I'm glad that you enjoyed the video and thank you for sharing!

Thank you for sharing! I definitely see a lot of questions from all of my interview videos showing up.

Glad you like them! Also, there are actually 3 videos on interview questions (not 2).

Glad it was helpful!

Glad it helped!

Awesome, thank you!

Although at this time I don't have Q&A specifically for IAM roles, certainly the questions that I do have are in-scope. For IAM specifically, it's important to understand account lifecycles, least privilege, onboarding/offboarding just to name a few areas.

I'm glad that you enjoyed the video! I would relate an attack to the Lockheed Martin Cyber Kill Chain ( www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html ) and the NIST SP 800-61 on Incident Handling ( nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-61r2.pdf ). If you can connect both of those to your response then you definitely understand not only the attack but also the response.

Awesome and good luck! I'm not sure what you mean by "bricking it?"

@@JonGoodCyber British slang soiling my underpants!! Had the interview and shall find out asap,! Will keep you posted! Thanks for the help really appreciate it.

Certainly the more information that you can use to demonstrate your knowledge is usually better. Additionally, if you present a problem then also being able to provide a solution is always a better strategy even if it's not the best strategy it will at least show that you are thinking critically!

Glad it was helpful!

Awesome and I hope that they help! It often does depend because a lot of what we do to secure an organization is based on the situation and might not always be right or wrong.

I'm glad that you enjoyed the video! It's a challenge to not lose people by going too fast and on the flip side having people disengaged if it's too slow...all while trying to keep the video at a reasonable length! If you have questions feel free to ask them here (or Discord), and also check out my career coaching sessions because I want to make sure that I can help people as much as possible.

Awesome!

First, visit my Getting Started page ( www.jongood.com/getstarted/ ) and grab a free copy of my eBook. I provide a roadmap of skills and certifications that you would want to learn to be successful in Cyber Security. Second, I would search on KZbin for "day in the life of" videos for Cyber Security. This will give you people talking about what they do on a daily basis in their job. Third, look at some of the articles that I have shared ( www.jongood.com/news ) and see if they interest you at all. Fourth, you can try to search KZbin videos on Hack The Box and Try Hack Me because typically hacking is pretty interesting to people brand new to the field. Make sure that you don't get overwhelmed by these videos because it's not representative of most Cyber Security jobs and they are going to be way more technical than where you are at...but again it's kind of fun to see some of the cool stuff that goes on.

@@JonGoodCyber I will definitely look into all of it I just want to say a thank you for spending the time to help me out. It is greatly appreciated.

Also, remember to take it one day at a time and have a little fun with it. If you go down one area but eventually don't like it, you still take all of that information with you!

You're welcome!

Tools for what exactly? Specifically for RMF, there are lots of tools depending on which part you're talking about but a lot of GRC platforms like Archer will help manage the overall process. If you get into an industry that requires RMF compliance, they have their own tool but you won't get experience with it unless you're in that industry.

@@JonGoodCyber Tools like Nessus and Qualys for network scanning. So I just wanted to know in order to understand and use these tools I have to get in to industry first?

Vulnerability scanning tools are not the only types out there but a lot of open source options do exist. I recommend checking out my video on Nessus ( kzbin.info/www/bejne/rmmamJWdhqlnm8k ) because they do have a home version that you can use. A full suite like Qualys won't be cost effective to use at home. Honestly, there are hundreds if not thousands of tools out there but as you progress you'll naturally be exposed to different options through certifications and training courses.

@@JonGoodCyber thanks

Glad that you enjoyed the content!

Glad you think so!

The best place to start is my Getting Started page ( www.jongood.com/getstarted/ ). That will answer a lot of your initial questions.

I'm glad that you enjoyed them. I'm not sure what you are talking about as the questions are already broken down for this video.

You're welcome!

It's true that there are some things that you're just going to have to memorize because they are foundational pieces of knowledge. Typically, entry level interviews are much heavier in fact-based questions because the candidate has little to no experience to pull from so the answer to any other type of question has little value. As you climb the ladder to higher positions, interviews start to switch into behavioral questions based on your experience. Management level positions have very minimal fact-based questions, if any.

Whoever holds administrator credentials or system/root access makes the rules!

You are accurate in that some job interviews will talk about documentation but typically they are based on your actual experience and there are way too many scenarios for me to cover in a single video. The best interviews that discuss documentation will have a practical portion where you are required to write a report or provide written answers to questions but those are outside the scope of this video.

Thank you for watching!

Thanks for watching!

These questions are absolutely applicable to all areas of Cyber Security! You aren't eligible for what? There is no set requirement for years of experience to get into Cyber Security but if you've already been doing bug bounties, that is real world experience that you can highlight on your resume/cv.

@@JonGoodCyber not eligible to apply for that job,cuz currently i am in my final year of computer science engineering,and don't have 3-6 years of industry experience, and there are very few job openings which doesn't require experience

Never assume that employers will immediately reject you. I tell people to apply to any entry level IT and Cyber Security job that lists 3 years of experience or less and start getting experience with whichever door opens. I coach and help people get into entry level Cyber Security jobs with no experience all the time so it's entirely possible.