Upload Button Icon Add office photos

Accenture

Compare button icon Compare button icon Compare

Filter interviews by

Clear (1)

Accenture Security Engineer Interview Questions, Process, and Tips

Updated 7 Jul 2024

Top Accenture Security Engineer Interview Questions and Answers

View all 25 questions

Accenture Security Engineer Interview Experiences

8 interviews found

Interview experience
5
Excellent
Difficulty level
Moderate
Process Duration
2-4 weeks
Result
-

I applied via Naukri.com and was interviewed in Jun 2024. There was 1 interview round.

Round 1 - Technical 

(2 Questions)

  • Q1. What is DDos attack
  • Ans. 

    DDoS attack is a malicious attempt to disrupt normal traffic of a targeted server or network by overwhelming it with a flood of internet traffic.

    • DDoS stands for Distributed Denial of Service

    • Attackers use multiple compromised systems to flood the target with traffic

    • Goal is to make the target server or network unavailable to legitimate users

    • Common types include UDP flood, SYN flood, and HTTP flood

    • Examples: Mirai botnet a...

  • Answered by AI
  • Q2. Tell me your roles
  • Ans. 

    As a Security Engineer, my roles include designing and implementing security measures, conducting security assessments, monitoring for security breaches, and responding to incidents.

    • Designing and implementing security measures to protect systems and data

    • Conducting security assessments to identify vulnerabilities and risks

    • Monitoring for security breaches and unauthorized access

    • Responding to security incidents and implem

  • Answered by AI

Security Engineer Interview Questions & Answers

user image Safal upadhaya

posted on 14 Jun 2024

Interview experience
4
Good
Difficulty level
-
Process Duration
-
Result
-
Round 1 - Technical 

(1 Question)

  • Q1. How registry patch is pushed when the machine is vulnerable?
  • Ans. 

    Registry patches can be pushed using patch management tools like SCCM or WSUS, or manually through Group Policy or scripts.

    • Use patch management tools like SCCM or WSUS to push registry patches automatically

    • Manually push registry patches through Group Policy or scripts

    • Ensure proper testing before pushing patches to avoid any issues

  • Answered by AI

Skills evaluated in this interview

Security Engineer Interview Questions Asked at Other Companies

asked in Synopsys
Q1. 1. What is Cryptography? Cryptography is the practice and study o ... read more
asked in Accenture
Q2. Give a practical example of Broken Authentication & authorisa ... read more
Q3. What is more important to you procedure or end goal ?
Q4. Tell any standard used for security testing of APIs and Web Appli ... read more
Q5. Which technologies or languages you have knowledge about
Interview experience
5
Excellent
Difficulty level
-
Process Duration
-
Result
-
Round 1 - Technical 

(1 Question)

  • Q1. Tell me about yourself

I applied via Naukri.com and was interviewed in Jun 2021. There were 3 interview rounds.

Interview Questionnaire 

22 Questions

  • Q1. What is the approach of your WAPT?
  • Ans. 

    Our WAPT approach involves a comprehensive testing methodology to identify and address vulnerabilities in web applications.

    • We use a combination of automated and manual testing techniques

    • We prioritize vulnerabilities based on their severity and potential impact

    • We work closely with development teams to ensure timely remediation

    • We conduct regular retesting to ensure vulnerabilities have been properly addressed

  • Answered by AI
  • Q2. What are scops are there?
  • Ans. 

    Scopes refer to the boundaries or limits of a particular security system or protocol.

    • Scopes define the extent of access or control that a user or system has within a security system.

    • Scopes can be defined by user roles, permissions, or other criteria.

    • Examples of scopes include network access, file permissions, and application privileges.

  • Answered by AI
  • Q3. Explain the concept of Bruit forcing?
  • Ans. 

    Brute forcing is a method of guessing a password or encryption key by trying all possible combinations.

    • Brute forcing is a trial-and-error method used to crack passwords or encryption keys.

    • It involves trying all possible combinations until the correct one is found.

    • This method can be time-consuming and resource-intensive.

    • Brute forcing can be used for both online and offline attacks.

