• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Jeanne Boyarsky
  • Tim Cooke
Sheriffs:
  • Bear Bibeault
  • Henry Wong
  • Devaka Cooray
Saloon Keepers:
  • salvin francis
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Frits Walraven
Bartenders:
  • Jj Roberts
  • Carey Brown
  • Scott Selikoff

Security Interview Questions

 
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
What are some of the more interesting questions regarding security that you've either heard asked in an interview or that you've asked during an interview?
 
Author
Posts: 159
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
These are not evil questions...I wish you don't want to sacrifice security..if you are hiring a security professional :-)

Here is my quick five questions on general application security:

1. Identify the fundamental security principles (at least 5) to fortify an application from potential risks and vulnerabilities.

2. How do you identify and mitigate application security risks ? How do you make trade-offs ?

3. What is a security pattern ? Why it has to be considered in application development ?

4. Discuss the differences between Black-box and White-box security testing ?

5. How do you perform a proactive security assessment and a reality check before deploying the application ?

---
If you would like to know the answers...I would suggest to read the Free Sample chapter made available in the book website.
---

Here is my quick five interview questions on J2EE application security:


1. How do you guarantee the integrity and privacy of data and communication from Man-in-the-Middle attack ? What are the J2EE security options.

2. How do you implement a secure logging process which ensures confidentiality and tamper-proof ?

3. What are the security strategies available to protect access to a Java object passed between J2EE tiers ?

4. In J2EE Web services, how do you restrict all direct access to a SOAP endpoint and its WSDL ?

5. How do you incorporate a multi-factor authentication process (Password + Smartcard + Biometrics) in J2EE applications ?
[ January 10, 2006: Message edited by: Ramesh Nagappan ]
 
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Found bunch of security related questions here

Java security interview questions and answers
 
The problems of the world fade way as you eat a piece of pie. This tiny ad has never known problems:
the value of filler advertising in 2021
https://coderanch.com/t/730886/filler-advertising
reply
    Bookmark Topic Watch Topic
  • New Topic