Ernst & Young Senior Security Consultant Interview Questions and Answers

Q1. Technical questions on build and operations
Add your answer

Q1. Managerial question and communication skills
Add your answer

Asked about Reasoning, English, Computer networks, Database Management system, Electronics

15 min discussion on any topic given on the spot, 1 min for thinking

Q1. What do you know about Cloud Computing?
Ans. 
Cloud computing is the delivery of computing services over the internet, including servers, storage, databases, networking, software, analytics, and intelligence.
• Cloud computing allows users to access and store data and applications on remote servers instead of on their local devices.

• It offers scalability, flexibility, cost-effectiveness, and the ability to access resources from anywhere with an internet connection.

• Exa...read more
Answered by AI
Add your answer
Q2. OOPs concepts and examples
Ans. 
OOPs concepts refer to Object-Oriented Programming principles like inheritance, encapsulation, polymorphism, and abstraction.
• Inheritance: Allows a class to inherit properties and behavior from another class.

• Encapsulation: Bundling data and methods that operate on the data into a single unit.

• Polymorphism: Ability to present the same interface for different data types.

• Abstraction: Hiding the complex implementation detail
Answered by AI
Add your answer
Q3. SQL queries like Joins and Selection
Add your answer

Q1. Explain interesting incident you handled
Add your answer
Q2. Log sources - to hunt for threats
Ans. 
Log sources are essential for hunting threats in a network environment.
• Collect logs from network devices such as firewalls, routers, and switches.

• Utilize logs from endpoint security solutions like antivirus and EDR tools.

• Incorporate logs from servers, including authentication logs and system logs.

• Monitor logs from cloud services and applications for any suspicious activities.

• Analyze logs from SIEM solutions to correlat
Answered by AI
Add your answer

They ask questions based on security

Q1. What is injection
Ans. 
Injection is a technique used to introduce code or data into a computer program or system.
• Injection is commonly used in cyber attacks to exploit vulnerabilities in software.

• Types of injection include SQL injection, cross-site scripting (XSS), and command injection.

• Injection attacks can lead to unauthorized access, data theft, and system compromise.
Answered by AI
Add your answer
Q2. Type of injection
Ans. 
SQL injection is a type of injection attack that allows an attacker to execute malicious SQL statements.
• SQL injection involves inserting malicious SQL code into input fields of a web application

• Attackers can manipulate databases, steal data, and even delete or modify records

• Examples include entering ' OR '1'='1' into a login form to bypass authentication
Answered by AI
Add your answer

About a rat that can exfoliate the system and also mirte attack

Assembly language with little python