Interview Topics

Study these to get placed in your DREAM COMPANY !

  • Dos Vs DDos

  • Linux Permissions

  • Private Key and Public Key Communications

  • Hashing Vs Encryption

  • What is False Positive - True Negative - False Negative and True Postive

  • 401 Vs 403

  • Hotfixes for XSS and all other OWASP 10 bugs

  • In-Depth understanding of SQLi Queries and its types

  • Session tokens - Cookies - Same-Site Cookies - Secure flag - HTTP-Only flag

  • CIA Traid

  • Pivoting and Lateral Movement

  • What is access control ? What is Broken Access control

  • What kind of bugs can be found in security misconfiguration ?

  • CORS and Same-Origin Policy

  • Parameter Pollution

  • Prototype Pollution

  • Insecure Deserialization

  • What kind of issues can be found in OAuth

  • Secure algorithm for JWT's

  • Name some modern industry standard hashing algorithm used nowadays?

  • SAST vs DAST

  • All the Burpsuite's tabs, especially the Intruder attack types

Sniper - Battering RAM - Cluster Bomb - Pitch fork

  • Explain Log4j attack - Spring4shell attack

  • Refer this Interview Prep

  • All the Wireshark filters and Flags

SYN - ACK - FIN - URG - PSH

Active Directory Questions

In a Windows domain, credentials are stored in a centralised repository called ?

  • Active Directory

The server in charge of running the Active Directory services is called ?

  • Domain Controller

Which group normally administrates all computers and resources in a domain ?

  • Domain Admins

What would be the name of the machine account associated with a machine named TOM-PC ?

  • TOM-PC$

Suppose our company creates a new department for Quality Assurance. What type of containers should we use to group all Quality Assurance users so that policies can be applied consistently to them?

  • Organizational Units

The process of granting privileges to a user over some OU or other AD Object is called ?

  • Delegation

Difference between Organizational Units and Security Groups in an Active Directory Network ?

  • Organization Units are helpful while applying policies to users and computers, which include specific configurations that pertain to sets of users depending on their particular role in the enterprise [The Sales department has a different set of policies when compared to an IT department]

  • Security Groups on the other hand, are used to grant permissions over resources - We will use groups if you want to allow some users to access a shared folder or network printer

Explain what are Group Policy Objects ( GPOs ) ?

  • GPOs is a collection of settings that can be applied to OUs, they contain specific set of policies which differ within the OUs

For example, the Sales OU's policies will differ from the IT OUs

Explain Kerberos Authentication in simple words ?

Explain NetNTLM Authentication in simple words ?

Will a current version of Windows use NetNTLM as the preferred authentication protocol by default?

  • Nope

When referring to Kerberos, what type of ticket allows us to request further tickets known as TGS?

  • Ticket Granting Ticket (TGT)

When using NetNTLM, is a user's password transmitted over the network at any point?

  • Nope

PreviousACM Cyber - UCLANextBasics

Last updated