Post

Cybersecurity Interview Questions

Posted
By Ivan Arias
3 min read

Where does Linux store its logs?

Linux typically stores its logs in the /var/log directory. Some common log files found there include:

  • /var/log/syslog or /var/log/messages for general system logs.
  • /var/log/auth.log for authentication logs.
  • /var/log/kern.log for kernel logs.
  • /var/log/dmesg for boot messages.
  • /var/log/apt for logs related to package installations (on Debian-based systems).

Which Linux command do you love the most? Why?

One of my favorite Linux commands is grep. It is incredibly powerful for searching through text. Whether you’re looking for specific patterns in log files, configuration files, or any other text files, grep is versatile and efficient. The ability to combine it with other commands using pipes makes it even more powerful.

How would you read a file in the Linux terminal?

To read a file in the Linux terminal, you can use several commands such as:

  • cat filename to display the entire file.
  • less filename to view the file one page at a time.
  • more filename similar to less, but with fewer features.
  • tail -n 10 filename to view the last 10 lines of the file.
  • head -n 10 filename to view the first 10 lines of the file.

Tell me about the last time you analyzed logs in Linux for security issues or fun.

The last time I analyzed logs in Linux for security issues was when I was troubleshooting a potential unauthorized access attempt. I used grep to search for unusual login attempts in the /var/log/auth.log file. By filtering for failed login attempts and reviewing the IP addresses, I identified several suspicious patterns, which I then blocked using iptables.

What is bash?

Bash (Bourne Again SHell) is a Unix shell and command language written as a free software replacement for the Bourne shell. It is widely used as the default login shell for most Linux distributions and macOS. Bash can execute commands read from the standard input or from a file and provides features such as scripting capabilities, command history, and tab completion.

Which Linux distribution do you like the most?

My favorite Linux distribution is Ubuntu. It is user-friendly, has excellent community support, and is based on Debian, making it stable and reliable. Ubuntu also has a vast repository of software packages, which makes it easy to install and manage software.

What is the difference between Linux, Unix, and GNU?

  • Linux: A kernel that is the core part of the operating system. It manages hardware resources and provides essential services to other software.
  • Unix: A family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix. Unix systems are known for their stability and robustness.
  • GNU: A free software project initiated by Richard Stallman to create a complete Unix-like operating system composed entirely of free software. GNU stands for “GNU’s Not Unix.” The combination of GNU software and the Linux kernel results in a fully functional operating system, often referred to as GNU/Linux.

My Linux server keeps losing network connectivity. How do I troubleshoot this?

To troubleshoot network connectivity issues on a Linux server, you can follow these steps:

  1. Check the network interface: Use ip a or ifconfig to ensure the network interface is up and has an IP address.
  2. Ping the gateway: Use ping <gateway-ip> to check if you can reach the gateway.
  3. Check DNS resolution: Use nslookup or dig to verify DNS resolution.
  4. Review network configuration: Check /etc/network/interfaces or /etc/netplan/*.yaml (depending on your distribution) for any misconfigurations.
  5. Check logs: Review /var/log/syslog or /var/log/messages for any relevant network error messages.
  6. Restart network services: Use systemctl restart networking or systemctl restart NetworkManager.
  7. Check firewall settings: Use iptables -L to review firewall rules that might be blocking traffic.

Where do you get your security news from?

I get my security news from a variety of sources, including:

  • Websites: Ars Technica, Bleeping Computer, and Krebs on Security.
  • Newsletters: The Hacker News, SANS NewsBites.
  • Forums and communities: Reddit (r/netsec), Stack Exchange (Information Security).
  • Podcasts: Security Now, Darknet Diaries.
  • Social Media: Following security experts on Twitter and LinkedIn.

Videos

Basic Linux Questions

The grep Command

General (Technical and non Technical) questions.

Cybersecurity, Interview
questions
This post is licensed under CC BY 4.0 by the author.