Review source code of application, explain vulnerabilities found.
Application Security Interview Questions
240 application security interview questions shared by candidates
if i have a background on servicenow, basic knowledge on technology
1.what is difference between information security and cyber security 2.symmetric and asymmetric algorithm 3 what is sdlc and its stages 4. What is certificate authority 5.what is mitm explain with an example how exploitation works 5 stressful situation and how it was handled 6 what does packet contain Interview was ok but was asked questions on enterprise level asked to provide one line answers when I was explaining with examples.
What are your favorite OWASP Top10 vulnerabilities?
Know the various most common vulnerabilities
A lot, how do I do vulnerability management was one.
3. Techincal: They will ask about a certain vulnerability and then give you examples and ask you create a payload for this. They will also provide you with sample vulnerability reports and ask you to triage them with CVSS. There will be other scenarios like "If this happens, is this a vulnerability? and you will have to explain your answer" How DNS and other backend systems work. In short you will need deep and clear understanding of web applications working as well as vulnerabilities
Included chatting through CV, some technical questions relating to the role, some HR questions, and a technical exercise. The technical exercise was left open and allowed you to discuss the problems in front of you, which meant they were assessing your ability to do a job and have the right mindset rather than know specific technologies.
Secure design of a cloud based application, and finding security vulnerabilities.
One specific thing they asked was to perform a code review on a Java REST API. I had to identify a Mass Assignment vulnerability where an endpoint was binding request data directly to a persistence entity.
Viewing 41 - 50 interview questions