    • Examples of tools used for brute forcin

  • Answered by AI
  • Q4. What is CSRF? Where you used it... Basically practical Scenario
  • Q5. Explain the scenario & What u do with CSRF Vulnerability
  • Ans. 

    CSRF vulnerability allows attackers to perform actions on behalf of a user without their consent.

    • CSRF attacks can be prevented by implementing CSRF tokens

    • The token is generated by the server and included in the form or URL

    • When the form is submitted, the token is verified to ensure it matches the one generated by the server

    • If the token is invalid, the request is rejected

    • CSRF vulnerabilities can be exploited to perform a...

  • Answered by AI
  • Q6. What is XSS? Type of that.
  • Ans. 

    XSS stands for Cross-Site Scripting. It is a type of security vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users.

    • XSS attacks can be classified into three types: Stored, Reflected, and DOM-based.

    • Attackers can use XSS to steal sensitive information, such as login credentials or session tokens.

    • Preventing XSS requires input validation, output encoding, and proper use of sec...

  • Answered by AI
  • Q7. Explain the concept of XSS.
  • Ans. 

    XSS stands for Cross-Site Scripting. It is a type of security vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users.

    • XSS attacks can be used to steal sensitive information, such as login credentials or personal data.

    • Attackers can also use XSS to hijack user sessions, redirect users to malicious websites, or deface web pages.

    • XSS vulnerabilities can be prevented by properly s...

  • Answered by AI
  • Q8. Write a basic XSS payload
  • Ans. 

    A basic XSS payload is a script injected into a website to execute malicious code on a victim's browser.

    • Use the

  • Answered by AI
  • Q9. What is SQL Injection? Type?
  • Ans. 

    SQL Injection is a type of cyber attack where malicious SQL statements are inserted into an entry field to manipulate a database.

    • Attackers use SQL Injection to gain unauthorized access to sensitive data

    • It can be prevented by using parameterized queries and input validation

    • Types include In-band, Inferential, and Out-of-band

    • Examples of SQL Injection attacks include UNION-based and Error-based attacks

  • Answered by AI
  • Q10. Write a SQL Payload, other than basic. Explain the payload
  • Ans. 

    SQL Payload to extract sensitive data from a database

    • Use UNION SELECT to combine data from different tables

    • Use subqueries to extract specific data

    • Use SQL injection to bypass authentication and access data

    • Use ORDER BY to sort data in a specific way and extract specific data

    • Use GROUP BY to group data and extract specific data

  • Answered by AI
  • Q11. How can broken authorisation vulnerability be extended
  • Ans. 

    Broken authorization vulnerability can be extended by exploiting other vulnerabilities or by using stolen credentials.

    • Exploiting other vulnerabilities such as SQL injection or cross-site scripting to gain unauthorized access

    • Using stolen credentials to bypass authorization checks

    • Exploiting misconfigured access controls to gain elevated privileges

    • Using brute force attacks to guess valid credentials

    • Exploiting session mana

  • Answered by AI
  • Q12. Give a practical example of Broken Authentication & authorisation? How u will exploit that?
  • Ans. 

    Broken authentication & authorization is when an attacker gains access to a user's account or system without proper credentials.

    • An attacker can exploit this by guessing or stealing a user's login credentials.

    • They can also use brute force attacks to crack weak passwords.

    • Another way is to exploit vulnerabilities in the authentication process, such as session hijacking or cookie theft.

    • Once the attacker gains access, they ...

  • Answered by AI
  • Q13. What have you done in API Security?
  • Ans. 

    Implemented various security measures in API development and testing.

    • Implemented authentication and authorization mechanisms such as OAuth2 and JWT.

    • Implemented rate limiting and throttling to prevent DDoS attacks.

    • Implemented input validation and output encoding to prevent injection attacks.

    • Conducted API penetration testing to identify vulnerabilities and remediate them.

    • Implemented encryption and decryption mechanisms t

  • Answered by AI
  • Q14. Which kind of api you are tested?
  • Ans. 

    I have tested various kinds of APIs including REST, SOAP, GraphQL, and more.

