文章作者已掌握MITRE ATT&CK等基础框架,并希望了解网络威胁情报相关岗位的面试重点,包括技术分析(如IOC关联、恶意软件识别)、报告撰写与领导沟通能力,以及常见情景式问题(如追踪钓鱼活动)。作者寻求实际案例或技巧以展示分析思维能力。 2025-11-11 11:59:5 Author: www.reddit.com(查看原文) 阅读量:3 收藏
I’ve already brushed up on the basics frameworks like MITRE ATT&CK, Diamond Model, OSINT sources, and the difference between strategic/operational/tactical/technical intel.
But I’d like to know what real-world interview questions to expect.
-
Do they focus more on technical analysis (like pivoting from IOCs, malware family ID, enrichment workflows)?
-
Or more on analytic writing, reporting, and communication with leadership?
-
Any scenario-style or case-study questions that tend to come up (like “how would you track a phishing campaign”)?
I’d really appreciate examples from your own experience or tips for demonstrating good analytic thinking.
Thanks in advance trying to go in prepared and realistic, not just memorizing theory.
如有侵权请联系:admin#unsafe.sh