Software Security

Are you looking for a job in Software Security? In order to help you to prepare, we have List down some of the most frequently asked interview questions in Software Security.

Q.1 State the difference between private and public-key cryptography while performing the encryption and signing content?
Public Key Cryptography (PKC), often known as asymmetric cryptography, is a data encryption and decryption technique that requires two independent sets of keys, one private and the other public.
Q.2 Mention the major application of the public-key cryptography?
When it comes to digital signature, the sender uses the private key to sign the data, while the receiver verifies and validates the data using the sender's public key. The sender encrypts the data with the recipient's public key, and the receiver decrypts and validates it with his or her private key.
Q.3 Discuss about the Phishing issues?
In phishing, a phoney web page is used to fool and manipulate the user into submitting sensitive and confidential information.
Q.4 What approach you can take to defend the phishing attempts?
Some phishing mitigation techniques include XSS vulnerability verification and validation, as well as HTTP referer header.
Q.5 How to defend against multiple login attempts?
There are various methods for defending against multiple login attempts, including: The construction of an account lockout policy is based on a large number of failed efforts and trials to get access to the account. Implementation of captcha-based functionality on the login page to detect and distinguish between humans and robots.
Q.6 Why “Penetration Testing” is important?
The importance of penetration testing can't be overstated: Security flaws and system gaps can be exceedingly costly since hackers can steal crucial data or even crash the system. It is difficult to keep all information secure at all times. Hackers are continually coming up with new ways to steal sensitive information, thus testers must test on a regular basis to detect such assaults. Penetration testing helps firms keep their data safe by identifying and protecting a system against the above-mentioned assaults.
Q.7 Name the two common techniques used to protect a password file?
Hashed passwords and a salt value, as well as password file access control, are two standard methods for protecting a password file.
Q.8 What is ISO 17799?
ISO/IEC 17799 is a standard that provides best practises for information security management and was first issued in the United Kingdom. It contains information security standards for all companies, large and small.
Q.9 What is SOAP and WSDL?
The Simple Object Access Protocol (SOAP) is an XML-based protocol that allows applications to communicate data through HTTP. Web services transmit XML requests in SOAP format, and a SOAP client subsequently sends a SOAP message to the server. The server replies with a SOAP message that includes the requested service. UDDI uses the Web Services Description Language (WSDL), which is an XML-formatted language. Web Services Description Language (WSDL) is a language that describes web services and how to use them.
Q.10 What is file enumeration?
The URL manipulation attack is used with aggressive browsing in this type of assault. Hackers can modify the parameters in the URL string to obtain essential data that is normally not available to the public, such as completed data, older versions, or material that is still being developed.
Q.11 What is HIDS?
The Host Intrusion Detection System (HIDS) is a system that takes a snapshot of the current system and compares it to the prior snapshot. It checks to see if any vital files have been updated or deleted, and then sends an alert to the administrator.
Q.12 Explain URL manipulation?
URL manipulation is a sort of attack in which hackers change the URL of a website in order to get access to sensitive information. The parameters in the query string are transmitted between the client and the server using the HTTP GET method. Hackers can change the information between these settings to get access to the servers' authentication and steal sensitive data. To avoid this type of attack, URL manipulation security testing should be performed. Testers can try to manipulate the URL and look for probable attacks, and if they do, they can take steps to prevent them.
Q.13 What is a Cookie?
A cookie is a little piece of data that is sent from a web server and kept in a web browser to be read later. A cookie can store passwords and auto-fill information, and if hackers gain access to these secrets, it can be dangerous.
Q.14 What are the types of Cookies?
Types of Cookies are: Session Cookies - These are temporary cookies that only last for the duration of the current session. Persistent cookies are cookies that are saved on the hard disc drive and last until they expire or are manually removed.
Q.15 Why to perform a scan on port 137 ?
Scan on port 137 is perfomed to discover a target system with the NetBIOS null session vulnerability.
Q.16 What is privilege escalation?
Privilege escalation is increasing privileges on a user account.
Q.17 What is Java Struts?
Java Struts is a MVC framework and extension of Java servlets.
Q.18 Which API is used for secured network programming when using RPCs ?
Q.19 What is same in value of a handcrafted packet in a land attack?
Source, destination IP address and ports is same in value of a handcrafted packet in a land attack.
Q.20 What is Host Intrusion Detection System?
The (HIDSs)Host-based intrusion detection systems (HIDSs) are applications that operate on data collected from individual computer systems and serve on the existing system and compare with the previous mirror/snapshot of the system, validating for any data modification or manipulation, and generating an alert based on the output. It can also determine whether processes and users are engaged in harmful behaviour.
Q.21 What is NNIDS?
