
TCS


TCS Security Analyst Interview Questions and Answers
Q1. What protocols used by nmap Difference between public and private ip ( mention ip ranges) Command to check connected devices , open and filter port in nmap How firewall works, can we close firewall port ? How p...
read moreAnswering questions related to nmap, IP addresses, firewall, and ping scan.
Nmap uses various protocols such as TCP, UDP, ICMP, and ARP.
Public IP addresses are globally unique and routable on the internet, while private IP addresses are used within a private network and not routable on the internet. Private IP ranges include 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16.
To check connected devices and open ports, use the command 'nmap -sP
' and 'nmap -p ', respectively. To fil...read more
Q2. what are the major vulnerabilities you've encounterd? how did you encounter them?
Major vulnerabilities encountered include SQL injection, phishing attacks, and outdated software.
Encountered SQL injection vulnerability in a web application due to lack of input validation
Fell victim to a phishing attack where employees unknowingly provided sensitive information
Discovered outdated software with known security vulnerabilities that could be exploited
Q3. How do you approach a problem?
I approach a problem by analyzing the root cause, brainstorming solutions, and implementing a strategic plan.
Identify the root cause of the problem
Brainstorm potential solutions
Develop a strategic plan to address the problem
Implement the plan and monitor progress
Adjust the plan as needed based on feedback and results
Q4. Incident management on Ddos attack
Incident management on DDoS attack involves identifying the attack, mitigating its impact, and preventing future attacks.
Quickly identify the type and source of the attack
Notify relevant stakeholders and activate incident response plan
Mitigate the attack by filtering traffic and blocking malicious IPs
Monitor network traffic and adjust mitigation strategies as needed
Conduct a post-incident analysis to identify areas for improvement
Implement preventative measures such as firewa...read more
Q5. What is SQL Injection and how can we prevent
SQL Injection is a type of cyber attack where malicious SQL code is inserted into input fields to manipulate database queries.
SQL Injection occurs when attackers input malicious SQL code into input fields, tricking the application into executing unintended SQL commands.
To prevent SQL Injection, use parameterized queries or prepared statements to sanitize user input.
Input validation and limiting database permissions can also help prevent SQL Injection attacks.
Example: SELECT *...read more
Q6. mitre attack definition and how will u use
MITRE ATT&CK is a framework for understanding attacker behavior and tactics.
MITRE ATT&CK provides a comprehensive list of tactics, techniques, and procedures (TTPs) used by attackers.
It helps security analysts understand and categorize threats based on real-world observations.
Security analysts can use MITRE ATT&CK to map out potential attack scenarios and improve defense strategies.
Q7. What is wapt how to perform do a audit
WAPT stands for Web Application Penetration Testing. It is a process of auditing and assessing the security of web applications.
WAPT is performed to identify vulnerabilities and weaknesses in web applications.
It involves simulating real-world attacks to test the security measures in place.
Common techniques used in WAPT include vulnerability scanning, penetration testing, and code review.
The goal is to uncover potential security flaws and provide recommendations for improvemen...read more
Q8. What are the types of Injection
Types of Injection include SQL injection, XSS injection, and command injection.
SQL injection: attackers insert malicious SQL code into input fields to manipulate the database
XSS injection: attackers insert malicious scripts into web pages viewed by other users
Command injection: attackers execute arbitrary commands on a server by manipulating input fields
Q9. What is Cia triad
CIA triad is a model designed to guide policies for information security within an organization.
CIA stands for Confidentiality, Integrity, and Availability
Confidentiality ensures that information is only accessible to those who are authorized to view it
Integrity ensures that information is accurate and trustworthy
Availability ensures that information is accessible when needed
The CIA triad helps organizations prioritize their security measures to protect their information asse...read more
More about working at TCS







Top HR Questions asked in TCS Security Analyst
Interview Process at TCS Security Analyst



Reviews
Interviews
Salaries
Users/Month