    • I have experience testing REST APIs which use HTTP methods like GET, POST, PUT, DELETE.

    • I have also tested SOAP APIs which use XML for data exchange.

    • I have worked with GraphQL APIs which allow clients to specify the data they need.

    • I am familiar with testing APIs that use authentication and authorization mechanisms.

    • I have tested APIs that integra...

  • Answered by AI
  • Q15. What type of vulnerabilities are over there?
  • Ans. 

    There are various types of vulnerabilities such as SQL injection, cross-site scripting, buffer overflow, etc.

    • SQL injection: attackers inject malicious SQL code to gain unauthorized access to the database

    • Cross-site scripting: attackers inject malicious scripts into a website to steal user data

    • Buffer overflow: attackers exploit a program's buffer to execute malicious code

    • Other types include CSRF, DoS, and privilege escal...

  • Answered by AI
  • Q16. Explain one of the vulnerabilities from OWASP API top 10?
  • Ans. 

    Broken Object Level Authorization (BOLA) is a vulnerability where an attacker can access unauthorized data by manipulating object references.

    • BOLA occurs when an application fails to enforce proper access controls on object references.

    • Attackers can exploit BOLA to access sensitive data or functionality by manipulating object references.

    • Examples of BOLA include accessing other users' data, modifying data that should be r...

  • Answered by AI
  • Q17. What type of mobile application did u test?
  • Ans. 

    I have tested various types of mobile applications including social media, e-commerce, and banking apps.

    • I have tested social media apps like Facebook, Twitter, and Instagram

    • I have tested e-commerce apps like Amazon, Flipkart, and eBay

    • I have tested banking apps like Chase, Bank of America, and Wells Fargo

  • Answered by AI
  • Q18. What is your approach?
  • Q19. How to bypass ssl pinning?
  • Ans. 

    SSL pinning can be bypassed by modifying the app's code or using a tool to intercept and modify the SSL traffic.

    • Modify the app's code to disable SSL pinning

    • Use a tool like Frida or Cydia Substrate to intercept and modify SSL traffic

    • Use a man-in-the-middle attack to intercept and modify SSL traffic

    • Use a custom SSL certificate to bypass SSL pinning

    • Use a debugger to bypass SSL pinning

  • Answered by AI
  • Q20. What is the concept of frida?
  • Ans. 

    Frida is a dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.

    • Frida allows you to inject JavaScript or native code into an application to perform dynamic analysis.

    • It can be used to hook functions, intercept network traffic, and bypass SSL pinning.

    • Frida supports both iOS and Android platforms.

    • It can be used for both offensive and defensive security purposes.

  • Answered by AI
  • Q21. Write a commend of nmap? Now explain it
  • Ans. 

    nmap is a network exploration tool used to scan and map networks and identify open ports and services.

    • nmap can be used to identify hosts and services on a network

    • It can also be used to identify open ports and vulnerabilities

    • nmap can be used to perform ping scans, TCP scans, and UDP scans

    • It can also be used to perform OS detection and version detection

    • nmap can be used with various options and flags to customize the scan

  • Answered by AI
  • Q22. What is oX in nmap?
  • Ans. 

    oX in nmap is used to specify the IP protocol number to use for scanning.

    • oX is followed by the protocol number (e.g. oX1 for ICMP protocol)

    • It can be used with other nmap options like -sS or -sU

    • It is useful for scanning non-standard protocols

  • Answered by AI

Interview Preparation Tips

Interview preparation tips for other job seekers - The Interview was good. I meet a knowledgeable person. Try to give the practical experience of all the questions.

Skills evaluated in this interview

Accenture interview questions for designations

 Network Security Engineer

 (1)

 Senior Network Security Engineer

 (1)

 Security Analyst

 (3)

 Security Specialist

 (1)

 Cyber Security Analyst

 (5)

 Security Delivery Specialist

 (5)

 Senior Security Analyst

 (4)

 Information Security Analyst

 (4)

Round 1 - Technical 

(1 Question)

  • Q1. Data encryption DDOS Vs DOS type of attacks phishing SIEM process Splunk architecture

Interview Preparation Tips

Interview preparation tips for other job seekers - Be prepared don't try to cheat or read from your Laptop in case of an online exam. they have advanced features and tools they will catch

Get interview-ready with Top Accenture Interview Questions

I applied via Naukri.com and was interviewed in Dec 2021. There was 1 interview round.