NNIDS stands for Network Node Intrusion Detection System (NNIDS), which is similar to an NIDS but only applies to a single host at a time, rather than an entire subnet.
Q.22 Mention three intruders classes?
There are several varieties of intruders, including: Masquerader: A masquerader is a computer intruder who attacks the system's access control and gains access to authenticated user accounts. Misfeasor: This user is an authenticated user with permission to utilise the system's resources, but he intends to use that same access for other purposes. Clandestine: Individuals who target the control system by circumventing the system security mechanism are classified as clandestine users.
Q.23 What are the components which are used in SSL?
SSL establishes the secure connections among the clients and servers. Components used in SSL : The SSL Recorded protocol The Handshake protocol The Cipher Spec Encryption algorithms
Q.24 What are the types of Intrusion Detection System?
The following types of IDS detection are the most common: Network intrusion detection systems (NIDS): A network intrusion detection system (NIDS) monitors and analyses incoming network traffic. HIDS (host-based intrusion detection systems): These systems keep an eye on the operating system files. There is also a subset of IDS types, the most common of which are based on anomaly detection and signature detection. Signature-based detection: This sort of detection system analyses certain patterns such as network traffic byte sequences and known malicious activity sequences to monitor and identify potential concerns. Anomaly-based: This type of model uses a machine learning approach to detect and adapt to unforeseen issues, with the primary goal of creating an algorithmic trust model and then comparing new harmful behaviour to this trust model.
Q.25 What do you know about OWASP?
The Open Web Application Security Project (OWASP) is a non-profit organisation that promotes secure software development.
Q.26 What potential issues arises if the session tokens has insufficient randomness across range values?
The issue with session tokens having insufficient randomness within a range of values leads to session manipulation.
Q.27 What is “SQL Injection”?
SQL injection is one of the most common techniques in which a code is injected in the SQL statements via a web page input that might destroy your database and potentially expose all the data from your DB.
Q.28 What do you understand by SSL session and also the SSL connections ?
SSL (Secure Socket Layer) establishes communication via a peer-to-peer network, with both connections maintaining an SSL session. An SSL session reflects the security contract, which in terms consists of key and algorithm agreement information passed between an SSL client and an SSL server across an SSL connection. Security protocols govern SSL session parameter discussions between an SSL client and an SSL server.
Q.29 What is Security Testing?
In all sorts of software testing, security testing is regarded the most crucial. Its major goal is to discover vulnerabilities in any software-based application (web or networking) and protect data from possible assaults or intruders. Many applications include sensitive information that must be kept safe from prying eyes. Software testing on such applications should be performed on a regular basis in order to discover threats and take appropriate action against them.
Q.30 What is “Vulnerability”?
Vulnerability is defined as the vulnerability of any system that allows attackers or bugs to attack it. If the system has not been thoroughly tested for security, the likelihood of vulnerabilities are raised. Patches or fixes must be applied on a regular basis to keep a system safe from vulnerabilities.
Q.31 Name the two standard approaches which are used to provide protection to a password file?
Two majorly applied approaches for password file protection are Hashed passwords Salt value or password file access control.
Q.32 What is IPSEC?
IPSEC, often known as IP security, is a set of standard protocols developed by the Internet Engineering Task Force (IETF) for use between the two different communication levels of an IP network. It maintains the integrity of the dataset, as well as authentication and secrecy. It creates encrypted and decrypted data packets that are authenticated.
Q.33 What is the OSI model?
The OSI model, also known as Open Systems Interconnection, is a communication model that allows standard protocols to be used with a variety of communication systems. It is being developed by the International Organization for Standardization.
Q.34 Define ISDN.
The Integrated Services Digital Network, or ISDN, is a circuit-switched telephone network system. It gives access to packet switched networks, allowing digital voice and data transmission. The quality of data and voice over this network is far superior to that of an analogue device or phone.
Q.35 Explain CHAP.
CHAP, also known as Challenge Handshake Authentication Protocol (CHAP), is a P-2-P protocol (PPP) authentication protocol that uses the link's first setup. It also runs a health check on the router's communication with the host on a regular basis. The Internet Engineering Task Force (IETF) created CHAP (Internet Engineering Task Force).
Q.36 What is USM, and what does it perform?
The User-based Security Model (USM) is used by the System Management Agent for decryption, encryption, decryption, and authentication of SNMPv3 packets.
Q.37 Mention some factors that can cause vulnerabilities?
The following are the majority of aspects that could lead to potential vulnerabilities: Exposure of sensitive data or passwords: If sensitive data or passwords are exposed or monitored by an unauthorised user, the system becomes susceptible. Design flaws: If there is a loophole in the system design, it may be targeted. Complexity: There are regions in complex applications that can become vulnerable. Human Error: Due to a variety of variables such as data leaking, human error is one of the leading causes of security vulnerabilities.
