Jump to content
rubinger

help question for a job interview

Recommended Posts

hi everyone,
I got an home assignment during an interview to a cyber role with the following questions, can you please me help with them.
I would appreciate it if you could elaborate as much as possible.
 
*You are a cyber attacker trying to grab a file from an employee’s machine (Windows machine). You only know the employee’s name.
 
  1. List all methods the attacker can try to achieve his goals. Please be verbose and provide as many details as possible.
  2. What specific cybersecurity solution/feature can block/prevent/detect each of these methods? How can attackers overcome these defenses?
 
thank you 

Share this post


Link to post
Share on other sites

What have you come up with so far?

Share this post


Link to post
Share on other sites

hi, i dont know the answer for Q1 .

for Q2 

2 - install agent based defenses for anti virus, EDR, and phishing products, segment the network implement permissions.

implement CDR and antivirus scan on incoming attachments. 

block hardware on the local workstations.

Share this post


Link to post
Share on other sites

You can't really answer Q2 without answering Q1, since you don't know what penetration methods can be used. You just threw out some tech jargon and common tools, kinda "let's see what sticks" approach. And it sounds like you have no ideas for Q1, so why should you get this job? 

I would suggest you brush up on penetration techniques, specifically related to Windows and Active Directory. The following Google search yielded some really interesting articles that seem pertinent to what you are looking for:

https://www.google.com/search?q=pentest+find+user+machine+from+employee+name&oq=pentest+find+user+machine+from+employee+name&aqs=chrome..69i57j33.9488j1j7&sourceid=chrome&ie=UTF-8

I especially enjoyed the article from https://hausec.com, which walks you through the process from the beginning.

I'm not going to give you direct answers, since that would make me more qualified for this job than you. I also don't claim to have all the answers, but I'm not the one interviewing for a infosec job, as much as I would love a career change. I wish you luck on your job search and I hope you can gain the knowledge you need to do your job well and impress the interviewers.

  • Like 1
  • Upvote 3

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...