Filter interviews by
SQLi stands for SQL Injection. It is a type of cyber attack where an attacker injects malicious SQL code into a vulnerable website.
SQLi allows attackers to access sensitive data from a website's database
There are three types of SQLi: In-band, Inferential, and Out-of-band
In-band SQLi is the most common type and involves using the same communication channel to launch the attack and retrieve data
Inferential SQLi involves ...
OWASP Top 10 is a list of the most critical web application security risks.
Injection attacks: SQL, NoSQL, OS, LDAP, etc.
Broken authentication and session management
Cross-site scripting (XSS)
Broken access control
Security misconfiguration
Insecure cryptographic storage
Insufficient logging and monitoring
Insecure communication
Using components with known vulnerabilities
Insufficient attack protection and rate limiting
Dom xss is a type of cross-site scripting attack that exploits vulnerabilities in client-side scripts.
Dom xss attacks occur when an attacker injects malicious code into a website's DOM (Document Object Model) through user input.
The injected code can then execute in the victim's browser, potentially stealing sensitive information or performing unauthorized actions.
Preventing Dom xss requires proper input validation and ...
Top trending discussions
EDR (Endpoint Detection and Response) solution is a cybersecurity technology that continuously monitors and analyzes endpoint activities to detect and respond to threats.
Continuous monitoring of endpoint activities
Real-time detection of threats
Immediate response to security incidents
Behavioral analysis of endpoints
Integration with SIEM for centralized monitoring
Examples: CrowdStrike Falcon, Carbon Black, SentinelOne
ArcSight is a security information and event management (SIEM) software that helps organizations detect and respond to security threats.
ArcSight uses a hierarchical structure of components such as connectors, Logger, ESM, and Command Center.
Connectors collect and normalize data from various sources.
Logger stores and indexes the collected data for analysis.
ESM (Enterprise Security Manager) correlates and analyzes the da...
Event IDs are unique identifiers for specific events in a system or network.
Event ID 4624 - Successful account logon
Event ID 4625 - Failed account logon
Event ID 4768 - Kerberos authentication ticket request
Event ID 4776 - Domain controller authentication
Event ID 7036 - Service control manager event
posted on 6 Jun 2023
I applied via AmbitionBox and was interviewed in Dec 2022. There were 2 interview rounds.
Public Key Infrastructure (PKI) is a system used to manage digital certificates and public-private key pairs for secure communication.
PKI involves a Certificate Authority (CA) that issues digital certificates to verify the identity of users or devices.
It uses asymmetric encryption where a public key is used for encryption and a private key is used for decryption.
PKI ensures secure communication by enabling encryption, ...
A bastion server is a highly secured server that acts as a gateway between internal network and external network.
Bastion server is used to securely access and manage servers in a private network from an external network.
It is typically placed in a DMZ (demilitarized zone) to provide an additional layer of security.
Access to the bastion server is tightly controlled and monitored to prevent unauthorized access.
It often r...
posted on 23 Oct 2021
I applied via Naukri.com and was interviewed in Nov 2020. There were 3 interview rounds.
posted on 10 Sep 2020
I applied via Company Website and was interviewed in Aug 2020. There were 3 interview rounds.
Connecting to a database has multiple options depending on the type of database and programming language used.
For SQL databases, options include using JDBC for Java, ODBC for C++, and ADO.NET for C#.
For NoSQL databases, options include using MongoDB's driver for Python or Node.js.
ORMs like Hibernate and Entity Framework can also be used to abstract away the database connection details.
Connection strings are used to spe...
posted on 25 Mar 2022
I applied via Naukri.com and was interviewed before Mar 2021. There was 1 interview round.
posted on 2 May 2021
posted on 10 May 2022
I applied via Approached by Company and was interviewed before May 2021. There were 2 interview rounds.
Piping code and welder qualifications test
Piping code refers to the set of standards and regulations that govern the design, fabrication, and inspection of piping systems.
Welder qualifications test is a process of testing and certifying welders to ensure that they have the necessary skills and knowledge to perform welding tasks safely and effectively.
Both piping code and welder qualifications test are important in ensu...
I applied via Campus Placement and was interviewed before Feb 2021. There were 2 interview rounds.
Quant, verbal, lrdi
I was interviewed in Dec 2016.
based on 4 reviews
Rating in categories
Analyst
82
salaries
| ₹0 L/yr - ₹0 L/yr |
Assistant Manager
49
salaries
| ₹0 L/yr - ₹0 L/yr |
Deputy Manager
40
salaries
| ₹0 L/yr - ₹0 L/yr |
Associate Consultant
24
salaries
| ₹0 L/yr - ₹0 L/yr |
SOC Analyst
19
salaries
| ₹0 L/yr - ₹0 L/yr |
Bharat Electronics
Hindustan Aeronautics
Tata Advanced Systems
Larsen & Toubro Limited