Infosys Information Security Engineer Interview Questions and Answers

Q1. What kind of vulnerability you came across
Ans. 
I came across a vulnerability in a web application that allowed for SQL injection attacks.
• Identified lack of input validation in user inputs

• Discovered that the application was directly executing user-supplied SQL queries

• Suggested implementing parameterized queries to prevent SQL injection

• Tested the vulnerability by attempting to inject SQL code through input fields
Answered by AI
Add your answer
Q2. What issues you face in management regarding reporting some security issues
Add your answer
Q3. Tcp vs UDP which one is better
Ans. 
It depends on the specific use case and requirements.
• TCP is reliable and ensures all data is delivered in order, but it can be slower due to the overhead of error-checking and retransmission.

• UDP is faster and more efficient for real-time applications like video streaming or online gaming, but it does not guarantee delivery or order of packets.

• Choose TCP for applications that require reliable data transmission, such as ...read more
Answered by AI
Add your answer
Q4. Hashing and its examples in real world
Ans. 
Hashing is a process of converting input data into a fixed-size string of bytes using a mathematical algorithm.
• Hashing is commonly used in password storage to securely store user passwords without storing the actual password.

• Hashing is used in digital signatures to ensure the integrity of the signed data.

• Blockchain technology uses hashing to create a secure and tamper-proof record of transactions.

• File integrity checks ...read more
Answered by AI
Add your answer
Q5. Pop3 and icmp what are work and port no.
Add your answer

Q1. Risk user analysis,table used for it
Add your answer
Q2. Mitre attack framework,different techniques
Ans. 
The MITRE ATT&CK framework is a knowledge base of adversary tactics and techniques based on real-world observations.
• MITRE ATT&CK provides a comprehensive list of techniques used by attackers to compromise systems.

• Techniques are categorized into tactics such as Initial Access, Execution, Persistence, etc.

• Examples of techniques include Spearphishing Attachment, Command and Scripting Interpreter, and Registry Run Keys / S
Answered by AI
Add your answer

Q1. Roles n responsibilities
Add your answer
Q2. Cyber kill chain and mitre attack
Add your answer

Q1. Basic HR questions
Add your answer

Very easy questions.And can be easily answered

Q1. What were your roles and responsibilities
Add your answer

All aptitude related questions they asked like quantity aptitude reasoning English

All coding related questions from C and java language

Q1. HR normal level questions about your self and your past experience about your family
Add your answer
Q2. About your self About your family Your past experience Why you choose hcl
Add your answer
Q3. Where you learn all these skills
Add your answer
Q4. About there traning
Add your answer

Q1. What is tcp/ip model
Ans. 
TCP/IP model is a networking protocol suite that defines how data is transmitted over a network.
• Consists of four layers: Application, Transport, Internet, Link

• Each layer has specific functions and protocols

• Example: TCP operates at the Transport layer, while IP operates at the Internet layer
Answered by AI
Add your answer

Q1. What is your strength
Add your answer

Q1. How many members in family
Add your answer

2+2÷2=3 and for the RAMANUJAM ji for mathematics theorem he gives us most dynamic and excellent way to define time travel also

Team leading nice behavior give party to team member

Project of cloud game

Q1. About sql and my sql
Add your answer

Q1. About informatica power center
Add your answer