Filter interviews by
I applied via Referral and was interviewed in Apr 2023. There were 4 interview rounds.
My forte in security lies in network security, penetration testing, and incident response.
Specialize in network security protocols and technologies
Skilled in conducting penetration tests to identify vulnerabilities
Experienced in responding to security incidents and mitigating risks
Certifications such as CISSP, CEH, or OSCP demonstrate expertise
I have knowledge in technologies such as Python, Java, C++, Linux, and network security.
Python
Java
C++
Linux
Network Security
Pentesting methodology is a systematic approach used to identify and exploit vulnerabilities in a system to improve security.
1. Reconnaissance: Gather information about the target system.
2. Scanning: Identify open ports and services on the target system.
3. Gaining access: Exploit vulnerabilities to gain access to the system.
4. Maintaining access: Maintain access to the system for further testing.
5. Covering tracks: Rem...
OWASP is a standard used for security testing of APIs and Web Applications
OWASP Top 10 is a widely recognized standard for web application security
OWASP API Security Top 10 provides guidelines for securing APIs
OWASP ZAP (Zed Attack Proxy) is a popular tool for testing web application security
White hat hackers are ethical hackers who use their skills to improve security, while black hat hackers are malicious hackers who exploit vulnerabilities for personal gain.
White hat hackers are ethical hackers who work to improve security by finding and fixing vulnerabilities in systems.
Black hat hackers are malicious hackers who exploit vulnerabilities for personal gain or to cause harm.
White hat hackers may be hired ...
Blue team focuses on defense and prevention, while red team simulates attacks to test defenses.
Blue team is responsible for defending against cyber threats and implementing security measures.
Red team simulates real-world attacks to test the effectiveness of the blue team's defenses.
Blue team works proactively to prevent security breaches, while red team works reactively to identify vulnerabilities.
Blue team focuses on ...
Authentication verifies a user's identity, while authorization determines what actions a user is allowed to perform.
Authentication confirms the user's identity through credentials like passwords or biometrics.
Authorization controls access to resources based on the authenticated user's permissions.
Example: Logging into a system with a username and password is authentication, while being able to view or edit specific fil
Secure authentication methods are crucial for protecting sensitive information.
Use multi-factor authentication (MFA) to add an extra layer of security
Implement strong password policies, including regular password changes
Utilize biometric authentication such as fingerprint or facial recognition
Employ single sign-on (SSO) for centralized authentication management
Monitor and analyze authentication logs for suspicious acti
Hashing is one-way function for data integrity while encryption is two-way function for data confidentiality.
Hashing is irreversible and used for data integrity verification.
Encryption is reversible and used for data confidentiality protection.
Hashing produces a fixed-length output (hash value) while encryption output length can vary.
Example: Hashing - MD5, SHA-256; Encryption - AES, RSA
LFI allows an attacker to include files on a server through the web browser, while RFI allows an attacker to execute arbitrary code on a server.
LFI stands for Local File Inclusion, where an attacker can include files on a server using a vulnerable script.
RFI stands for Remote File Inclusion, where an attacker can execute arbitrary code on a server by including a remote file.
LFI is limited to files that are already pres...
Mitigations for SQL injection include input validation, parameterized queries, stored procedures, and least privilege access.
Implement input validation to ensure only expected data is accepted
Use parameterized queries to separate SQL code from user input
Utilize stored procedures to encapsulate SQL logic and prevent direct user input execution
Follow the principle of least privilege to restrict database access rights
Blind based SQL injection is a type of SQL injection attack where the attacker sends SQL queries to the database and observes the result without actually seeing the output.
Attacker sends SQL queries to the database and observes the behavior of the application to determine if the query was successful or not.
No error messages are displayed to the attacker, making it harder to detect.
Time-based blind SQL injection involve...
Password spraying is a type of cyber attack where attackers try a few common passwords against many usernames.
Attackers use common passwords to try and gain access to multiple accounts.
Unlike brute force attacks, password spraying involves trying a few passwords against many accounts.
Attackers aim to avoid detection by not triggering account lockouts.
Organizations can defend against password spraying by enforcing stron...
Implement account lockout, use strong passwords, and implement CAPTCHA
Implement account lockout after a certain number of failed login attempts
Encourage users to use strong passwords with a combination of letters, numbers, and special characters
Implement CAPTCHA to prevent automated brute force attacks
Consider implementing rate limiting to restrict the number of login attempts within a certain time frame
End goal is more important as it drives the overall direction and success of a project.
End goal provides a clear vision and purpose for the project
Procedures are important for achieving the end goal efficiently
Flexibility in procedures may be necessary to adapt to changing circumstances
Examples: In cybersecurity, the end goal of protecting sensitive data may require constantly evolving procedures to combat new threats
Top trending discussions
I applied via Campus Placement and was interviewed in Jan 2021. There were 3 interview rounds.
Swap two numbers with and without temporary variable
Without temporary variable: Use addition and subtraction
With temporary variable: Use a third variable to store the value of one of the numbers
Example without temporary variable: a=5, b=7; a=a+b; b=a-b; a=a-b;
Example with temporary variable: a=5, b=7; temp=a; a=b; b=temp;
I applied via Naukri.com and was interviewed in Oct 2020. There was 1 interview round.
Second level cache is a caching mechanism used to improve performance by storing frequently accessed data in memory.
Second level cache is implemented at the application level and can be configured using frameworks like Hibernate.
To optimize SQL queries, one can use indexes, avoid using SELECT *, and use JOINs instead of subqueries.
SOLID principles are a set of design principles for writing maintainable and scalable cod...
To deploy an application in AWS, you need to create an EC2 instance, configure security groups, install necessary software, and upload your application code.
Create an EC2 instance in the desired region and select the appropriate instance type
Configure security groups to allow traffic to and from the instance
Install necessary software and dependencies on the instance
Upload your application code to the instance
Start the ...
I applied via Company Website and was interviewed before Aug 2020. There were 4 interview rounds.
I applied via Campus Placement and was interviewed in Dec 2020. There were 4 interview rounds.
I applied via Recruitment Consulltant and was interviewed before Jun 2021. There was 1 interview round.
BigInteger is used for mathematical operations involving very large integers in Java.
BigInteger is used when the range of values supported by primitive data types like int and long is not sufficient.
It is commonly used in cryptography and security applications.
It provides methods for arithmetic, bitwise, and logical operations on large integers.
Example: calculating factorial of a large number, generating large prime nu
Merge Sort Algo code in java
Divide the array into two halves
Recursively sort the two halves
Merge the sorted halves
Time complexity: O(n log n)
I applied via Naukri.com and was interviewed in Aug 2020. There was 1 interview round.
I applied via Walk-in and was interviewed in Aug 2020. There were 4 interview rounds.
Some of the top questions asked at the LanzeIntegra Technologies Security Engineer interview -
based on 1 interview
Interview experience
based on 1 review
Rating in categories
Security Engineer
16
salaries
| ₹2.5 L/yr - ₹4 L/yr |
Senior Security Engineer
10
salaries
| ₹2 L/yr - ₹9.7 L/yr |
Cyber Security Analyst
4
salaries
| ₹3 L/yr - ₹6 L/yr |
Cyber Security Engineer
4
salaries
| ₹2.8 L/yr - ₹4.2 L/yr |
HR Executive
3
salaries
| ₹2.1 L/yr - ₹4.2 L/yr |
TCS
Accenture
Wipro
Cognizant