This book is bursting at the seams with technical and behavioral interview questions and sample answers， to help prepare for InfoSec interviews。 There are 10 chapters about particular InfoSec roles， each chapter describing the role， average salary， roles you can progress to， and common interview questions for that role （the majority of the chapter）。 There's another long chapter specifically about behavioral interviews。 I read the chapters that are most relevant to my search for a cyber threat in This book is bursting at the seams with technical and behavioral interview questions and sample answers， to help prepare for InfoSec interviews。 There are 10 chapters about particular InfoSec roles， each chapter describing the role， average salary， roles you can progress to， and common interview questions for that role （the majority of the chapter）。 There's another long chapter specifically about behavioral interviews。 I read the chapters that are most relevant to my search for a cyber threat intelligence role。NotesHacking YourselfQ: Tell me about yourself。A: Give a brief summary of your career， focusing on your impact on past employers; give a 30-second elevator pitch。Q: What is your greatest weakness？A: Bring up a weakness they already know about， describe value you bring to org。Q: Where do you see yourself in （x） years？A: Answer， then ask， "Can you tell me how others in this role have advanced their careers here？"Q: What are your salary expectations？A: "I appreciate you asking me that question。 Would you be against us discussing compensation after everyone has agreed that this is a good match？" or "Are you needing a minimum salary number for your interview form？" If they say yes， give a number 30-40% above your current base salary。To soften requests or statements in interview， start with， "Would you be opposed to …" "Would it make sense …" "Can you offer your advice on …" and "It seems …"SOC AnalystQ: What are common security vulnerabilities？A: Security misconfigurations， IAM of third parties， credential reuse。Q: What is XSS？A: Cross-site scripting （XSS） is a JavaScript vulnerability in web apps。 In reflected XSS， user enters script on client side and this input gets processed without being validated。 So untrusted input is executed on client side， typically through browser。 In stored XSS， malicious script is injected directly into vulnerable web app and executed。 So any user visiting web app server will be infected， even if they clear browser cache。Q: What is CSRF？A: Cross-site request forgery （CSRF） is vulnerability in web applications where server doesn't validate request as being from a trusted client。 Attacker could take over a session and send requests as the user。Q: What are common attacks？A: Malware/ransomware， DDoS/DoS， phishing/BEC， credential stuffing， web app attacks。Behavioral Interview QuestionsBefore behavioral interview， review job posting and identify keywords。 Try to use them in your answers。Before behavioral interview， identify your 5-10 top skills and situations when you used them。Adaptability• Describe a major change at an employer and how you handled it。• Tell about a time you had to adjust to changes out of your control。• What do you do when your priorities need to change quickly？Ambitiousness• How do you handle disagreements with your management team？• If you have several projects， how do you prioritize？Analytical thinking• Provide an example of using your analytical abilities。• Walk me through your decision-making process。• Provide an example of a time you used good judgment and logic to solve a problem。• Tell about a time when you had to analyze information and make a recommendation。Building relationshipsTell me about a time when you weren't able to build a relationship with someone because they were too difficult to deal with。Communication• Describe a time you had a conflict with your supervisor and how you handled it。• Give an example of a time when you needed to speak up during a project。• Tell me about a challenge you faced while coordinating a project with other teams。Decision makingQ: Discuss an important decision you have made regarding a task or project。 What factors influenced your decision？A: "I think ahead to the end result and work backward。 Factors include budgetary and resource constraints。"Q: Have you ever made a poor decision at work？ How did you recover？Q: Describe a time when you had to make a quick decision。A: Talk about how practice and preparation helps you make quick decisions。Q: Provide an example of a time when you didn't have enough information to make a decision。 What did you do？A: Talk about trying to get more info， and making the best decision with the available info。Q: What is your process of making important decisions？A: "I think ahead to the end result and work backward。 Then， I identify things that could prevent success。 I review all available data to make the best decision。 I try not to be emotionally tied to the outcome。"Q: How do you involve your manager or others when you make a decision？A: "I identify who needs to know about the decision。 Then， describe the decision and why it needs to be made。 I ask for others' thoughts on the decision。 I refrain from sharing my thoughts or opinions because I want to get honest feedback。"Q: Tell me about a time you had to defend your decision successfully even though key stakeholders were initially opposed to your decision。A: Talk about listening to their concerns and trying to address them。Q: Can you tell me your process for making highly technical decisions？A: "I focus on the end result and then identify the KPIs that are needed at each stage of the project to get to that end result。 I remove my emotional attachment。 Then， I see if I have the skills or need an additional resource。"Evaluating alternativesQ: Describe a situation where you had multiple options to choose from。 How did you choose？A: Talk about trade-off analysis。Interpersonal skillsCan you share an example of the most difficult person you have ever worked with and how you handled your interactions with them？InnovationWhen was the last time you had to think "outside of the box"？Integrity• Describe a time you were asked to keep information confidential。• Tell me about a time when your trustworthiness was challenged and how you reacted。• Describe a time when you witnessed dishonesty in the workplace and how you handled it。Organizational responsibilitiesQ: Describe a time you had to make a difficult choice between your personal and professional life。A: Talk about what you sacrificed in your personal life。Q: How do you decide what is the top priority when you schedule your time？A: "I focus on what will be the most impactful project to the organization， especially to increase revenue or decrease expenses。"Q: What do you do when you experience interruptions to your planned schedule？A: "I adapt to the interruptions and reprioritize my tasks to ensure I'm focused on the most critical tasks that will have the biggest impact。"Final ThoughtsAt end of interview， ask if you've given enough info for them to make an offer。 If they say no， ask what other info they need。 。。。more