Round 1 - One-on-one 

(1 Question)

  • Q1. What are secure software development frameworks? Which have you worked on?
  • Ans. 

    Secure software development frameworks are methodologies used to develop software with security in mind.

    • Secure software development frameworks are designed to integrate security into the software development process

    • They provide guidelines and best practices for secure coding, testing, and deployment

    • Examples include Microsoft's Security Development Lifecycle (SDL), OWASP's Software Assurance Maturity Model (SAMM), and N...

  • Answered by AI

Interview Preparation Tips

Interview preparation tips for other job seekers - Take ample amount of time to study the requirements in job description and perform thorough revision of your work mentioned in resume

Skills evaluated in this interview

Security Engineer Jobs at Accenture

View all

I applied via Naukri.com and was interviewed in Apr 2021. There was 1 interview round.

Interview Questionnaire 

2 Questions

  • Q1. Complete security testing performed throught SDLC life cycle
  • Ans. 

    Security testing should be performed at every stage of SDLC to ensure a secure product.

    • Security requirements should be defined at the planning stage

    • Threat modeling should be done during the design phase

    • Code review and vulnerability scanning should be done during the development phase

    • Penetration testing and security acceptance testing should be done during the testing phase

    • Security monitoring and incident response plann...

  • Answered by AI
  • Q2. OWASP top 10 with mitigation
  • Ans. 

    OWASP top 10 is a list of common web application vulnerabilities. Mitigation involves implementing security controls to prevent or reduce the impact of these vulnerabilities.

    • Injection attacks can be mitigated by input validation and parameterized queries

    • Cross-site scripting (XSS) can be mitigated by input validation and output encoding

    • Broken authentication and session management can be mitigated by implementing strong ...

  • Answered by AI

Interview Preparation Tips

Interview preparation tips for other job seekers - Study well

Skills evaluated in this interview

Interview Questionnaire 

2 Questions

  • Q1. Stupid Bengali Guy taking interview having no knowledge of himself.
  • Q2. How is covid treating you?

Interview questions from similar companies

Interview Preparation Tips

College Name: Vidyalankar Institute Of Technology

Interview Questionnaire 

11 Questions

  • Q1. Hobbies: Drawing. Asked about drawing and pencil shading. Draw in next 5 mins something great to impress me else rejected
  • Q2. Sketch my face
  • Q3. If you are told to do a job of a peon for the company will you?
  • Q4. Remove all the pcs from the lab and keep in other lab RIGHT NOW?
  • Ans. 

    Yes, I can remove all the pcs from the lab and keep them in another lab right now.

    • Ensure all the necessary equipment and tools are available for the move

    • Coordinate with the lab staff to ensure a smooth transition

    • Label and document each PC for easy identification and setup in the new lab

    • Ensure proper packaging and handling to prevent any damage during the move

  • Answered by AI
  • Q5. Impress me with your talents
  • Q6. If a person asks you on a construction site to pick up bricks will you?
  • Q7. How crazy are you?
  • Q8. Show me how crazy are you in next 5 mins?
  • Q9. Write down Fibonacci series and also explain pseudo code for it?
  • Ans. 

    Fibonacci series is a sequence of numbers where each number is the sum of the two preceding ones.

    • The first two numbers of the series are always 0 and 1

    • The next number is the sum of the previous two numbers

    • The series goes on infinitely: 0, 1, 1, 2, 3, 5, 8, 13, 21, 34, 55, 89, 144, ...

    • Pseudo code: 1. Initialize variables a=0, b=1, c=0 2. Print a and b 3. Repeat steps 4-6 until desired number of terms 4. c=a+b 5. Pr

  • Answered by AI
  • Q10. Write algorithm for matrix multiplication?
  • Ans. 

