Cyber Security Associate Interview Questions and Answers for Freshers

OWASP Top 10 is a list of the top 10 most critical web application security risks.

• Injection: SQL, NoSQL, OS, LDAP injection

• Broken Authentication: Weak passwords, insecure session management

• Sensitive Data Exposure: Insecure data storage, lack of encryption

• XML External Entities (XXE): Parsing XML input from untrusted sources

• Broken Access Control: Unauthorized access to sensitive functionality

• Security Misconfiguration: Default settings, unnecessary services

• Cross-Site Scripting (...read more

XSs (Cross-Site Scripting) is a type of security vulnerability where attackers inject malicious scripts into web pages viewed by other users.

• XSs allows attackers to execute scripts in the victim's browser, potentially stealing sensitive information.

• There are three types of XSs: Stored, Reflected, and DOM-based.

• Preventing XSs involves input validation, output encoding, and using security headers like Content Security Policy (CSP).