Orange Business Security Analyst Interview Questions and Answers

Q1. What is 3 way hand shaking
Ans. 
3 way hand shaking is a process in TCP/IP communication where three packets are exchanged to establish a connection.
• Three packets are involved: SYN, SYN-ACK, ACK

• SYN packet is sent by the client to the server to initiate the connection

• SYN-ACK packet is sent by the server to the client as a response

• ACK packet is sent by the client to the server to confirm the connection
Answered by AI
Add your answer
Q2. What is OSI Model
Ans. 
The OSI Model is a conceptual framework that standardizes the functions of a telecommunication or computing system into seven layers.
• The OSI Model stands for Open Systems Interconnection Model.

• It helps in understanding how data is transferred between devices in a network.

• Each layer has specific functions and communicates with the adjacent layers.

• Examples of layers include Physical, Data Link, Network, Transport, Sessio
Answered by AI
Add your answer
Q3. Tell about your work culture
Add your answer
Q4. Difference between tcp and udp
Ans. 
TCP is connection-oriented, reliable, and slower, while UDP is connectionless, unreliable, and faster.
• TCP is connection-oriented, meaning it establishes a connection before sending data, while UDP is connectionless.

• TCP is reliable as it ensures all data is received in order and without errors, while UDP does not guarantee delivery.

• TCP is slower due to the overhead of establishing and maintaining connections, while UDP ...read more
Answered by AI
Add your answer
Q5. What is firewall
Ans. 
A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
• Acts as a barrier between a trusted internal network and untrusted external network

• Filters traffic based on rules set by the network administrator

• Can be hardware-based or software-based

• Examples include Cisco ASA, Palo Alto Networks, and pfSense
Answered by AI
Add your answer

Q1. SSL Related ! Qualys VMDR Module scans related ! Application vuln !
Add your answer
Q2. Top 10 owasp How to prioritise and remediate vulnerabilities
Ans. 
Prioritizing and remediating vulnerabilities using OWASP Top 10
• Start by identifying the vulnerabilities that pose the highest risk to the organization

• Use the OWASP Top 10 as a guide to prioritize vulnerabilities

• Consider the likelihood and potential impact of each vulnerability

• Remediate vulnerabilities based on their priority level

• Perform regular vulnerability assessments to stay up-to-date on new vulnerabilities

• Example...read more
Answered by AI
Add your answer

Q1. Tell me about yourself
Ans. 
I am a dedicated Security Analyst with a strong background in cybersecurity and risk management.
• Experienced in conducting security assessments and identifying vulnerabilities

• Skilled in implementing security measures to protect against cyber threats

• Proficient in analyzing security incidents and responding effectively

• Certified in relevant security certifications such as CISSP or CISM
Answered by AI
Add your answer

Q1. Different types of malware
Ans. 
Malware refers to malicious software designed to disrupt, damage, or gain unauthorized access to a computer system.
• Viruses: self-replicating programs that infect other files on a computer

• Worms: standalone malware that spreads across networks

• Trojans: disguised as legitimate software to trick users into installing them

• Ransomware: encrypts files and demands payment for decryption

• Spyware: secretly gathers information about...read more
Answered by AI
Add your answer
Q2. What would you first do if a machine is infected
Ans. 
The first step would be to isolate the infected machine from the network to prevent further spread of the infection.
• Isolate the infected machine from the network to prevent further spread of the infection

• Identify the type of malware or virus that has infected the machine

• Run a full system scan using antivirus software to detect and remove the malware

• Update the operating system and all software to patch any vulnerabiliti...read more
Answered by AI
Add your answer

Q1. About Experience on Technologies
Add your answer
Q2. Current CTC and Expected
Add your answer

Q1. What are Azure Security Policies
Ans. 
Azure Security Policies are a set of rules and configurations that help enforce security controls within Azure environments.
• Azure Security Policies help ensure compliance with security standards and best practices

• They can be used to enforce specific security configurations, such as requiring encryption for storage accounts

• Policies can be assigned at the subscription, resource group, or resource level
Answered by AI
Add your answer
Q2. How do we use Conditional Access in Azure
Ans. 
Conditional Access in Azure is used to control access to resources based on specific conditions.
• Conditional Access policies can be set up to require multi-factor authentication for certain users or devices

• It can restrict access based on location, device compliance, or other factors

• Conditional Access can be used to enforce policies such as requiring a compliant device to access sensitive data
Answered by AI
Add your answer
Q3. Regarding MFA, VPN, GPO
Add your answer
Q4. What is Active Directory Federation Service
Ans. 
Active Directory Federation Service (AD FS) is a feature in Windows Server that allows for single sign-on authentication across multiple systems.
• AD FS allows users to access multiple applications with a single set of credentials

• It enables secure sharing of identity information between trusted partners

• AD FS uses claims-based authentication to verify user identity

• It supports integration with cloud-based services like Off
Answered by AI
Add your answer

Q1. Explain DHCP and DORA process
Ans. 
DHCP is a network protocol that dynamically assigns IP addresses to devices on a network. DORA process involves Discover, Offer, Request, and Acknowledge stages.
• DHCP Discover: Client broadcasts a request for IP address

• DHCP Offer: Server responds with an available IP address

• DHCP Request: Client requests the offered IP address

• DHCP Acknowledge: Server confirms the IP address assignment
Answered by AI
View 2 more answers
Q2. How a personal computer communicate with a web application. Process (Scenario base)
Ans. 
A personal computer communicates with a web application through a series of steps involving network protocols.
• The computer sends a request to the web application's server using the HTTP protocol.

• The server processes the request and sends back a response containing the requested information.

• The communication is facilitated by the TCP/IP protocol stack.

• Data is transmitted over the internet using IP addresses and domain n...read more
Answered by AI
Add your answer

Q1. How SSL handshake works
Ans. 
SSL handshake is a process where a client and server establish a secure connection by exchanging encryption keys and verifying identities.
• Client sends a hello message to server with supported encryption algorithms

• Server responds with its own hello message, including its certificate

• Client verifies server's certificate and generates a pre-master secret

• Both client and server use the pre-master secret to generate a unique ...read more
Answered by AI
Add your answer
Q2. Arp and it's types
Ans. 
ARP (Address Resolution Protocol) is a protocol used for mapping an IP address to a MAC address.
• ARP is used to resolve IP addresses to MAC addresses on a local network.

• There are two main types of ARP: ARP Request and ARP Reply.

• ARP Request is sent by a device to find the MAC address of another device with a known IP address.

• ARP Reply is sent in response to an ARP Request, providing the MAC address of the requested IP ad
Answered by AI
Add your answer

OS, DBMS, DLD, Networking, and Cryptography

Q1. Questions about resume
Add your answer
Q2. Define cryptography and different types
Ans. 
Cryptography is the practice of secure communication in the presence of third parties. There are two types: symmetric and asymmetric.
• Symmetric cryptography uses the same key for encryption and decryption, such as AES and DES.

• Asymmetric cryptography uses a public key for encryption and a private key for decryption, such as RSA and ECC.

• Other types include hashing algorithms like SHA-256 and digital signatures like DSA.

• Cr...read more
Answered by AI
Add your answer

Q1. What will you do if you get a better offer than Bosch
Add your answer

Q1. Basic questions
Add your answer

Q1. Security basic questions
Add your answer

Q1. SIEM Architecture
Add your answer
Q2. MITRE Framework
Add your answer