    Algorithm for matrix multiplication

    • Create a result matrix with dimensions of the two input matrices

    • Iterate through each row and column of the result matrix

    • For each element in the result matrix, multiply corresponding row in first matrix with corresponding column in second matrix

    • Add the products obtained in the previous step to get the final value for the element

  • Answered by AI
  • Q11. Explain your project and which algorithm you used in it. Why that algorithm?
  • Ans. 

    I worked on a project that involved sentiment analysis of customer reviews using Naive Bayes algorithm.

    • The project involved collecting customer reviews from various sources.

    • Preprocessing the data by removing stop words, stemming, and tokenizing.

    • Used Naive Bayes algorithm for sentiment analysis.

    • The algorithm was chosen because of its simplicity and effectiveness in text classification tasks.

    • The accuracy of the model was

  • Answered by AI

Interview Preparation Tips

Round: HR Interview
Experience: Confused

If they say do you have any questions?
NEVER ASK about your performance in that round.

Round: Technical Interview
Experience: Good
Tips: Interview depends on your basic knowledge

Skills: Presence Of Mind, Technical Skills, Analytical Skills
College Name: Vidyalankar Institute Of Technology
Motivation: Got rejected for TCS aptitude.
Funny Moments: Whole HR interview

Skills evaluated in this interview

Contribute & help others!
anonymous
You can choose to be anonymous

Accenture Interview FAQs

How many rounds are there in Accenture Security Engineer interview?
Accenture interview process usually has 1 rounds. The most common rounds in the Accenture interview process are Technical and One-on-one Round.
How to prepare for Accenture Security Engineer interview?
Go through your CV in detail and study all the technologies mentioned in your CV. Prepare at least two technologies or languages in depth if you are appearing for a technical interview at Accenture. The most common topics and skills that interviewers at Accenture expect are Information Security, SIEM, Vulnerability Assessment, Network Security and Information Technology.
What are the top questions asked in Accenture Security Engineer interview?

Some of the top questions asked at the Accenture Security Engineer interview -

  1. Give a practical example of Broken Authentication & authorisation? How u will e...read more
  2. What is the approach of your WA...read more
  3. Explain the scenario & What u do with CSRF Vulnerabil...read more

Tell us how to improve this page.

Accenture Security Engineer Interview Process

based on 3 interviews

1 Interview rounds

  • Technical Round
View more
Accenture Security Engineer Salary
based on 80 salaries
Lock Unlock
₹3.7 L/yr - ₹12 L/yr
10% less than the average Security Engineer Salary in India
View more details

Accenture Security Engineer Reviews and Ratings

based on 8 reviews

4.6/5

Rating in categories

4.2

Skill development

4.5

Work-life balance

4.4

Salary

4.8

Job security

4.6

Company culture

4.4

Promotions

4.2

Work satisfaction

Explore 8 Reviews and Ratings
Security Engineer

Bangalore / Bengaluru

7-9 Yrs

Not Disclosed

Security Engineer

Bangalore / Bengaluru

7-12 Yrs

Not Disclosed

Security Engineer

Bangalore / Bengaluru

2-4 Yrs

₹ 4.85-6.8 LPA

Explore more jobs
Application Development Analyst
38.9k salaries
unlock blur Lock Unlock

₹0 L/yr - ₹0 L/yr

Application Development - Senior Analyst
26.9k salaries
unlock blur Lock Unlock

₹0 L/yr - ₹0 L/yr

Team Lead
24.3k salaries
unlock blur Lock Unlock

₹0 L/yr - ₹0 L/yr

Senior Software Engineer
18.1k salaries
unlock blur Lock Unlock

₹0 L/yr - ₹0 L/yr

Senior Analyst
17.4k salaries
unlock blur Lock Unlock

₹0 L/yr - ₹0 L/yr

Explore more salaries
Compare Accenture with

TCS

3.7
Compare

Cognizant

3.7
Compare

Capgemini

3.7
Compare

Infosys

3.6
Compare
Did you find this page helpful?
Yes No
write
Share an Interview