By Fatskills Exam Guides Team — the exam nerds behind 28,500+ quizzes and 2.1M practice questions across 500+ global exams.
Level 1
Question 1. Where do you see yourself in five years? Yes, I did say we were through with the 'overly open-ended' questions but this one has a specific point. When an organization hires an analyst in any department, including information security, they expect their candidates to have a bright, optimistic outlook on the position and they will want good employees to stick around for years. In five years, an analyst is expected to want to move into either a role with more responsibility or a manager role.
Question 2. What do you have on your home network? The organization wants to know not only your prowess level with information security but also your self-driven desire to learn. Asking about what is on your home network is a good way to find out exactly how seriously you take information security. If you are not looking after your home network, how well will you look after theirs? Even if your home network budget is not high, you can show that you are learning and tinkering with your own network to better understand information security.
Question 3. What encryption technologies do you have experience with? Information assurance analysts place the highest priority of the responsibilities on the security of their organization's data. All organizations should encrypt their data, and if this is not your first information assurance interview then you should have experience with at least one major encryption solution. This should be a softball question. It's a good idea to mention more than one encryption solution (if possible) to show a well-rounded understanding of encryption technology in general.
Question 4. Generally, why should most organization users use SSH? Be fully prepared to address some basic data assurance questions, especially of the functionality sort. Although this should never be the case, using questions like these help to seriously weed out those candidates that actually possess the skills they say that they do. For this question, SSH (or port 22) is a secure connection port that allows connection for both secure and unsecure devices. Although some associate SSH with Linux, it actually can be used in conjunction with many other systems, including Windows. Most enterprise/organization employees work on Windows systems, making this a good choice to harden information security.
Question 5. A specific system or device is unreachable on your network and you cannot ping to it. What is an example of a command prompt that can help you determine where the communication breakdown is occurring? This question may seem overly basic but remember, this position is technically an analyst position. This means that you may have to occasionally perform basic analytical tasks that feed into the bigger information assurance picture. In this case, you would want to use the tracert command. With tracert, you can see what routers the data is moving through and where the issue has occurred, allowing you to alert the right people and resolve the issue quickly. If the issue does have to do with information assurance, the ball is in your court for resolution.
Question 6. Do you have any ethical hacking skills? Hacking can be used for good (as we all know), and ethical hacking skills will definitely help you out in this position. Knowing how a hacker thinks will also help you determine information assurance issues before and as they arise. It is no surprise that many former hackers become information assurance analysts. If you want to prove you have these skills beyond most, it is a good idea to earn a Certified Ethical Hacker (CEH) certification before applying for this position.
Question 7. How strong are your writing skills? Being a good information security analyst requires certain soft skills that are not specifically information security-related but will be useful on a daily basis. Writing is one of the soft skills that you will need to have. Information security analysts write documentation and emails where you will be explaining technical concepts to information security laymen, making solid writing skills of the utmost importance.
Question 8. How are your people skills? Many positions that deal extensively with data do not get the best press when it comes to people skills. Do not let this stereotype (nasty as it may be) dissuade you from thinking you will just be locked in cave, coldly analyzing data all day. Information assurance analysts typically spend a good portion of their day communicating with their information security team members, team head and the heads of other organization departments. Long story short, let the interviewer know that you are good with people and that your oral communication skills are well-developed, and this will be no big deal.
Question 9. What are your documentation habits like? Is there anything about it that you want to improve? Relating back to the last question, information assurance analysts are required to produce documentation of different forms. One common type is periodic reporting related to information assurance operations in the organization. To tackle this question, give the interviewer a few examples of documentation you have produced and show that you are always open to improving your methods when necessary.
Question 10. What is the difference between data protection at rest and data protection in transit? When data is at rest, it's just sitting in its respective hard drive or database. Data is in transit when, for instance, it is traveling from its server to a client. The important thing to mention about protecting these different states of data is that many servers only protect one or the other. Despite slowing down the process a little, it is preferable to protect data in both states.
