Filter interviews by
IDOR stands for Insecure Direct Object References, a security vulnerability where an attacker can access unauthorized data by manipulating object references.
IDOR occurs when an application exposes internal implementation objects to users without proper authorization checks.
Attackers can exploit IDOR by manipulating object references in URLs or parameters to access sensitive data.
Preventing IDOR involves implementing pr...
Direct path traversal is a type of attack where an attacker accesses files or directories that are not intended to be accessed.
Direct path traversal involves manipulating the file path in a URL to access restricted files or directories.
It can be used to bypass security measures and gain unauthorized access to sensitive information.
For example, if a website allows users to download files by specifying the file path in t...
SSRF stands for Server-Side Request Forgery, a vulnerability that allows attackers to send crafted requests from the server.
SSRF is a type of vulnerability where an attacker can make the server send requests to other resources on the internet.
Attackers can exploit SSRF to access internal systems, bypass firewalls, and perform reconnaissance on the network.
Mitigations for SSRF include input validation, whitelisting of a...
I applied via Approached by Company and was interviewed in Nov 2024. There were 2 interview rounds.
I applied via Approached by Company and was interviewed in Jan 2024. There were 2 interview rounds.
I applied via Referral and was interviewed before Feb 2023. There was 1 interview round.
3 way hand shaking is a process in TCP/IP communication where three packets are exchanged to establish a connection.
Three packets are involved: SYN, SYN-ACK, ACK
SYN packet is sent by the client to the server to initiate the connection
SYN-ACK packet is sent by the server to the client as a response
ACK packet is sent by the client to the server to confirm the connection
The OSI Model is a conceptual framework that standardizes the functions of a telecommunication or computing system into seven layers.
The OSI Model stands for Open Systems Interconnection Model.
It helps in understanding how data is transferred between devices in a network.
Each layer has specific functions and communicates with the adjacent layers.
Examples of layers include Physical, Data Link, Network, Transport, Sessio
TCP is connection-oriented, reliable, and slower, while UDP is connectionless, unreliable, and faster.
TCP is connection-oriented, meaning it establishes a connection before sending data, while UDP is connectionless.
TCP is reliable as it ensures all data is received in order and without errors, while UDP does not guarantee delivery.
TCP is slower due to the overhead of establishing and maintaining connections, while UDP ...
A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
Acts as a barrier between a trusted internal network and untrusted external network
Filters traffic based on rules set by the network administrator
Can be hardware-based or software-based
Examples include Cisco ASA, Palo Alto Networks, and pfSense
Prioritizing and remediating vulnerabilities using OWASP Top 10
Start by identifying the vulnerabilities that pose the highest risk to the organization
Use the OWASP Top 10 as a guide to prioritize vulnerabilities
Consider the likelihood and potential impact of each vulnerability
Remediate vulnerabilities based on their priority level
Perform regular vulnerability assessments to stay up-to-date on new vulnerabilities
Example...
posted on 16 Jul 2023
I applied via Recruitment Consulltant and was interviewed before Jul 2022. There were 4 interview rounds.
I applied via campus placement at Muthayammal Engineering College, Rasipuram and was interviewed in Feb 2024. There were 3 interview rounds.
It has 40 Questions and time duration of more than 45 minutes
It has 2 coding questions in java, 1 SQL question and 1 HTML, CSS question.
GET method is used to request data from a specified resource, while POST method is used to submit data to be processed to a specified resource.
GET requests data from a specified resource
POST submits data to be processed to a specified resource
GET requests can be cached and bookmarked, while POST requests are not cached and do not remain in the browser history
GET requests have length restrictions, while POST requests do
I applied via Naukri.com and was interviewed in Jul 2022. There were 4 interview rounds.
based on 8 reviews
Rating in categories
Security Consultant
44
salaries
| ₹1.5 L/yr - ₹10.1 L/yr |
Associate Security Consultant
43
salaries
| ₹3.2 L/yr - ₹10 L/yr |
Security Analyst
12
salaries
| ₹3.5 L/yr - ₹11.9 L/yr |
Senior Security Consultant
9
salaries
| ₹8.5 L/yr - ₹20 L/yr |
Soc Analyst 1
7
salaries
| ₹5.5 L/yr - ₹9.2 L/yr |
Paladion Networks
Kratikal Tech Private Limited
Safe Security
TCS