Blog Archives
1 2

10 Encryption and Decryption interview Q&As

Q1. What do you understand by the terms encryption and decryption? A1. Encryption is the process of converting clear data (e.g. database password, credit card number, etc) to incomprehensible cyberyext like “š£”Œz_fÓe©ˆ»[” by applying mathematical transformations. These transformations are known as encryption algorithms and require an encryption key.

Read more ...


12 Kerberos interview Q&As

Q1. What is kerberos? A1. Kerberos is a network authentication protocol designed to provide strong authentication for client/server applications by means of secret-key cryptography. Kerberos ensures the highest level of security to network resources. Q2. What are the 3 key components of Kerberos? A2. Kerberos in greek mythology means 3…

Read more ...


15 Security key area interview Q&A for Java developers

Q1. Can you provide a high level overview of the “access control security” in a recent application you had worked? A1. As shown below, SiteMinder is configured to intercept the calls to authenticate the user. Once the user is authenticated, a HTTP header “SM_USER” is added with the authenticated user…

Read more ...


6 Authentication Protocols Interview Q&As – LDAP, Kerberos, OAuth2 & SAML

Q1. Why are there so many security terminologies & standards compared to tradional security systems? A1. In traditional authentication (i.e. identify yourself) / authorisation (i.e. do you have access to a specific resource?), each application had its own separate database to store authentication credentials like user names, groups, etc and…

Read more ...


6 LDAP Interview Q&As

Q1. What is an LDAP server? And what is it used for in an enterprise environment? A1. LDAP stands for Lightweight Directory Access Protocol. This is an extensible open network protocol standard that provides access to distributed directory services. LDAP is an Internet standard for directory services that run on…

Read more ...


AWS Web Application Security Q&As

Below questions are based on the above diagram, and extends AWS Q&As on VPC, Subnets, Availability Zones, VPN, Route tables, NACLs & Security Groups & 15+ AWS Services overview interview Q&As. Q1. What is the purpose WAF in AWS? A1. The purpose of AWS WAF (i.e. Web Application Firewall) is…

Read more ...


Connecting DBeaver to Databases with Kerberos security & SSL

DBeaver is a universal tool to access any database or cloud application that has an ODBC or JDBC Driver such as MySQL, Oracle, Salesforce, Hive, Impala, Teradata, Redshift, Snowflake, etc. SQL Databases like Impala & Hive are secured with Kerberos & SSL. This post discusses how you can access an Impala or Hive database that is secured with Kerberos & SQL security from DBeaver.… Read more ...



Debugging java.security.cert.CertificateException: Certificates do not conform to algorithm constraints

Why? You may have a certificate with SHA1RSA key size less than 1024 bits or you have a certificate in your chain that uses MD2RSA.

Explanation? MD2 was widely recognized as insecure and thus disabled in Java in version JDK 7 onwards. If you check the “java.security” file under “$JAVA_HOME/jre/lib/security”, you will see a line as shown below. This means disable MD2 for all and RSA for certs with key size less than 1024 bits.… Read more ...



Debugging SSL issues in Java & tools to debug

Q1. What are some of the issues you encounter with SSL handshake?
A1. Some of the issues you try to debug are

  • Presence of a valid certificate in trust store
  • Incorrect certificate chains in the client or server truststore
  • Invalid key algorithm used for private keys
  • Expired certificate
  • Incorrect passwords used to access the keys
  • Multiple private keys to choose from

Q2.Read more ...



HTTP Basic Authentication Interview Q&A for Java developers & architects

Q1. What do you understand by the term “HTTP Basic Authentication”? A1. HTTP Basic authentication is the simplest “access controls” technique for web resources like RESTful web service call. It doesn’t require cookies, session identifier and login pages. You need to pass just username and password to the resource. If…

Read more ...


1 2

Java Developer & Architect Q&As

Big Data Engineer & Architect Q&As

16+ Key Areas & 13+ Techs to fast-track