Techdefence Interview Questions, Process, and Tips

Q1. What is SQL injection?
Ans. 
SQL injection is a type of cyber attack where malicious SQL code is inserted into input fields to manipulate a database.
• SQL injection occurs when an attacker inserts malicious SQL code into input fields on a website.

• This code can then manipulate the database, steal data, or perform other unauthorized actions.

• Example: Entering ' OR '1'='1' into a login form to bypass authentication.
Answered by AI
Add your answer
Q2. What is XSS attack?
Ans. 
XSS attack is a type of cyber attack where attackers inject malicious scripts into web pages viewed by other users.
• XSS stands for Cross-Site Scripting.

• Attackers inject malicious scripts into web pages viewed by other users.

• These scripts can steal sensitive information, deface websites, redirect users to malicious sites, etc.

• There are three types of XSS attacks: stored, reflected, and DOM-based.

• Preventing XSS attacks in...read more
Answered by AI
Add your answer

Q1. What is OTP flooding
Ans. 
OTP flooding is a type of cyber attack where a large number of one-time passwords are sent to a target in order to overwhelm them.
• OTP flooding is a form of denial-of-service attack.

• Attackers flood the target with numerous OTPs, making it difficult for the target to use their legitimate OTP.

• This type of attack can be used to disrupt services or gain unauthorized access to accounts.

• Examples of OTP flooding include sendin...read more
Answered by AI
Add your answer
Q2. What is resource flooding?
Ans. 
Resource flooding is a type of cyber attack where an attacker overwhelms a system with excessive requests, causing it to become slow or unresponsive.
• Resource flooding is a type of denial of service (DoS) attack.

• Attackers flood a system with excessive requests, such as HTTP requests or network traffic, to overwhelm its resources.

• This can lead to the system becoming slow or unresponsive, disrupting normal operations.

• Comm...read more
Answered by AI
Add your answer

Q1. Asking about application security and mobile security
Add your answer
Q2. OWASP Top 10 Vulnerabilities
Add your answer

Q1. Asking about Appsec, network and mobile security testing
Add your answer

Q1. Tell us about yourself and your educational background?
Add your answer
Q2. Have I completed any industry-recognized certifications?
Add your answer
Q3. What are my salary expectation for this role ?
Add your answer

Q1. Frameworks do you prefer when conducting IT compliance audits and why ?
Ans. 
I prefer using a combination of COBIT and ISO 27001 frameworks for IT compliance audits.
• I prefer COBIT for its comprehensive coverage of IT governance and control objectives.

• I choose ISO 27001 for its focus on information security management best practices.

• Combining both frameworks provides a holistic approach to IT compliance audits.
Answered by AI
Add your answer
Q2. What is Active Directory, and how does it function within a networked environment?
Ans. 
Active Directory is a directory service developed by Microsoft for Windows domain networks, providing centralized management of network resources.
• Active Directory stores information about objects on the network such as computers, users, groups, and printers.

• It allows administrators to manage and secure resources within the network by assigning permissions and policies.

• Active Directory uses a hierarchical structure with...read more
Answered by AI
Add your answer
Q3. How do you handle communication with stakeholders, non-technical staff and other members during IT compliance audit ?
Add your answer

It was related to the Soc analyst and vapt medium to hard level

Q1. Deep discussion about my project Write a python code track the https website data Basic networking questions and some MySQL questions
Add your answer

Q1. As usual hr type interview questions
Add your answer