Q1. What do you understand by the terms encryption and decryption? A1. Encryption is the process of converting clear data (e.g. database password, credit card number, etc) to incomprehensible cyberyext like …
Q1. What do you understand by the terms encryption and decryption? A1. Encryption is the process of converting clear data (e.g. database password, credit card number, etc) to incomprehensible cyberyext like …
Q1. What is kerberos? A1. Kerberos is a network authentication protocol designed to provide strong authentication for client/server applications by means of secret-key cryptography. Kerberos ensures the highest level of security …
Q1. Can you provide a high level overview of the “access control security” in a recent application you had worked? A1. As shown below, SiteMinder is configured to intercept the calls …
Q1. Why are there so many security terminologies & standards compared to tradional security systems? A1. In traditional authentication (i.e. identify yourself) / authorisation (i.e. do you have access to a …
Q1. What is an LDAP server? And what is it used for in an enterprise environment? A1. LDAP stands for Lightweight Directory Access Protocol. This is an extensible open network protocol …
Below questions are based on the above diagram, and extends AWS Q&As on VPC, Subnets, Availability Zones, VPN, Route tables, NACLs & Security Groups & 15+ AWS Services overview interview Q&As. …
Why? You may have a certificate with SHA1RSA key size less than 1024 bits or you have a certificate in your chain that uses MD2RSA.
Explanation? MD2 was widely recognized as …
Q1. What are some of the issues you encounter with SSL handshake? A1. Some of the issues you try to debug are Presence of a valid certificate in trust store Incorrect …
Q1. What do you understand by the term “HTTP Basic Authentication”? A1. HTTP Basic authentication is the simplest “access controls” technique for web resources like RESTful web service call. It doesn’t …
Q1. What are the different types of injection security vulnerabilities? A1. SQL Injection, Log Injection, HTTP Response Splitting, XPath Query injection, and LDAP injection. Q2. What is an SQL injection vulnerability, …
Cross Site Scripting (XSS) is one of the most common security problems in today’s web applications, and the second most common is the SQL injection attack. Both account for ~ 70% …
Security is of paramount importance to any application or website. Applications with security vulnerabilities can not only tarnish the reputation of a company, but also can adversely impact the bottom-line of …