I interview and screen Security Engineers and Architects a few times a year. 30 years in the field. I think these answers suffer just a a bit from being disorganized or overly technical focus in mentioning specific details (e.g. showing off or geeking out about minutia). This may be fine for distinguishing yourself at the entry level but maybe not the best path forward. What I look for in an answer is more of an organized response, and a basic communication skill to consider the audience (interviewer) may not have your same skillset, or interest. Don't try and baffle anyone with BS (even if it is accurate). Examples of personal experience is fine but you have to connect it to the overall answer. You could ask if they want the most technical answer (for example, explaining to a peer) or a more general answer (say for a technical manager but not expert on this topic). Have you heard the saying "if you can't explain it to a child, you don't really understand it". Talking to people outside of your skill bubble is an important skill to demonstrate. LISTEN to the questions. ASK for clarification. CONSIDER if they want to be wowed with buzzwords and minutia or not. It is OKAY to think for 5 seconds before you answer. Internet- better answer for a "manager", for example: The most important thing to understand is that it is based on all the computers, networks, and data centers agreeing to standardize and use specific network technologies and protocols. Those are TCP/IP, DNS, and some Routing Protocols. This unlocks the inter-operability globally. There were many local and regional networks before the Internet, and often they were proprietary and could not communicate with each other (or did only in a limited fashion). So understanding that standardization opened the interoperability is helpful and gives us these steps: Then there are basically five tricks that get resolved here: 1. Network Address resolution (DNS), 2. Routing across the globe (BGP, etc.), 3. Application level session (e.g. browser and webserver in sync on TCP/IP port 443 and your source port), 4. Encryption across that connection (TLS+ starts assymetric and then goes symmetric), 5. Authentication and Authorization (login, MFA, permissions, etc.). You can spend 30 seconds on each of those tricks. Use some analogies for examples like (1) sending a letter to someone you have to know their address for the envelope. "Consider the problem this way... You can't just write "Grandma" on the envelope, but you only typed "wikipedia" into the browser... so DNS answers that problem and here is how." (2) Your postal carrier does not know how to get to Grandma's house... but they know the "next step" e.g. get it to the local post office, which knows the "next step" and so on. That is how the letter will travel many miles based on "next step" rules. For the network we use the term "next hop". Here is how ISP's do that... (3) Your PC and the webserver are likely running dozens of programs, processes, and connections running, lots of data to keep track of. This HTTP request has to get sorted so each side knows which application and which data to link it to. Example is calling a hospital and knowing the extension of the party you are calling, extension 443 webserver please. Webserver, this is Patient (source port) 25123, and so on. Now the applications on each side are in sync and actual conversation can happen. (i.e. you understand the problem and how the technology solves for it) etc. Now, if you want me to spend 5 minutes (or 60) talking deep technical about any part of that overall picture, tell me and I will. I just did that off the top of my head, and it should show. The interview is a chance for you to show that. I am not interviewing for someone who has memorized how RSA works under the hood. If you can explain Diffie Hellman in 30 seconds and it is clear, great... I don't need 5 minutes about it, but can you give me the context of why I care? What problem does that address? You will get plenty of "canned" questions and an HR person that asks "tell me more" when they don't understand the answers... they just want to see if you can provide some coherent answer. So figure out quickly your interviewer skillset and what they want. (that is it's own demonstration of problem solving) Just my personal opinion, worth what you paid for it.

Need more of these, sadly not much security interview experience-related content is available compare to a software developer interview.

Awsome really amazing, I'm a Cybersecurity Analyst, and to be honest, I'm not that good with Programming! but after seeing the video I'm really motivated and now I have a strong reason to improve my programming knowledge.

The way he explained everything that was super clear I'm still trying to get in as a sec engineer hope will get the chance as soon as possible

Thanks for watching! Don't forget to like and subscribe, and go here for 10% off our full software engineering interview course: bit.ly/38ZXXtw

These are the exact question I was asked for a sec eng job. Although i was not ready, i definitely learned something out of it!

This is a phenomenal video! I wish you could interview for me

very a helpfull video, I will use a white Board for explain how a handshak between the server and the client works !

Would you include PCI DSS in your courses? Also in demand is path to becoming an ISA or QSA. Thanks

That’s a very detailed and thorough answer. Maybe more than what’s asked. I would try to limit the uhs and ums because that’s what recruiters/hiring managers pay attention to. You could very much making up things, but someone who is confident, will more than likely not say um and uhs as much. Might come out a bit not as much. What I do is answer in a clear concise method. If the one interviewing asks me for more clarity im more than happy to elaborate!

Thanks for sharing I was wondering if google test the cybersecurity skill using a CTF or a website to validate the skills.

Is DSA required as a Cybersecurity or is DSA questions asked in interview?

This guy is awesome. Hired!

Great content. But this was more of a networking engineer interview rather than a security one.

I have my technical interview on Monday and this video makes me feel like I’m going to totally bomb. 😢

This looks like a memorisation test. I'd rather talk about advantages of EC over RSA for example. Or the reason behind hybrid encryption schemes ... After a job interview like like I'd lose any interest in the job offer

As a 10 year network engineer, he didnt really answer the first question. He didn't touch on the usage of ARP, Internal and External Routing, and NAT, things that in my opinion are critical to routing from point A to B and back.

I’m trying for proxy I’m 10th pass only can I survive

not really sure what "defang" means in this case..Someone can articulate? Thanks

I dont know if this would be a rea life job interview.

Another set of Advanced interview questions here kzbin.info/www/bejne/kGiTc3-Mdtqhn7Msi=z6rj_FNHcnVav1i_

Is he reading a response to the internet question?

日本人？

What are these question. This is basically asking him if he is an encyclopedia. Where are the critical thinking

What a load of technobabble BS, I'm a cissp and this put me to sleep. Keep is simple please. no interviewer deep dives into ssl handshakes

Terrible answer on how the internet works.