How do you typically gain initial access to a target network?
During authorized engagements, I prioritize agreed-upon entry vectors and the path of least resistance—commonly social engineering simulations, validation of exposure in internet-facing systems, and assessment of identity/SaaS misconfigurations.
What are the most effective modern methods for gaining initial access?
Modern engagements frequently see identity-focused tradecraft succeed: credential- and session-based compromise, abuse of weak enrollment/recovery workflows, and compromise of unmanaged or lightly monitored assets and third-party/SaaS pathways.
What is the difference between phishing, spear phishing, and whaling?
Phishing is broad, high-volume messaging. Spear phishing is tailored to a specific person/team or organization. Whaling targets senior executives using deeper context and personalization.
How can an attacker exploit vulnerable services to gain access?
Attackers commonly abuse known, patchable weaknesses in externally exposed services when organizations lag on updates and hardening—especially where asset inventory and change control are incomplete.
Describe a high-impact social engineering scenario for initial access.
An attacker impersonates a trusted internal function (e.g., IT support) and pressures a user to take an authentication-related action, leveraging urgency and authority to bypass normal caution.
-
Kerberos5
-
Cobalt Strike Interview Questions31
-
Initial Access Interview Questions5
-
Red Team Core Concepts10
-
Red Team Interview Questions (General)10
-
Active Directory Interview Questios5
-
C and C++ Interview Questions5
-
PowerShell Interview Questions5
-
Windows Internals Interview Questions5
-
NTLM Interview Questions5
-
Difference between Windows APIs and DLLs5
-
Evasion Interview Questions5
-
Malware Interview Questions5
-
Privilege Escalation Interview Questions5
-
Post-Exploitation and Lateral Movement Interview Questions5
