Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,710 --> 00:00:05,390
In this video, we will talk about roles and responsibilities and same questions.
2
00:00:05,390 --> 00:00:11,450
So whenever you are going for an interview, then definitely the interview interview is going to ask
3
00:00:11,450 --> 00:00:14,120
the questions related to your roles and responsibilities.
4
00:00:14,120 --> 00:00:17,600
And this is 100% chances, right?
5
00:00:17,780 --> 00:00:23,000
So it's very rare cases that the interviewer is not going to ask the roles and responsibilities and
6
00:00:23,000 --> 00:00:23,930
same questions.
7
00:00:23,930 --> 00:00:30,290
Well, whatever, whatever I have seen and whatever my seniors, my juniors I have seen and collected
8
00:00:30,290 --> 00:00:38,360
all those these data and I have seen the roles and responsibilities was the main you can say main question
9
00:00:38,360 --> 00:00:41,540
that was included in all those 50 samples.
10
00:00:42,670 --> 00:00:43,660
So let's meet.
11
00:00:43,930 --> 00:00:46,150
Let me start with what is sim?
12
00:00:47,060 --> 00:00:50,810
So you, you are already are already working on that same right.
13
00:00:50,990 --> 00:00:58,700
What exactly it is security information and even management we can see this is this is this is using
14
00:00:58,700 --> 00:01:00,140
for the real time analysis.
15
00:01:00,140 --> 00:01:04,040
Right and security alert generated by application and network network hardware.
16
00:01:04,100 --> 00:01:08,690
So that's what SIM and we seem you were using in your organization.
17
00:01:08,690 --> 00:01:14,090
This is one of the question and what was the source is from where same collection the logs so sources
18
00:01:14,090 --> 00:01:21,860
what what actually the interviewee is asking here that from where your sim were getting the logs so
19
00:01:21,860 --> 00:01:28,130
definitely it was an idea such ideas maybe the routers, virtual machines servers was different different
20
00:01:28,130 --> 00:01:28,520
places.
21
00:01:28,520 --> 00:01:35,840
So but you should know your organization architecture that exactly from where your sim was collecting
22
00:01:35,840 --> 00:01:36,260
the
23
00:01:38,930 --> 00:01:40,910
sorry collecting the logs.
24
00:01:40,910 --> 00:01:41,390
Right.
25
00:01:43,090 --> 00:01:46,180
Now what is clearer is they both are same.
26
00:01:46,870 --> 00:01:49,150
You can search on more on these things.
27
00:01:49,660 --> 00:01:51,910
What is the architecture of these architecture?
28
00:01:52,090 --> 00:01:52,450
Radar.
29
00:01:52,450 --> 00:01:58,510
And definitely they will ask about these things so you can directly go these two links I have shared.
30
00:01:58,840 --> 00:02:01,060
You can go and you can read these things.
31
00:02:01,950 --> 00:02:04,260
What are the components of radar is Splunk.
32
00:02:04,260 --> 00:02:08,450
So whatever they did, I don't know whether you are using Q Radar or Splunk, right?
33
00:02:08,460 --> 00:02:12,990
So if you are using Q radar, maybe, let's say example, even data, dataflow data.
34
00:02:12,990 --> 00:02:15,350
So just go for that components.
35
00:02:15,360 --> 00:02:22,410
What actually the login analysis dashboard, there are a lot of things, components in that and Splunk
36
00:02:22,980 --> 00:02:26,400
for Splunk, let's example, search hard for forwarder indexer.
37
00:02:27,450 --> 00:02:31,350
You can go through this link and you will get a lot of data.
38
00:02:32,220 --> 00:02:34,140
Now brief us about your carrier.
39
00:02:34,140 --> 00:02:34,830
So.
40
00:02:35,990 --> 00:02:38,630
Your career so far from where you have started.
41
00:02:38,630 --> 00:02:41,300
So you have to start from your academics, right?
42
00:02:41,420 --> 00:02:41,690
Right.
43
00:02:41,690 --> 00:02:42,560
From the academics.
