Upload Button Icon Add office photos
Premium Employer

i

This company page is being actively managed by Deloitte Team. If you also belong to the team, you can get access from here

Deloitte Verified Tick

Compare button icon Compare button icon Compare
3.8

based on 16.9k Reviews

Proud winner of ABECA 2024 - AmbitionBox Employee Choice Awards

zig zag pattern zig zag pattern

Filter interviews by

Clear (1)

Deloitte Vapt Engineer Interview Questions, Process, and Tips

Updated 9 Aug 2023

Top Deloitte Vapt Engineer Interview Questions and Answers

View all 6 questions

Deloitte Vapt Engineer Interview Experiences

2 interviews found

Interview experience
3
Average
Difficulty level
Moderate
Process Duration
Less than 2 weeks
Result
Selected Selected

I applied via Approached by Company and was interviewed in Jul 2023. There were 3 interview rounds.

Round 1 - Resume Shortlist 
Pro Tip by AmbitionBox:
Keep your resume crisp and to the point. A recruiter looks at your resume for an average of 6 seconds, make sure to leave the best impression.
View all Resume tips
Round 2 - Technical 

(3 Questions)

  • Q1. What are SAST and DAST?
  • Ans. 

    SAST stands for Static Application Security Testing and DAST stands for Dynamic Application Security Testing.

    • SAST involves analyzing the application's source code or binary code for security vulnerabilities without executing the code.

    • DAST involves testing the application while it is running to identify security vulnerabilities by sending malicious input.

    • SAST is typically performed earlier in the development cycle while...

  • Answered by AI
  • Q2. What is Union-based SQL injection?
  • Ans. 

    Union-based SQL injection is a type of attack that allows an attacker to extract information from a database by using the UNION SQL operator.

    • Union-based SQL injection involves injecting a malicious SQL query that uses the UNION operator to combine the results of the original query with the attacker's query.

    • The attacker can use the UNION operator to retrieve data from other tables in the database, potentially accessing ...

  • Answered by AI
  • Q3. What is IDOR, DOM XSS, Nessus working?
  • Ans. 

    IDOR, DOM XSS, and Nessus are common security vulnerabilities and tools used in penetration testing.

    • IDOR stands for Insecure Direct Object Reference, where an attacker can access unauthorized data by manipulating object references.

    • DOM XSS (Cross-Site Scripting) is a type of XSS attack that occurs in the Document Object Model.

    • Nessus is a popular vulnerability scanner used in penetration testing to identify security vuln

  • Answered by AI
Round 3 - HR 

(1 Question)

  • Q1. Salary discussion and details about the previous company

Interview Preparation Tips

Interview preparation tips for other job seekers - be true and honest

Skills evaluated in this interview

locked

Unlock now! Rate your last interview experience

If you are a fresher, click here to continue

Interview experience
4
Good
Difficulty level
Moderate
Process Duration
2-4 weeks
Result
Selected Selected

I applied via LinkedIn and was interviewed in Jan 2023. There were 2 interview rounds.

Round 1 - Resume Shortlist 
Pro Tip by AmbitionBox:
Don’t add your photo or details such as gender, age, and address in your resume. These details do not add any value.
View all Resume tips
Round 2 - Technical 

(3 Questions)

  • Q1. What is XSS attack in security
  • Ans. 

    XSS (Cross-Site Scripting) is a type of security vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users.

    • XSS attacks can be used to steal sensitive information, such as login credentials or personal data.

    • Attackers can also use XSS to hijack user sessions, redirect users to malicious websites, or deface web pages.

    • There are three types of XSS attacks: stored, reflected, and DO...

  • Answered by AI
  • Q2. Can you explain different types of XSS
  • Ans. 

    XSS stands for Cross-Site Scripting. It is a type of security vulnerability that allows attackers to inject malicious scripts into web pages.

    • Reflected XSS: The injected script is embedded in the URL and executed when the victim visits the manipulated link.

    • Stored XSS: The injected script is permanently stored on the target server and executed whenever the vulnerable page is accessed.

