Security Interview Questions - Part I
I have compiled a list of security interview questions. They are like standard in most of the interviews today. you can easily find solutions for them online by using google.
Generally a security interview consists of various stuff like networking, Operating system internals, Exploit techniques, Bypass and prevention techniques etc.This is a not a full list and i will keep posting more posts regarding this. I will also list some reference material which you can use for studying.
- What is Stack Overflow?
- What is Heap Overflow?
- What is integer overflow/underflow?
- What is SEH / SEH Overflow?
- What is UAF or user after free?
- How latest operating system protects against stack/heap overflow?
- What is ASLR/DEP?
- How can we bypass ASLR/DEP?
- What is ROP or return oriented programming?
- What is JOP or jump oriented programming?
- What is Stack Canary/Cookie?
- What is Heap Spray?
- What is Null Page?
- How to protect against ROP or return oriented programming based attacks?
- What is fuzzing explain static/Dyanamic?
- What is shellcode?
- How does shellcode gets address of windows dlls and calls functions?
- What is SQL injection?
- What is cross site scripting?
- What is CSRF or cross site request forgery attacks?
- Which is the latest exploit you know and worked on?