Level 2
Question 11. What was the subject matter of the documentation you previously produced (aside from reports)? Many positions produce documentation; the important thing here is that you say you have experience in the type of documentation that information assurance analysts normally have. Information assurance analysts typically document information assurance policies and strategy, emergency security measures, information security awareness training documentation and documentation of information assurance procedure. The interviewer is looking for what specific experience you have, so detail will carry the day here.
Question 12. Describe a time when you managed your time efficiently in a related position At times, you will be inundated with several high-priority responsibilities or tasks occurring simultaneously. Many organizations have one information assurance professional only, which will only compound this challenge. Convey to the interviewer that you are well aware of the challenges of, and more than capable of, handling multiple high-priority issues at the same time. This is generally accomplished by using solid prioritizing and multitasking skills concurrently.
Question 13. Tell me about a time when you had to check an entire network for security issues or necessary improvements On either a regular or routine basis, information assurance analysts have to check entire networks for current security issues and necessary improvements. How do you do this? You perform an audit on the organization's servers, computers, routers, switches and other systems residing on the network. This is a common information assurance analyst responsibility. If this is the first time you will be working a position like this, then fall back on any network device audit experience that you may have and elaborate.
Question 14. Do you have experience file archiving? What solutions did you use? A typical responsibility of information assurance analysts is file archiving. This file archiving is based on the business need, but generally you will want to archive all organization files (especially if the organization is subject to regulation such as HIPAA). Make sure to mention the solution you have used in the past, such as Barracuda's Yosemite, and the interviewer will be satisfied.
Question 15. Can you describe a complex information assurance issue that you had to communicate to a manager? How was it resolved? This question should be prefaced with the fact that this is a relative assessment of complexity. Many interviewing for this position are coming from a less-complex role, such as that of a help desk analyst, so they may be limited to less-complex issues. This is no big deal. Simply tell the interviewer that you have broken down a problem before into digestible language (if the interviewer is a layman in terms of information security) or in a more condensed form that you presented to an information security manager for quickest resolution.
Question 16. Do you have any certifications that will help you as an information assurance analyst? As with many information security positions, certifications will help demonstrate to the interviewer how your knowledge and skills compare to others. There are several certifications that can help you land this job, from the more generally-applicable (such as Network+) to the more advanced (Advanced Ethical Hacking). A good combination to take into the interview is Security+ and Certified Ethical Hacker (CEH) certifications. If you do not have any certifications, don't sweat it — this is not required, but it will definitely make you stand apart from the crowd.
Question 17. Let's say a data backup job that was supposed to be run last night did not run. What is the first thing you do? Don't let the seemingly concerned tone of this question throw you off. Sometimes backup jobs don't run for one reason or another. The first thing you will want to do is to check the application log — this will let you know the reason for the backup failure. Your next steps will all depend on the reason for the failure.
Question 18. How important is automation to you? Without a doubt, automation is at the heart of information assurance analyst work. Back in the day, manual data auditing was a possibility; today, this is simply not the case. Bring up some tools you have previously used that take advantage of all that automation has to offer, and you will be in a good spot.
Question 19. Aside from functionality, what is the biggest concern for you when setting up an information security system? Assuming this work is being performed during normal business hours, the biggest concern is whether the organization's employees will be impacted by the implementation of the information security system. With proper planning, however, this should not be a problem.
Question 20. How can an information assurance analyst benefit from using penetration testing? Penetration testing, or ethical hacking, is a good way to test the security of a system or app on an organization's network. While pentesting is normally left to, well, pentesters, it can benefit information assurance analysts too. It would be hard to say that information assurance has been established if an organization is riddled with vulnerabilities.
