What follows is a list of techniques for vetting candidates in Information Security (InfoSec / Cybersecurity). The list and approach has evolved over the years, as I think it should, and I think it represents a good balance between technical content and the philosophy around desired answers.
Recommended by Swift on Security @SwiftOnSecurity
Easily Report Phishing and Malware
This is how you can strike back at criminals sending phishing spam – by getting their webpages on blacklists. Blocking their sites helps protect other people and helps researchers trying to stop this. Sites can be blocked within 15 minutes of your report, but you may not immediately see it.
Penetration Testing Execution Standard (PTES)
“The penetration testing execution standard consists of seven (7) main sections. These cover everything related to a penetration test – from the initial communication and reasoning behind a pentest, through the intelligence gathering and threat modeling phases where testers are working behind the scenes in order to get a better understanding of the tested organization, through vulnerability research, exploitation and post exploitation, where the technical security expertise of the testers come to play and combine with the business understanding of the engagement, and finally to the reporting, which captures the entire process, in a manner that makes sense to the customer and provides the most value to it.”
In Windows Server’s, if you wanted to capture network packets (for those coming from a Unix background, Packet sniffer or protocol analyzer, or TCPDump), you would have to install an add-on such as Network Monitor (Netmon) or Wireshark (used to be known as Ethereal). In order to install these products, you would have to go thru a change control process.
Starting with Windows 7 and Windows Server 2008 R2, network capture has been built-in and native to the Windows O.S.