    • DOM-based XSS: The vulnerability aris...

  • Answered by AI
  • Q3. Explain how is network VAPT conducted
  • Ans. 

    Network VAPT is conducted by identifying vulnerabilities in the network and testing its security measures.

    • The process involves identifying potential vulnerabilities in the network infrastructure

    • Penetration testing is conducted to simulate attacks and test the effectiveness of security measures

    • Vulnerability assessment is done to identify weaknesses in the network

    • The results are analyzed and recommendations are made to i...

  • Answered by AI

Interview Preparation Tips

Interview preparation tips for other job seekers - VAPT Jobs

Study basics of web application security

Skills evaluated in this interview

locked

Unlock now! Rate your last interview experience

If you are a fresher, click here to continue

Vapt Engineer Interview Questions Asked at Other Companies

asked in Deloitte
Q1. Can you explain different types of XSS
asked in PTC
Q2. 1. Diff Between CSRF and SSRF. 2. Types of XSS 3. DOM 4. XSS 5. I ... read more
asked in Deloitte
Q3. Explain how is network VAPT conducted
asked in Deloitte
Q4. What is IDOR, DOM XSS, Nessus working?
asked in Deloitte
Q5. What is Union-based SQL injection?
Contribute & help others!
anonymous
You can choose to be anonymous

Deloitte Interview FAQs

How many rounds are there in Deloitte Vapt Engineer interview?
Deloitte interview process usually has 2-3 rounds. The most common rounds in the Deloitte interview process are Resume Shortlist, Technical and HR.
What are the top questions asked in Deloitte Vapt Engineer interview?

Some of the top questions asked at the Deloitte Vapt Engineer interview -

  1. Can you explain different types of ...read more
  2. Explain how is network VAPT conduc...read more
  3. What is IDOR, DOM XSS, Nessus worki...read more

Recently Viewed

DESIGNATION

SALARIES

Century Mining

SALARIES

S B Packagings

SALARIES

Orient Components

Tell us how to improve this page.

People are getting interviews through

based on 2 Deloitte interviews
Job Portal
50%
50% candidates got the interview through other sources.
Moderate Confidence
?
Moderate Confidence means the data is based on a sufficient number of responses received from the candidates

Interview Questions from Similar Companies

TCS Interview Questions
3.7
 • 10.2k Interviews
Accenture Interview Questions
3.9
 • 8k Interviews
Capgemini Interview Questions
3.8
 • 4.7k Interviews
IBM Interview Questions
4.1
 • 2.4k Interviews
PwC Interview Questions
3.4
 • 1.4k Interviews
Ernst & Young Interview Questions
3.5
 • 1.1k Interviews
KPMG India Interview Questions
3.5
 • 779 Interviews
ZS Interview Questions
3.4
 • 467 Interviews
BCG Interview Questions
3.8
 • 193 Interviews
View all
Deloitte Vapt Engineer Salary
based on 4 salaries
₹4.3 L/yr - ₹8.5 L/yr
38% more than the average Vapt Engineer Salary in India
View more details
Consultant
32.8k salaries
unlock blur

₹6.2 L/yr - ₹23 L/yr

Senior Consultant
20.9k salaries
unlock blur

₹11 L/yr - ₹42 L/yr

Analyst
13.9k salaries
unlock blur

₹3.8 L/yr - ₹12.6 L/yr

Assistant Manager
9.9k salaries
unlock blur

₹7.7 L/yr - ₹24 L/yr

Manager
7k salaries
unlock blur

₹15.7 L/yr - ₹52 L/yr

Explore more salaries
Compare Deloitte with

Accenture

3.9
Compare

PwC

3.4
Compare

Ernst & Young

3.5
Compare

Cognizant

3.8
Compare

Calculate your in-hand salary

Confused about how your in-hand salary is calculated? Enter your annual salary (CTC) and get your in-hand salary
Did you find this page helpful?
Yes No
write
Share an Interview
Rate your experience using AmbitionBox
Terrible
Terrible
Poor
Poor
Average
Average
Good
Good
Excellent
Excellent