Level 3
Question 21. Tell me about a time when you anticipated a future issue and successfully rectified it by notifying management One of the most important responsibilities of an information assurance analyst is to spot a future information assurance issue and report it to management. This can be any information assurance issue, but the important thing is that your reporting to management was what got the issue to resolution. Be sure to highlight that your above-average communication skill was what helped save the day.
Question 22. Malware is a pressing topic in today's information assurance landscape — what can this position do to help fight this modern plague? The first step is to make sure that your information security environment is free from vulnerabilities — this should take care of most of the risk associated with malware. However, sometimes malware still finds its way into a network to threaten the information within. When this happens, information assurance analysts can use reverse-malware engineering to get a better idea of how the malware behaves and then use the information gathered to prevent its entry in the future.
Question 23. When working in conjunction with IT, what is the most important thing an information assurance analyst must establish? Without a doubt, information assurance analysts work with the IT team of their organization; sometimes they are even embedded within the IT team. Despite this, information assurance is not a traditional responsibility of IT per se. Information assurance analysts need to coordinate with IT staff to establish the appropriate information assurance procedures and processes to detect and prevent system intrusions. These procedures and processes become the information assurance standards of the organization when implemented.
Question 24. What is non-repudiation? With reference to information assurance, non-repudiation means that a user cannot deny the validity of data. This means that you cannot deny that something regarding organization data has occurred. Of course, this would only be reliable in an information security environment with strong information assurance policies and procedures in place.
Question 25. Let's say that it appears that a user at the organization has sent an abusive email from their organization email address and they deny that they did. How can you prove whether it actually happened? This is a clear example of how non-repudiation could come into play on the job. The user is saying they did not send the email, but this can be proven with the non-repudiation technique of email tracking. Email tracking will establish whether the email was indeed sent by the user and they will not be able to deny the validity of the data proof.
Question 26. What is your view on hacktivist groups? Hacking skills can definitely come into play as an information assurance analyst. However, these skills are more of the 'white hat' or ethical variety. Although there is not that much separating 'white hat' from 'black hat' skills-wise, the intent is quite different. Where information assurance analysts will use ethical hacking skills to improve the information assurance of the organization, hacktivist groups use their hacking skills to steal government and trade secrets, with the ultimate goal of causing a kind of chaos to achieve another goal. With this said, hacktivist groups will not be thought of in the best light by an information assurance analyst.
Question 27. What is the biggest advantage of RAID technology from an information assurance perspective? The biggest advantage to using RAID technology is the inherent variety of configurations available to you. You can customize the configurations to suit your information security environment and all that is within the environment. This makes the job of information assurance analyst easier because they can customize a RAID to meet the organization's needs.
Question 28. What considerations do you need to keep in mind with regard to remote users? While most information moving within the organization is intranetwork, remote users that work from home need to be able to access and modify organization data. This is normally done through VPN, SSL and related tunneling technologies. Information assurance analysts should keep this in mind when a remote employee is onboarded, and there should be information assurance testing performed on the technology the remote user will use to connect to the office.
Question 29. Information assurance can be impacted by users. What is the best way of reaching organization users about these concerns? The easiest way of reaching organization users is by incorporating information assurance into the organization's information security awareness training. Information security awareness training sessions are the time when users are most saturated with information security concepts, so they will be most likely to remember information assurance issues mentioned when it is presented as part of the training. While information assurance analysts will not be the leaders of this training, they can easily step in and break down information assurance concepts into an easily digestible presentation of current and anticipated issues and concerns.
Question 30. Let's say that the current backup strategy is incremental, and a user has reported a commonly-used file as being corrupted as of this morning. What do you do? The first thing I would do is go back in the data archive and pull the file for the employee to use. The file is commonly used, so it will need to be available on the network for all to use. After retrieving the last usable version of the file, I would check the backup application logs to see what caused the corruption/failure to save. This will probably be all the legwork required to resolve the issue.
Join 4M+ learners. Unlock unlimited quizzes, wrong-answer tracking, flashcards + reminders, study guides, and 1-on-1 challenges.