Qseap Infotech Interview Questions, Process, and Tips

Reasoning questions and Mathematical questions

Q1. Basic Networking questions
Add your answer
Q2. OSI model question
Add your answer
Q3. TCP , UDP question
Add your answer

Q1. General questions
Add your answer

Basic Login and reasoning questions with some basic networking and CIA model-related questions.

Q1. OWASP Top 10 CIA Model
Ans. 
OWASP Top 10 is a list of common web application vulnerabilities. CIA model is a framework for information security.
• OWASP Top 10 includes vulnerabilities like injection, broken authentication, and cross-site scripting.

• CIA model stands for confidentiality, integrity, and availability.

• It is used to evaluate and improve the security of information systems.

• For example, a company may use the CIA model to ensure that custome...read more
Answered by AI
Add your answer
Q2. Access Control Questions (Privilege Escalation and IDOR) Cookie Attributes Injection
Add your answer
Q3. Threat, Vulnerability and Risk Difference Authentication and Authorization Difference
Ans. 
Threat, vulnerability, and risk are related to security while authentication and authorization are related to access control.
• Threat is a potential danger that can exploit a vulnerability and cause harm.

• Vulnerability is a weakness in a system that can be exploited by a threat.

• Risk is the likelihood of a threat exploiting a vulnerability and the impact it will have.

• Authentication is the process of verifying the identity ...read more
Answered by AI
Add your answer

Q1. Basic Questions like describing yourself and some key points in your resume Strength and weakness
Add your answer

Numerical reasoning and logical reasoning a bit tough however can be clear

Q1. Network protocols and its port number,nmap questions like how to scan ports, firewalls and it's type, vpn,http vs https vs ssl, cia triad, scenario based questions
Add your answer

Q1. They will not ask any questions on this round just confirmation from your side.
Add your answer

Q1. Tell me something about yourself
Add your answer
Q2. Something abou your family
Add your answer
Q3. Why you choose this cyber security field
Add your answer

Maths, reasoning, and it complicated

Basic aptitude MCQ questions

Q1. List OWASP TOP 10
Ans. 
OWASP TOP 10 is a list of the top 10 most critical web application security risks.
• Injection

• Broken Authentication

• Sensitive Data Exposure

• XML External Entities (XXE)

• Broken Access Control

• Security Misconfiguration

• Cross-Site Scripting (XSS)

• Insecure Deserialization

• Using Components with Known Vulnerabilities

• Insufficient Logging and Monitoring
Answered by AI
Add your answer
Q2. SQLi in detail with mitigation and scenario
Ans. 
SQL injection (SQLi) is a type of cyber attack where malicious SQL statements are inserted into an entry field to manipulate the database.
• SQLi occurs when an attacker inserts malicious SQL code into a query to manipulate the database.

• Mitigation techniques include using parameterized queries, input validation, and stored procedures.

• Example scenario: Attacker enters ' OR 1=1;--' into a login form to bypass authentication
Answered by AI
Add your answer

Reasoning ability and technical questions of fundamental of system and cyber security ports number

Q1. What are your salary expectations?
Add your answer
Q2. What is your family background?
Add your answer
Q3. Tell me about yourself.
Add your answer
Q4. Some service bond related questions
Add your answer
Q5. Some technical questions
Add your answer

Q1. CIA triads , difference between http and HTTPS
Ans. 
CIA triads are confidentiality, integrity, and availability. HTTPS is a secure version of HTTP.
• CIA triads are the three pillars of information security.

• Confidentiality ensures that only authorized parties can access data.

• Integrity ensures that data is not tampered with or altered.

• Availability ensures that data is accessible to authorized parties when needed.

• HTTPS is a secure version of HTTP that encrypts data in transi...read more
Answered by AI
Add your answer
Q2. Ports number and tools used
Ans. 
Ports and tools used in information security
• Common ports used in information security include 80 (HTTP), 443 (HTTPS), 22 (SSH), and 3389 (RDP)

• Tools used in information security include Nmap, Wireshark, Metasploit, and Nessus

• Port scanning tools like Nmap are used to identify open ports on a target system

• Packet sniffing tools like Wireshark are used to capture and analyze network traffic

• Vulnerability scanners like Nessus...read more
Answered by AI
Add your answer
Q3. Owasp top 10 with examples
Ans. 
OWASP Top 10 is a list of common web application vulnerabilities.
• Injection (SQL, LDAP, etc.)

• Broken Authentication and Session Management

• Cross-Site Scripting (XSS)

• Broken Access Control

• Security Misconfiguration

• Insecure Cryptographic Storage

• Insufficient Transport Layer Protection

• Unvalidated and Unsanitized Input

• Using Components with Known Vulnerabilities

• Insufficient Logging and Monitoring
Answered by AI
Add your answer

Q1. What is firewall and tell its security features?
Ans. 
A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
• Acts as a barrier between internal network and external networks

• Filters incoming and outgoing traffic based on set rules

• Can be hardware-based or software-based

• Can block unauthorized access while allowing legitimate traffic

• Can be configured to log and report on network activity
Answered by AI
Add your answer