Q.38 Mention the parameters list to define SSL session connection?
The attributes which all define an SSL session connection are: The Server and client random The Server write MACsecret The Client write MACsecret The Server write key The Client write key The Initialization vectors Sequence numbers
Q.39 What is file enumeration?
It's a type of issue in which an unauthorised user exploits URL parameters to obtain sensitive data through aggressive browsing.
Q.40 List the attributes of Security Testing?
There are following seven attributes of Security Testing: Authentication Authorization Confidentiality Availability Integrity Non-repudiation Resilience
Q.41 What are the advantages of intrusion detection system?
The Intrusion detection system has the below advantages: Network Intrusion Detection (NIDS) Network Node Intrusion Detection System (NNIDS) Host Intrusion Detection Systems (HIDSs)
Q.42 How would an HTTP program handle state?
Cookies are used to manage the state of a web application because HTTP is a stateless protocol. HTTP can handle the state of a web application in the following ways while maintaining a session: Client-side Server-side The data might be stored in cookies or in the web server’s session.
Q.43 What do you understand by Cross Site Scripting or XSS?
Cross-site Scripting, also known as XSS, is a client-side code injection issue in which an unauthorised user attempts to execute malicious scripts in a user's web browser by embedding malicious code in a web application. When the user visits that web application, the malicious code is executed, compromising cookies, session tokens, and other sensitive information.
Q.44 What is “Penetration Testing”?
Penetration testing is a type of security testing that identifies flaws in a system. A penetration test is an attempt to assess the security of a system using human or automated approaches, and if a weakness is discovered, testers exploit it to gain deeper access to the system and discover further vulnerabilities. The primary goal of this testing is to protect a system from any potential threats. There are two types of penetration testing: White Box testing and Black Box testing. All of the information is available to the testers in white-box testing, whereas in black-box testing, the testers are given no knowledge and are required to test the system in real-world settings.
Q.45 What are the types of XSS?
XSS is divided into three categories: Reflected XSS: In this manner, the malicious script is retrieved from the current HTTP request rather than being stored in the database in the case of this vulnerability. Saved XSS: Suspicious scripts are stored in the web application's database and can be triggered by a user's action in a variety of ways, such as the comment box or discussion boards. DOM XSS: The possible concerns with DOM (Document Object Model)XSS are found in client-side code rather than server-side code. In this case, the malicious script runs in the browser and acts as a source script in the Document Object Model (DOM).
Q.46 Mention the owasp risk rating methodology ?
The Owasp risk rating methodologies are segregated in the different layers , such as : System Risk Identifications layer Source estimation of the Risk mechanism Impact estimation and analysis Determination of the risk severity. Risk mitigation techniques.
Q.47 Explain how does the tracert or tracerout operates ?
Tracerout, sometimes known as tracert, is a programme that monitors and analyses the route between a host and a distant machine. It carries out the following tasks: Monitors and determines whether or not data packets are rerouted. Analyze the data packet traversal speed. Examine the hops numbers used during data packet traversal between the host and distant machines.
Q.48 What is ICMP?
The Internet Control Message Protocol (ICMP) is a component of TCP/IP and is located at the Network layer of the OSI model.
Q.49 Which port is for ICMP or pinging?
Ping uses ICMP and does not require any ports. It is used to determine whether the remote host is active or not, as well as the packet loss and round-trip latency experienced during the conversation.
Q.50 Mention the list of challenges for the successful deployment and monitoring the web intrusion detection?
The challenges are as follows: Web monitoring limitations for NIDS, i.e. (semantic issues while understanding HTTP,SSL) logging the verbosity of logging (Mod Security audit log) challenges. Remote Logging from a Centralized Location. Mechanisms of Alerting While Signatures/Policies are being updated
Q.51 Mention the risk that involves from unsecure HTTP cookies with tokens ?
When HTTP cookies and secure tokens are not flagged, the Access Control Violation effect is triggered.
Q.52 Mention the basic design of OWASP ESAPI?
The following are the key OWASP ESAPI designs: Security control interfaces as a group Every security control has a reference implementation. Every security control has an option for implementation for every organisation.
Q.53 What is port scanning?
Scanning the ports to see if there are any weak points in the system that an unauthorised person could exploit to acquire access to important and sensitive data.
Q.54 Which is mostly implemented protocol on a login page?
While data is in the transmission layers, the TLS/SSL protocol is used in the majority of instances. Using encryption in the transmission layer, this will ensure the security and integrity of the user's vital and sensitive data.
Q.55 What is public-key cryptography?
The major use cases of public-key cryptography are : Digital signing – Content is digitally signed. Encryption- Content encryption with the public key
Get Govt. Certified Take Test