Qseap Infotech Associate Information Technology Consultant Interview Questions and Answers

Basic aptitude MCQ questions

Q1. List OWASP TOP 10
Ans. 
OWASP TOP 10 is a list of the top 10 most critical web application security risks.
• Injection

• Broken Authentication

• Sensitive Data Exposure

• XML External Entities (XXE)

• Broken Access Control

• Security Misconfiguration

• Cross-Site Scripting (XSS)

• Insecure Deserialization

• Using Components with Known Vulnerabilities

• Insufficient Logging and Monitoring
Answered by AI
Add your answer
Q2. SQLi in detail with mitigation and scenario
Ans. 
SQL injection (SQLi) is a type of cyber attack where malicious SQL statements are inserted into an entry field to manipulate the database.
• SQLi occurs when an attacker inserts malicious SQL code into a query to manipulate the database.

• Mitigation techniques include using parameterized queries, input validation, and stored procedures.

• Example scenario: Attacker enters ' OR 1=1;--' into a login form to bypass authentication
Answered by AI
Add your answer