Blog Archives
1 2

10 Encryption and Decryption interview Q&As

Q1. What do you understand by the terms encryption and decryption? A1. Encryption is the process of converting clear data (e.g. database password, credit card number, etc) to incomprehensible cyberyext like …



12 Kerberos interview Q&As

Q1. What is kerberos? A1. Kerberos is a network authentication protocol designed to provide strong authentication for client/server applications by means of secret-key cryptography. Kerberos ensures the highest level of security …



15 Security key area interview Q&A for Java developers

Q1. Can you provide a high level overview of the “access control security” in a recent application you had worked? A1. As shown below, SiteMinder is configured to intercept the calls …



6 Authentication Protocols Interview Q&As – LDAP, Kerberos, OAuth2 & SAML

Q1. Why are there so many security terminologies & standards compared to tradional security systems? A1. In traditional authentication (i.e. identify yourself) / authorisation (i.e. do you have access to a …



6 LDAP Interview Q&As

Q1. What is an LDAP server? And what is it used for in an enterprise environment? A1. LDAP stands for Lightweight Directory Access Protocol. This is an extensible open network protocol …



AWS Web Application Security Q&As

Below questions are based on the above diagram, and extends AWS Q&As on VPC, Subnets, Availability Zones, VPN, Route tables, NACLs & Security Groups & 15+ AWS Services overview interview Q&As. …



Debugging java.security.cert.CertificateException: Certificates do not conform to algorithm constraints

Why? You may have a certificate with SHA1RSA key size less than 1024 bits or you have a certificate in your chain that uses MD2RSA.

Explanation? MD2 was widely recognized as …



Debugging SSL issues in Java & tools to debug

Q1. What are some of the issues you encounter with SSL handshake? A1. Some of the issues you try to debug are Presence of a valid certificate in trust store Incorrect …



HTTP Basic Authentication Interview Q&A for Java developers & architects

Q1. What do you understand by the term “HTTP Basic Authentication”? A1. HTTP Basic authentication is the simplest “access controls” technique for web resources like RESTful web service call. It doesn’t …



Injection attack prevention Q&A

Q1. What are the different types of injection security vulnerabilities? A1. SQL Injection, Log Injection, HTTP Response Splitting, XPath Query injection, and LDAP injection. Q2. What is an SQL injection vulnerability, …



Preventing XSS attacks in Java

Cross Site Scripting (XSS) is one of the most common security problems in today’s web applications, and the second most common is the SQL injection attack. Both account for ~ 70% …



Security holes & how to fix them interview Q&A

Security is of paramount importance to any application or website. Applications with security vulnerabilities can not only tarnish the reputation of a company, but also can adversely impact the bottom-line of …



Session Hijacking prevention Questions & Answers

Q1. Does the following code pose any security risk? if yes, how will you fix it?



1 2

300+ Java Interview FAQs

800+ Java Interview Q&As

Top