.

Pen Test Interview Soon

<<

variable

Newbie
Newbie

Posts: 2

Joined: Wed Apr 25, 2012 2:38 pm

Post Wed Apr 25, 2012 2:50 pm

Pen Test Interview Soon

I have an interview lined up for a pen testing job next week.  I do have a computer security background but I am relatively new to pen testing.  I was told there will be a virtual box setup that i am suppose to compromise and then writeup a report when im done scanning/testing/hacking.  My question is what sort of tools/preparation would you take into an interview like this?  What sort of criteria would YOU want to see on a report.  Any advice is helpful. 
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Wed Apr 25, 2012 2:57 pm

Re: Pen Test Interview Soon

Can you bring BackTrack in? That should provide more than you need to do the tasks at hand.

This is a great resource for a report template: http://www.offensive-security.com/offse ... st-report/

Do you have any specific questions on the process? There's unfortunately no secret that will magically make you a pen tester in a matter of days.
The day you stop learning is the day you start becoming obsolete.
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Wed Apr 25, 2012 3:01 pm

Re: Pen Test Interview Soon

Were you told to bring your own system to attack from or will that be provided for you?

Certainly, in addition to the technical skills, they will want to see how well you can report on it. I would recommend reading this blog post:
http://pen-testing.sans.org/blog/2012/0 ... en-testing

I would want to see that you can summarize the findings in a non-technical summary and that you can present the risk appropriately. I would want to see what your thought process is on how you rate risks - in other words, for this purpose, I wouldn't care what you rated findings so long as you provided thoughtful support. I would also be looking at how you tell me to fix the problem.
<<

variable

Newbie
Newbie

Posts: 2

Joined: Wed Apr 25, 2012 2:38 pm

Post Wed Apr 25, 2012 3:21 pm

Re: Pen Test Interview Soon

As far as I know I cant bring in a system.  It will be a lab enviroment with a VM windows machine at a logon prompt and anything goes from there.  Its just a basic test to see if you can bypass authentication, gain root, find what services are running and wheter or not you can compromise them.  The more prepared the better off I am.  What interview questions would you ask someone for a entry level pen-test job?
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Wed Apr 25, 2012 3:40 pm

Re: Pen Test Interview Soon

Start with this: http://resources.infosecinstitute.com/i ... n-testing/

And review an alternate perspective: http://www.thehackeracademy.com/the-key ... n-testers/

And as Bill alluded to, the most important thing is your thought process and cognitive capabilities. It's relatively easy to remedy technical gaps of knowledge, but it's much more difficult to improve someone's problem solving skills.

That test sounds odd. You're just sat in front of a single Windows system, and there's no attack system? Maybe they're testing you to see how prepared you are. Bring in a bootable Backtrack USB thumb drive and know how to add/change Windows accounts once booted to that (obviously make sure that's allowed).
The day you stop learning is the day you start becoming obsolete.
<<

Darktaurus

User avatar

Full Member
Full Member

Posts: 181

Joined: Thu Sep 03, 2009 8:48 am

Post Fri May 11, 2012 9:03 am

Re: Pen Test Interview Soon

variable wrote:I have an interview lined up for a pen testing job next week.  I do have a computer security background but I am relatively new to pen testing.   I was told there will be a virtual box setup that i am suppose to compromise and then writeup a report when im done scanning/testing/hacking.   My question is what sort of tools/preparation would you take into an interview like this?   What sort of criteria would YOU want to see on a report.  Any advice is helpful. 


How did the interview go?  Was it everything you thought would happen or did they through surprises during the interview?
OSCE, OSCP, OSWP, CISSP, GPEN

www.agoonie.com
<<

impelse

Hero Member
Hero Member

Posts: 585

Joined: Mon Feb 16, 2009 3:40 pm

Post Sat May 12, 2012 6:34 pm

Re: Pen Test Interview Soon

When I was reading this post, I was expecting to see the result of the interview.lol
CCNA, Security+, 70-290, 70-291
CCNA Security
Taking Hackingdojo training

Website: http://blog.thehost1.com/
<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Mon May 14, 2012 9:57 am

Re: Pen Test Interview Soon

I know, left us hanging and all.
Certs: GCWN
(@)Dewser

Return to Career Central

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software