The interview was conducted by the client, and it was very easy; basically, they want you to explain the findings you found during the application security assessment. Also they ask about the common vulnerabilities like XSS, SQL Injection, and its preventions.
prepare well in penetration testing,Vulnerability assessment OWASP top[ 10 also prepare yourself in the recent events of application security.A basic problem statement would be given to analyse the vulnerability in it and also they check the approach for the solution.
explain about Server side request forgery
do you know what the OWASP top 10 are?
Q: The difference of authentication and authorization. Q: Do I know JavaScript?
Implicit vs explicit intent. Favourite vulnerability. Sandbox iframe and its security implications.
2nd team meeting with appsec engineer CISO head of security. Questions on experience, Do you have experience with "xyz"? Yes/No No feedback moved onto another question.
What are the responsibilities at your current job?
All the info they will ask you is on the doc file they email you if they choose to bring you onsite
XSS, SQL injection, Cross-Site request forgery
Viewing 381 - 390 interview questions