That same week I quickly received a call from the company and a date was schedule for the interview. In my day of the interview I met with the CISO (Chief Information Security Officer) and the following technical were asked:
- Explain TCP/IP and mention its layers.
- Explain layer 2 of the OSI model.
- Explain layer 3 of the OSI model.
- Difference between TCP and UDP.
- Difference between Telnet and SSH.
- How does SSH encrypts the data?
- Explain how fragmentation occurs within a network.
- Define Malware?
- What is a sniffer and what is it used for?
- What is Netcat and what is it used for?
- What is a Buffer Overflow and what is it used for?
- The interviewer drew a diagram on a piece of paper consisting of two machines in a LAN, a Gateway and a Web Server in the Internet hosting a financial site via HTTPS. Explain how an attacker (Machine A) could sniff traffic from victim (Machine B) and is the attacker able to see the encrypted data and how was this accomplished. How can the victim know that he was being attacked by the attacker?
I did pretty good and answered all the questions. He was somewhat impressed. He told me that I was the first to answer all the questions and that I'm the person he was looking for. He went on saying that these questions were easy, however, the candidates he interviewed that day were having difficulty answering them.
Well, now I just have to wait and see if I get the job offer and if the salary and compensation package is better than my current job.