- General
- Career
- Behavioral-Based
- Time when you came up with a new approach to a problem.
- Describe a project that required input from people at different levels in the organization.
- Encountered a problem and how you resolved it.
- Juggle multiple important projects.
- Most innovative new idea that you have implemented?
- What project have you done that you're most proud of?
- General
- Can you describe the different components of AWS security?
- Ensure the security of its data centers?
- Concept of least privilege and how it applies to AWS?
- How does AWS implement network security?
- Types of AWS Identity and Access Management (IAM) policies?
- AWS Secure Sockets Layer (SSL) and Transport Layer Security (TLS) work?
- AWS Security Groups and how they can be used to control inbound and outbound traffic
- How does AWS implement encryption to protect data at rest and in transit?
- Can you describe the different types of AWS firewalls (e.g. Network Firewall, Web Application Firewa
- Enable secure access to resources using IAM roles and temporary credentials?
- How does AWS enable secure data transfer using AWS Transfer Family (e.g. SFTP, FTPS)?
- How does AWS enable secure application development using services such as AWS Secrets Manager and AW
- Features of AWS Shield and how it can be used to protect against DDoS
- Enable secure communication between services using VPC endpoints and AWS PrivateLink?
- Can you describe the security features of AWS Direct Connect and how it can be used to establish a s
- Securing
- How can you secure access to S3 buckets?
- What is AWS KMS and how can it be used to secure data?
- Secure access to an AWS database
- Secure an application running on an EC2 instance
- Protect against security breaches on AWS?
- Ensure the security of user data stored in AWS
- Secure access to the AWS management console
- Secure data stored in the AWS with encryption
- Secure your AWS infrastructure from unauthorized access
- Secure data in transit and at rest in AWS
- Secure access to your Amazon Elastic Container Service (ECS) clusters
- Using Amazon Virtual Private Cloud (VPC) to secure your resources
- AWS WAF to protect against web-based attacks
- AWS Certificate Manager (ACM) to secure your website and applications
- S3
- General
- Security & Privacy Governance
- Cloud Security
- Compliance
- Cryptographic Protections
- Cryptography
- What is cryptography?
- What are the different types of cryptographic algorithms?
- What is the difference between symmetric and asymmetric cryptography?
- What is a hashing algorithm?
- What is public-key cryptography?
- What is the purpose of digital signatures?
- How are digital signatures authenticated?
- What is the difference between encryption and hashing?
- How does encryption ensure the confidentiality of data?
- What is the difference between encryption and steganography?
- What is the difference between a cipher and a code?
- What is a one-time pad?
- What is the difference between symmetric and asymmetric key sizes?
- What is a key management system?
- What is a digital certificate?
- What is the difference between a digital signature and a hash?
- What’s the difference between Diffie-Hellman and RSA?
- What is Forward Secrecy?
- What are block and stream ciphers?
- What are some examples of symmetric encryption algorithms?
- What are some examples of asymmetric encryption algorithms?
- TLS
- What is TLS?
- What is the purpose of TLS?
- How does TLS work?
- What are the main components of TLS?
- What are the benefits of using TLS?
- What are the differences between TLS and SSL?
- What are the key algorithms used in TLS?
- What is a TLS certificate?
- What are the different versions of TLS?
- What are the common vulnerabilities of TLS?
- What is a TLS handshake?
- What is a TLS session?
- What is a TLS tunnel?
- How can I configure TLS on my server?
- What is the difference between TLS and IPsec?
- Does TLS use symmetric or asymmetric encryption?
- Describe the process of a TLS session being set up when someone visits a secure website.
- What’s more secure, SSL, TLS, or HTTPS?
- Cryptography
- Data Classification & Handling
- Identification & Authentication
- Network Security
- General
- DNS
- What is DNS Resolution?
- What is DNS?
- What is a Name Server?
- What is a DNS Record?
- What is a A Record?
- What is a AAAA Record?
- What is a CNAME Record?
- What is PTR Record?
- What is a MX Record?
- What is a ND Record?
- Explain DNS Record TTL?
- Is DNS using TCP or UDP?
- What are the steps in a DNS lookup?
- Why is DNS monitoring important?
- Networking
- What is the network layer?
- What happens at the network layer?
- What is a packet?
- What is the OSI model?
- What is the TCP/IP Model?
- OSI model vs. TCP/IP model
- What is the difference between the 'network' layer and the 'Internet' layer?
- What protocols are used at the network layer?
- How do these concepts relate to websites and applications users access over the Internet?
- TCP/IP Model
- Privacy
- Data Privacy - General
- HIPAA (Facts)
- Business Associate Agreement (Facts)
- Data Use Agreement (Facts)
- GDPR (Facts)
- Questions
- What steps have you taken to protect customer data in light of GDPR?
- How do you handle personal data requests from customers?
- Are you aware of the rights customers have under GDPR?
- How do you handle customer requests to delete their data?
- Do you have procedures in place to report data breaches in light of GDPR?
- How do you ensure that third-party vendors comply with GDPR?
- How do you ensure compliance with GDPR?
- Risk Management
- Mobile Device Management
- Third-Party Management
- Vendor Risk
- Vendor Risk Assessment Steps
- Vendor Contract Reviews
- Assessing Cloud Vendors
- Third-Party Data Protection
- Review of Security Requirements for Contracts
- Vendor Management Tasks
- Questions
- How do you ensure that vendor data is properly secured and protected?
- What measures do you take to ensure the vendor risk assessment is accurate and up to date?
- Describe the process you use to conduct a vendor risk assessment?
- What criteria do you use to evaluate the risks associated with a vendor?
- How do you monitor and assess a vendor's performance?
- How do you handle vendor disputes?
- What is your experience in developing vendor risk assessment policies?
- How do you ensure that all vendors comply with your risk assessment policy?
- How do you determine the level of risk associated with a vendor?
- What steps do you take to ensure the security of vendor data?
- How do you respond to a potential vendor risk incident?
- What measures do you take to ensure the accuracy of vendor data?
- What types of control activities do you perform to mitigate vendor risk?
- Vendor Risk
- Web Security
- Vulnerability & Patch Management (Empty)
- Threat Management (Empty)
- Security Awareness & Training (Empty)
- Security Operations (Empty)
- Secure Engineering & Architecture (Empty)
- Information Assurance (Empty)
- Incident Response (Empty)
- Endpoint Security (Empty)
- Continuous Monitoring (Empty)
- Configuration Management (Empty)
- Asset Management (Empty)
- Change Management (Empty)
- Business Continuity & Disaster Recovery (Empty)