This week's book giveaway is in the Open Source Projects forum.
We're giving away four copies of Eclipse Collections Categorically: Level up your programming game and have Donald Raab on-line!
See this thread for details.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Ron McLeod
  • Jeanne Boyarsky
Sheriffs:
  • Paul Clapham
Saloon Keepers:
  • Tim Holloway
  • Roland Mueller
Bartenders:

Security Interview Questions

 
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
What are some of the more interesting questions regarding security that you've either heard asked in an interview or that you've asked during an interview?
 
Author
Posts: 159
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
These are not evil questions...I wish you don't want to sacrifice security..if you are hiring a security professional :-)

Here is my quick five questions on general application security:

1. Identify the fundamental security principles (at least 5) to fortify an application from potential risks and vulnerabilities.

2. How do you identify and mitigate application security risks ? How do you make trade-offs ?

3. What is a security pattern ? Why it has to be considered in application development ?

4. Discuss the differences between Black-box and White-box security testing ?

5. How do you perform a proactive security assessment and a reality check before deploying the application ?

---
If you would like to know the answers...I would suggest to read the Free Sample chapter made available in the book website.
---

Here is my quick five interview questions on J2EE application security:


1. How do you guarantee the integrity and privacy of data and communication from Man-in-the-Middle attack ? What are the J2EE security options.

2. How do you implement a secure logging process which ensures confidentiality and tamper-proof ?

3. What are the security strategies available to protect access to a Java object passed between J2EE tiers ?

4. In J2EE Web services, how do you restrict all direct access to a SOAP endpoint and its WSDL ?

5. How do you incorporate a multi-factor authentication process (Password + Smartcard + Biometrics) in J2EE applications ?
[ January 10, 2006: Message edited by: Ramesh Nagappan ]
 
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Found bunch of security related questions here

Java security interview questions and answers
 
It runs on an internal combustion engine. This ad does not:
Clean our rivers and oceans from home
https://www.kickstarter.com/projects/paulwheaton/willow-feeders
reply
    Bookmark Topic Watch Topic
  • New Topic