44
00:02:42,560 --> 00:02:43,250
And.
45
00:02:45,710 --> 00:02:47,510
And including your graduation.
46
00:02:47,510 --> 00:02:49,040
Then after your first job.
47
00:02:49,040 --> 00:02:55,100
Second job, and then what do you have to do you have done apart from your roles and responsibilities?
48
00:02:55,100 --> 00:02:58,520
You can also mention these things in your career.
49
00:02:59,510 --> 00:03:03,080
Please explain your roles and responsibilities to your previous organisation.
50
00:03:03,080 --> 00:03:06,500
So directly is asking about the roles and responsibilities you can tell.
51
00:03:06,530 --> 00:03:06,950
What?
52
00:03:06,950 --> 00:03:13,140
What was the roles and responsibilities and what are the other parts you are doing apart from that?
53
00:03:13,150 --> 00:03:14,180
Roles and responsibilities.
54
00:03:14,180 --> 00:03:15,430
So you can mention those.
55
00:03:15,440 --> 00:03:18,890
It will give a good you can say impression on the interviewer.
56
00:03:19,640 --> 00:03:25,340
So have you underlined any sorry handle any big incident phishing email case in your career?
57
00:03:25,340 --> 00:03:31,880
So let's say if you have investigated on any malware, if you investigate it on any big phishing email.
58
00:03:31,880 --> 00:03:34,130
So you can mention those things here.
59
00:03:36,200 --> 00:03:36,710
Right.
60
00:03:36,980 --> 00:03:40,690
So let's say example candidate handle emotet malware campaigns, right?
61
00:03:40,700 --> 00:03:48,320
So you will explain each and everything that how I detected, how he investigated step by step and how
62
00:03:48,320 --> 00:03:50,030
and how he mitigated it.
63
00:03:50,030 --> 00:03:50,290
Right.
64
00:03:51,920 --> 00:03:52,640
Next question.
65
00:03:52,640 --> 00:03:55,250
We have explained this incident in the form of cyber kill chain.
66
00:03:55,330 --> 00:03:55,480
Okay.
67
00:03:55,520 --> 00:03:57,090
We already have discussed this one.
68
00:03:57,110 --> 00:03:57,740
Correct.
69
00:03:58,490 --> 00:04:02,030
And in the cyber kill chain video, we have already discussed it.
70
00:04:02,120 --> 00:04:05,360
What are the stages of incident management process?
71
00:04:05,360 --> 00:04:06,620
So that is very simple.
72
00:04:06,620 --> 00:04:09,800
You are doing this process in your daily routine.
73
00:04:09,980 --> 00:04:15,680
That is incident identification, logging and categorization, incident notification and escalation
74
00:04:15,830 --> 00:04:20,480
investigation, resolution, recovery, and then incident incident closer.
75
00:04:22,910 --> 00:04:25,940
Next question, how you handle any alert.
76
00:04:25,970 --> 00:04:31,580
So he's directly talking about that, the alert you are getting from SIM.
77
00:04:31,910 --> 00:04:33,500
So please explain the process.
78
00:04:33,500 --> 00:04:38,690
So you have to explain a whole process that how actually you handle and how actually you were working
79
00:04:38,690 --> 00:04:40,340
on those incidents.
80
00:04:41,090 --> 00:04:43,880
What is the event code for success and failure login.
81
00:04:43,880 --> 00:04:49,190
So it's 46244, log in and 4625 is successful.
82
00:04:49,190 --> 00:04:51,910
Log in 4462446254 fail along.
83
00:04:51,950 --> 00:04:55,760
So you can you can check all all those event codes.
84
00:04:56,120 --> 00:05:03,620
Maybe they will they will ask you different different codes regarding such as audit policy.
85
00:05:04,190 --> 00:05:08,900
These are the things they can ask with certification you have done.
86
00:05:08,900 --> 00:05:11,900
Let's say you if you have done the CE certification.
87
00:05:11,900 --> 00:05:12,440
Right.
