September 11, 2021

Tier I SOC Analyst Interview Questions. What are some good questions to throw at candidates? Only have 30 minutes for the interview.

Tier I SOC Analyst Interview Questions. What are some good questions to throw at candidates? Only have 30 minutes for the interview.

Comments

jumpinjelly789

What are common tasks that your soc does?

Ask them if they have experience with a siem?

Give them a scenario to see their process of handing an issue. A user has logged into a computer in an area they should not have access to, how would they investigate it? An alert popped how would they verify it or say it’s a false positive?

Efficient-Coconut794

What is the difference between an IDS and an IPS? Provide some use cases for one over the other.

thalpius

Don’t ask questions, but give them a simple solution to fix ☺️

I really like to see more practical hand-on during a job interview.

fakundoThirty

What does anti-virus do?

What is MFA?

laufgas1

If you want to test their communication:

Give them a scenario, e.g. vuln scan has found a domain controller’s RPC, DNS, LDAP open to the internet. Ask them to come up with written advice to a client.

Give them a half filled template with the findings filled in and ask them to explain the risk and offer remediation.

lawtechie

I like triage-based questions to see how they think and approach problem solving.

420_arch_btw

Hack the NSA. Go!

xCryptoPandax

Here’s a post I made when I was going through the interview process

https://www.reddit.com/r/cybersecurity/comments/hq7pis/have_a_soc_interview_coming_up_heres_some_common/?utm_source=share&utm_medium=ios_app&utm_name=iossmf

But you’ll more than likely want the top comment where a interviewer listed their question bank

peterpotamux

Everyone should be able to explain its own job in simple terms to 9 years old child. Ask your candidate to do so in 2 min.

You’ll see what does he/she considers as absolutely essential in the job.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.