Siber Güvenlik Uzmanı - Teknik Sorular

Siber Güvenlik Uzmanı 10 soru 06.04.2026
Bu sorular ve cevaplar genel bilgilendirme ve mülakat hazırlık amaçlıdır. Gerçek mülakat sorularını yansıtmaz.
1

Penetration testing methodology'nüz nedir?

Methodology: 1) Reconnaissance (OSINT, footprinting), 2) Scanning (Nmap, vulnerability scan), 3) Exploitation (Metasploit, custom exploits), 4) Post-exploitation (Privilege escalation, lateral movement), 5) Reporting (Executive, technical). Tools: Burp Suite, Nessus, Wireshark. Types: Black box, white box, gray box.
2

Vulnerability scanning nasıl yaparsınız? Remediation prioritization?

Tools: Nessus, OpenVAS, Qualys. Scoping: External (internet-facing), internal (corporate network). Frequency: Weekly automated, quarterly comprehensive. Prioritization: CVSS score, exploit availability, asset criticality. Remediation: Patch management, configuration hardening, compensating controls.
3

Web application security testing deneyiminiz?

Testing: OWASP testing guide, DAST (Burp Suite, OWASP ZAP), SAST (SonarQube, Checkmarx). Common vulnerabilities: SQL injection, XSS, CSRF, authentication bypass. Secure coding: Input validation, output encoding, parameterized queries. WAF configuration.
4

Network security tools kullanım deneyiminiz?

Firewall: Cisco ASA, Palo Alto, iptables. IDS/IPS: Snort, Suricata. SIEM: Splunk, ELK, QRadar. EDR: CrowdStrike, SentinelOne. Packet analysis: Wireshark, tcpdump. Network monitoring: Nagios, Zabbix. Log management: Graylog, Fluentd.
5

Cryptographic applications nelerdir? Encryption best practices?

Applications: Data at rest (disk encryption, database encryption), data in transit (TLS/SSL), data in use (enclaves). Best practices: Strong algorithms (AES-256, RSA-4096), key management (HSM, KMS), certificate management (PKI), forward secrecy. Avoid: Roll-your-own crypto, deprecated algorithms (MD5, SHA1).
6

Identity and Access Management (IAM) nasıl yönetirsiniz?

IAM framework: 1) Identity lifecycle (provisioning, deprovisioning), 2) Authentication (MFA, SSO), 3) Authorization (RBAC, ABAC), 4) Privileged access (PAM, least privilege). Tools: Azure AD, Okta, Active Directory. Reviews: Quarterly access reviews, certification campaigns.
7

Cloud security experience'ınız nedir? AWS/Azure/GCP?

Cloud security: IAM policies, security groups, VPC configuration, encryption at rest/transit. AWS: Security Hub, GuardDuty, Macie. Azure: Security Center, Sentinel. GCP: Security Command Center. Shared responsibility model understanding. Container security (EKS, AKS, GKE).
8

Malware analysis yapar mısınız? Hangi teknikler kullanırsınız?

Techniques: Static analysis (file structure, strings, disassembly), dynamic analysis (sandbox execution, behavior monitoring). Tools: IDA Pro, Ghidra, x64dbg, Cuckoo Sandbox, VirusTotal. Evasion detection: Obfuscation, packing, anti-analysis. Incident response integration.
9

Security architecture design experience'ınız?

Design principles: Zero trust, defense in depth, least privilege. Patterns: DMZ, network segmentation, secure SDLC. Technologies: Next-gen firewall, WAF, DLP, CASB, SASE. Documentation: Architecture diagrams, data flow diagrams, threat models.
10

Automation ile repetitive tasks nasıl automate edersiniz?

Automation: Security orchestration (SOAR), custom scripts (Python, Bash). Use cases: User provisioning, incident response, vulnerability management, compliance reporting. Tools: Ansible, Cortex XSOAR, Splunk SOAR. CI/CD integration: Security as code, policy-as-code.