
What is SAST tool comparison?
What is IAST runtime testing?
What is RASP protection?
What is secure code review process?
What is threat modeling methodology?
What is API versioning security?
What is rate limiting implementation?
What is input validation best practices?
What is output encoding?
What is parameterized queries?
What is ORM security?
What is server-side request forgery prevention?
What is file upload security?
What is COBIT framework?
What is CIS Controls?
What is NIST 800-53?
What is NIST 800-171?
What is FedRAMP?
What is CCPA?
What is SOX IT compliance?
What is GLBA?
What is third-party risk assessment?
What is risk register management?
What is FAIR risk model?
What is security governance structure?
What is security maturity model?
What is continuous monitoring program?
What is plan of action and milestones?
What is security exceptions process?
What is DPIA under GDPR?
What is cross-border data transfer rules?
What is data protection officer role?
What is breach notification requirements?
What is control effectiveness testing?
What is enterprise risk management?
What is quantitative risk analysis?
What is qualitative risk analysis?
What is OCTAVE methodology?
What is security roadmap development?
What is security metrics reporting?
What is audit readiness?
What is corrective action plan?
What is CIS Benchmarks?
What is TLS 1.3 improvements?
What is certificate pinning?
What is tokenization vs encryption?
What is envelope encryption?
What is key rotation policy?
What is certificate authority role?
What is OCSP protocol?
What is post-quantum cryptography?
What is zero-knowledge proof?
What is key derivation function?
What is Argon2 hashing?
What is scrypt vs bcrypt comparison?
What is PBKDF2?
What is format-preserving encryption?
What is code signing?
What is certificate revocation list?
What is elliptic curve cryptography advantage?
What is perfect forward secrecy?
What is block cipher modes of operation?
What is authenticated encryption?
What is GitGuardian secrets detection?
What is Trivy container scanner?
What is Falco runtime security?
What is Open Policy Agent?
What is SBOM software bill of materials?
What is SLSA supply chain framework?
How do you secure GitHub Actions?
What is pre-commit security hooks?
What is policy as code?
What is compliance as code?
What is dependency confusion attack?
What is container runtime security?
What is admission controller in Kubernetes?
What is GitOps security model?
What is security champion program?
What is shift-left security approach?
What is infrastructure as code scanning?
What is image signing verification?
What is build pipeline security?
What is artifact repository security?
How do you build security team from scratch?
How do you retain cybersecurity talent?
How do you justify security budget?
How do you handle breach as leader?
How do you align security with business goals?
How do you manage security in mergers?
How do you present to board of directors?
How do you balance innovation with security?
How do you manage global security team?
How do you approach remote workforce security?
How do you evaluate emerging technologies?
How do you handle regulatory changes?
How do you measure security program ROI?
How do you manage vendor security incidents?
How do you handle shadow IT problem?
How do you implement zero trust strategy?
How do you manage technical security debt?
How do you create security culture?
Tell me about time you handled security incident?
Tell me about difficult security problem you solved?
What is vulnerability chaining?
What is exploit prediction scoring EPSS?
What is virtual patching?
What is compensating controls?
What is vulnerability disclosure program?
What is attack path analysis?
What is breach and attack simulation?
What is patching SLA?
What is CIS hardening benchmarks?
What is SCAP protocol?
What is asset discovery for vulnerability management?
What is vulnerability prioritization?
What is risk-based vulnerability management?
What is configuration compliance scanning?
What is legacy system vulnerability management?
What is SCIM provisioning?
What is just-in-time access?
What is break-glass procedure?
What is passwordless authentication?
What is FIDO2 WebAuthn?
What is risk-based authentication?
What is decentralized identity?
What is entitlement management?
What is cloud identity governance?
What is adaptive authentication?
What is step-up authentication?
What is service account management?
What is session management best practices?
What is API token security?
What is identity threat detection and response?
What is PE file format analysis?
How do you unpack malware?
What is Ghidra reverse engineering?
What is process injection detection?
What is rootkit detection?
What is C2 protocol analysis?
What is malware signature creation?
What is ransomware analysis?
What is sandbox evasion detection?
What is packer identification?
What is shellcode analysis?
What is malware triage process?
What is automated malware analysis?
What is behavioral malware analysis?
What is YARA rule writing?
What is SABSA security framework?
What is network segmentation design?
What is SASE architecture?
What is SSE security service edge?
What is security orchestration architecture?
What is security data lake?
What is zero trust architecture design?
What is edge computing security?
What is hybrid cloud security architecture?
What is data-centric security design?
What is API-first security architecture?
What is event-driven security?
What is multi-tenant security architecture?
What is reference architecture for security?
What is security architecture review process?
What is OSINT for threat intelligence?
What is dark web monitoring?
What is MISP threat intelligence platform?
What is OpenCTI platform?
What is intelligence-driven security?
What is threat actor profiling?
What is campaign tracking methodology?
What is intelligence requirements definition?
What is collection management framework?
What is strategic vs tactical intelligence?
What is threat intelligence sharing?
What is intelligence lifecycle management?
What is STIX and TAXII standards?
What is threat landscape report?
What is intelligence validation process?
What is Autopsy forensic tool?
What is browser artifact analysis?
What is deleted file recovery?
What is Windows registry forensics?
What is mobile device forensics?
What is cloud forensics methodology?
What is email forensics investigation?
What is database forensics?
What is Wireshark for forensics?
What is expert witness preparation?
What is write blocker purpose?
What is hash verification in forensics?
What is slack space analysis?
What is forensic imaging best practices?
What is chain of custody documentation?
What is mobile application security testing?
What is mobile device management MDM?
What is Android security architecture?
What is iOS security architecture?
What is APK reverse engineering?
What is Frida instrumentation tool?
What is root detection bypass?
What is mobile API security testing?
What is mobile threat defense solution?
What is OWASP mobile top 10 risks?
What is certificate pinning bypass?
What is mobile app code obfuscation?
What is Objection mobile testing?
What is MobSF static analysis?
What is mobile app data storage security?
What are top IoT security risks?
How do you secure IoT devices at scale?
What is firmware analysis methodology?
What is OT vs IT security difference?
What is IoT network segmentation?
What is MQTT protocol security?
What is embedded system testing?
What is hardware hacking fundamentals?
What is side-channel attack?
What is fault injection attack?
What is Shodan for IoT discovery?
What is industrial protocol security?
What is IoT device inventory management?
What is IoT firmware update security?
What is smart home security risks?
What is adversarial machine learning?
How is AI used in cybersecurity defense?
What is prompt injection attack?
What are deepfake security risks?
How do you secure machine learning models?
What is data poisoning attack?
What is AI-assisted threat detection?
What are AI risks in cybersecurity?
How do you detect AI-generated content?
What is LLM security risks?
What is AI red teaming?
What is model extraction attack?
What is membership inference attack?
What is AI governance framework?
What is responsible AI in security?
What is red team vs penetration test difference?
What is purple team operations?
What is adversary simulation?
What is red team engagement planning?
What is CBEST framework?
What is TIBER-EU framework?
What is blue team effectiveness measurement?
What is detection engineering process?
What is attack surface management tool?
What is threat emulation planning?
What is assumed breach methodology?
What is objective-based red teaming?
What is continuous red teaming?
What is red team infrastructure?
What is blue team maturity model?
No questions match your search.