88
00:05:12,440 --> 00:05:16,640
So you should know about the C is what exactly in that because they can ask any question.
89
00:05:16,640 --> 00:05:20,880
Let's say they can ask you directly about the Wireshark.
90
00:05:20,930 --> 00:05:25,220
They can ask about a map or different, different tools.
91
00:05:25,490 --> 00:05:27,020
Okay, so what is the map?
92
00:05:27,290 --> 00:05:34,610
So NPP stands for Network Maker Mapper, and we generally used it to scan a system and understand what
93
00:05:34,610 --> 00:05:39,580
weakness exist that a hacker could potentially exploit through the NSA engine.
94
00:05:39,590 --> 00:05:42,740
If you remember, we have used end map, right?
95
00:05:42,740 --> 00:05:48,320
So as the program is open source and free, it is one of the most more common tool use for scanning
96
00:05:48,320 --> 00:05:51,080
network for open ports and other weakness.
97
00:05:51,770 --> 00:05:54,680
95th Question What is the difference between IOC and I?
98
00:05:54,780 --> 00:05:55,940
We have discussed it.
99
00:05:55,940 --> 00:05:57,410
Let's again discuss it.
100
00:05:57,620 --> 00:06:06,440
So I see that is static, but I use that dynamic I which means indicator of attack so I, I can directly
101
00:06:06,440 --> 00:06:13,280
say is for ADR and I use urgently for the malware whatever we are getting on daily routines.
102
00:06:13,280 --> 00:06:13,730
Right.
103
00:06:14,480 --> 00:06:16,160
The known signatures you can say.
104
00:06:17,690 --> 00:06:19,190
What is the spear phishing?
105
00:06:19,190 --> 00:06:27,500
So targeting a single person, targeting a single person in any organization or any anything else and
106
00:06:28,190 --> 00:06:34,400
sending sending one of the phishing emails, doing the social engineering that is called spear phishing.
107
00:06:36,000 --> 00:06:38,640
How you will do the analysis of phishing emails.
108
00:06:38,640 --> 00:06:40,020
So take this course.
109
00:06:40,020 --> 00:06:41,730
This is a free course, right?
110
00:06:42,610 --> 00:06:45,700
And you can learn fishing email investigation from here.
111
00:06:46,270 --> 00:06:48,940
This is totally free as of this video.
112
00:06:49,210 --> 00:06:50,560
I'm making this video.
113
00:06:50,560 --> 00:06:53,530
So as of now, it's free header analysis.
114
00:06:53,530 --> 00:06:55,120
You can also learn from there.
115
00:06:55,450 --> 00:06:56,800
Can you name support number.
116
00:06:56,800 --> 00:07:04,700
So you should remember the important phone number such as 420 538944434 number 80.
117
00:07:04,800 --> 00:07:05,250
Right.
118
00:07:05,260 --> 00:07:06,640
So these are the basics.
119
00:07:06,640 --> 00:07:13,120
But whatever the very on a daily basis, whatever you are, what number you are working on, you should
120
00:07:13,120 --> 00:07:14,830
know those port numbers.
121
00:07:17,220 --> 00:07:18,270
What is the LP?
122
00:07:18,300 --> 00:07:19,770
We already have discussed it.
123
00:07:19,800 --> 00:07:20,400
Right.
124
00:07:20,760 --> 00:07:22,350
So I'm not discussing it.
125
00:07:22,710 --> 00:07:24,660
The mag, SPF and the game.
126
00:07:24,660 --> 00:07:27,600
Well, you can go through that free course.
127
00:07:27,600 --> 00:07:29,100
You will get it.
128
00:07:29,100 --> 00:07:33,990
But let me tell you some some some of the demo that what actually there are some small differences in
129
00:07:33,990 --> 00:07:34,620
these t.
130
00:07:34,620 --> 00:07:39,840
So Dmarc is domain based message authentication, reporting and confirmation is an email authentication
131
00:07:39,840 --> 00:07:43,860
policy and reporting protocol basically dmarc and dmarc.
132
00:07:43,860 --> 00:07:45,960
We have SPF and the DCMS.
