Mahindra Defence Systems Cyber Security Analyst Interview Questions and Answers

SQLi stands for SQL Injection. It is a type of cyber attack where an attacker injects malicious SQL code into a vulnerable website.

• SQLi allows attackers to access sensitive data from a website's database

• There are three types of SQLi: In-band, Inferential, and Out-of-band

• In-band SQLi is the most common type and involves using the same communication channel to launch the attack and retrieve data

• Inferential SQLi involves ...read more

OWASP Top 10 is a list of the most critical web application security risks.

• Injection attacks: SQL, NoSQL, OS, LDAP, etc.

• Broken authentication and session management

• Cross-site scripting (XSS)

• Broken access control

• Security misconfiguration

• Insecure cryptographic storage

• Insufficient logging and monitoring

• Insecure communication

• Using components with known vulnerabilities

• Insufficient attack protection and rate limiting

Dom xss is a type of cross-site scripting attack that exploits vulnerabilities in client-side scripts.

• Dom xss attacks occur when an attacker injects malicious code into a website's DOM (Document Object Model) through user input.

• The injected code can then execute in the victim's browser, potentially stealing sensitive information or performing unauthorized actions.

• Preventing Dom xss requires proper input validation and ...read more