Security
What is DevSecOps? What its core principals?
What security techniques are you familiar with? (or what security techniques have you used in the past?)
What the “Zero Trust” concept means? How Organizations deal with it?
Explain Authentication and Authorization
How do you manage sensitive information (like passwords) in different tools and platforms?
Explain what is Single Sign-On
Explain MFA (Multi-Factor Authentication)
Explain RBAC (Role-based Access Control)
Security – Web
What is Nonce?
Security – SSH
What is SSH how does it work?
What is the role of an SSH key?
Security Cryptography
Explain Symmetrical encryption
Explain Asymmetrical encryption
What is “Key Exchange” (or “key establishment”) in cryptography?
True or False? The symmetrical encryption is making use of public and private keys where the private key is used to decrypt the data encrypted with a public key
True or False? The private key can be mathematically computed from a public key
True or False? In the case of SSH, asymmetrical encryption is not used to the entire SSH session
What is Hashing?
How hashes are part of SSH?
Explain the following:
- Vulnerability
- Exploits
- Risk
- Threat
Are you familiar with “OWASP top 10”?
What is XSS?
What is an SQL injection? How to manage it?
What is Certification Authority?
How do you identify and manage vulnerabilities?
Explain “Privilege Restriction”
How HTTPS is different from HTTP?
What types of firewalls are there?
What is DDoS attack? How do you deal with it?
What is port scanning? When is it used?
What is the difference between asynchronous and synchronous encryption?
Explain Man-in-the-middle attack
Explain CVE and CVSS
What is ARP Poisoning?
Describe how do you secure public repositories
How do cookies work?
What is DNS Spoofing? How to prevent it?
What can you tell me about Stuxnet?
What can you tell me about the BootHole vulnerability?
What can you tell me about Spectre?
Explain OAuth
Explain “Format String Vulnerability”
Explain DMZ
Explain TLS
What is CSRF? How to handle CSRF?
Explain HTTP Header Injection vulnerability
What security sources are you using to keep updated on latest news?
What TCP and UDP vulnerabilities are you familiar with?
Do using VLANs contribute to network security?
What are some examples of security architecture requirements?
What is air-gapped network (or air-gapped environment)? What its advantages and disadvantages?
Explain what is Buffer Overflow
Containers
What security measures are you taking when dealing with containers?
Explain what is Docker Bench
Explain MAC flooding attack
What is port flooding?
What is “Diffie-Hellman key exchange” and how does it work?
Explain “Forward Secrecy”
What is Cache Poisoned Denial of Service?
Security – Threats
Explain “Advanced persistent threat (APT)”
What is a “Backdoor” in information security?
Sorry, there was a YouTube error.
I’m a DevOps/SRE/DevSecOps/Cloud Expert passionate about sharing knowledge and experiences. I have worked at Cotocus. I share tech blog at DevOps School, travel stories at Holiday Landmark, stock market tips at Stocks Mantra, health and fitness guidance at My Medic Plus, product reviews at TrueReviewNow , and SEO strategies at Wizbrand.
Do you want to learn Quantum Computing?
Please find my social handles as below;
Rajesh Kumar Personal Website
Rajesh Kumar at YOUTUBE
Rajesh Kumar at INSTAGRAM
Rajesh Kumar at X
Rajesh Kumar at FACEBOOK
Rajesh Kumar at LINKEDIN
Rajesh Kumar at WIZBRAND
Find Trusted Cardiac Hospitals
Compare heart hospitals by city and services — all in one place.
Explore Hospitals