133
00:07:45,960 --> 00:07:55,770
So SPF, you know, SPF shows that the IP address, whatever, the domain, the IP addresses.
134
00:07:57,350 --> 00:07:59,060
Related to that domain.
135
00:07:59,060 --> 00:08:01,820
So it authenticated those things.
136
00:08:01,820 --> 00:08:05,150
And Dkim having some domain keys identified, Mel.
137
00:08:05,180 --> 00:08:05,990
It means.
138
00:08:08,220 --> 00:08:15,070
It gives you can say it gives the integrity means that the content of the body is not changed.
139
00:08:15,090 --> 00:08:18,510
So this is done by giving the email a digital signature.
140
00:08:19,050 --> 00:08:20,820
So this is what DCMS do.
141
00:08:20,850 --> 00:08:22,920
SPF means sender policy framework.
142
00:08:23,010 --> 00:08:28,740
For more details, you can directly go jump to this free course and you can see there all those things.
143
00:08:29,280 --> 00:08:33,540
How you will decide that on which alert you have to work first if there is 100.
144
00:08:34,080 --> 00:08:41,370
Obviously, if if there is some some 100 alerts, there will be some some varieties like high critical,
145
00:08:41,370 --> 00:08:42,320
medium low.
146
00:08:42,330 --> 00:08:46,740
So obviously, I will choose a critical one, which is very critical for my network.
147
00:08:46,830 --> 00:08:49,890
So I will choose that one and I will work on it firstly.
148
00:08:52,190 --> 00:08:54,000
Why you want to leave your company.
149
00:08:54,020 --> 00:08:57,780
That's a very you very big question always.
150
00:08:57,800 --> 00:08:59,720
You will get this question always.
151
00:08:59,840 --> 00:09:05,750
So you can tell I mean, you can think your answer your answer could be different from mine.
152
00:09:05,960 --> 00:09:12,950
But what I what I just tell that I've learned a lot of things in my previous conversation.
153
00:09:12,950 --> 00:09:14,780
I explore as much as I can.
154
00:09:15,260 --> 00:09:20,270
So now I feel that I should move for a challenge and for a new responsibility so that I can grow more
155
00:09:20,750 --> 00:09:23,900
and you can add more things, right?
156
00:09:23,900 --> 00:09:29,060
So that so that it can give you a good impression to the interviewer.
157
00:09:29,450 --> 00:09:37,250
What motivated you to come in this organization so you can say you have learned more things about that
158
00:09:37,250 --> 00:09:43,220
organization and there is a learning, there is challenges and there is new responsibilities.
159
00:09:43,400 --> 00:09:45,890
And that matches your profile.
160
00:09:45,890 --> 00:09:50,570
So that's why these things motivated to come in that organization.
161
00:09:50,840 --> 00:09:52,460
You can tell these things.
162
00:09:53,240 --> 00:09:54,840
Do you have any questions to us?
163
00:09:54,870 --> 00:09:55,130
Okay.
164
00:09:55,160 --> 00:09:56,180
This is the last question.
165
00:09:56,180 --> 00:10:04,040
Well, you can ask if you have any any such good question, then you must go with that.
166
00:10:04,370 --> 00:10:09,540
But if you don't have, then I should suggest you don't ask any question if you don't have.
167
00:10:09,580 --> 00:10:10,120
Right.
168
00:10:10,910 --> 00:10:12,260
So that's it, guys.
169
00:10:13,490 --> 00:10:15,290
We have this roles and responsibilities.
170
00:10:15,290 --> 00:10:16,370
That was a very.
171
00:10:18,200 --> 00:10:25,640
You know that the interview always asks these type of questions related to roles and responsibilities.
172
00:10:25,790 --> 00:10:32,960
So these 105 questions is going to be a very is going to be very helpful for you.
173
00:10:33,920 --> 00:10:37,550
As for our sample, we have taken 50 interviews sample.
174
00:10:37,550 --> 00:10:41,840
And these were the repeated questions we were getting.
15786
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.