Summary of the latest network security penetration engineer interview questions in 2023! Don't think it's a big loss!

Others 2023-05-07 19:42:42 views: null

technical interview questions

CTF

Talk about an impressive CTF topic

  • Padding Oracle->CBC->Cryptography (RSA/AES/DSA/SM)

  • CRC32

  • Deserialization Vulnerabilities

sql secondary injection

When inserting data into the database for the first time, only use addslashes or use get_magic_quotes_gpc to escape the special characters in it. When writing to the database, the original data is still retained, but the data itself is still dirty data. After storing the data in the database, the developer considers the data to be credible. When the next query is required, the dirty data is directly taken out from the database without further inspection and processing, which will cause a secondary injection of SQL.

On a dating website, filling in the age is an injection point, and the page will display how many users are of the same age as you. Use and 1=1 to determine the injection point, use order by to detect the number of columns, and union select to detect which column the output point is.

  1. 暴库 group_concat(schema_name) from information_schema.schemata

  2. 暴表 group_concat(table_name) from information_schema.schemata where table_schema='hhh'

  3. Get data concat(flag) from flag

Fix: Escaping or filtering should also be performed when fetching data from a database or file.

Python

Crawler module, framework, anti-crawler mechanism (IP->proxy pool, verification code cracking, UA)

Concurrency (the difference between multithreading, thread pool, coroutine, and three programs)

A process is the smallest unit of CPU resource allocation, and a thread is the smallest unit of CPU scheduling. In the past, a process was the smallest unit of both resource allocation and scheduling. Later, in order to use the CPU more reasonably (in fact, the performance of the CPU is getting better and better), resource allocation and scheduling were separated, and threads were created. A thread is a program execution unit based on a process.

Commonly used standard library

  • functools -

  • itertools iterator

    • count/cycle/repeat

    • chain

    • groupby picks out adjacent repeated elements in the iterator and puts them together

  • concurrent.futures

    • ThreadPoolExecutor

  • hashlib

    • md5

    • drink 1

    • sha256

    • sha512

  • logging

  • sys.argv argparse read command line arguments

  • pickle serialization tool

  • re regular

  • collections various data types

    • namedtuple

    • OrderedDict

    • Counter

  • os system-related functions

The difference and use of DJANGO and FLASK

ORM

Python security tool writing/source code reading

proving ability

  • Python security tool development

  • Python project, remember the technical details

Cryptography

  • RSA

  • OF THE

  • AES

  • Domestic SM series

risk assessment

process

Three elements

  • Assets: Asset Value

  • Threat: threat subject, affected object, occurrence frequency, motivation, etc.

  • Vulnerability: the severity of an asset's weakness'

code audit

Fority SCA audit JAVA code

What module does fortify use? Filter custom rules generate reports

Seay audit PHP code

Source code reading

Specific procedures for emergency response

example

DDOS

What is DDOS

Distributed denial of service attack (DDoS) is an attack method often used by hackers and difficult to prevent. There are many types of DoS attacks. The most basic DoS attack is to use reasonable service requests to occupy too many service resources, so that legitimate users cannot get service responses.

The DDOS attack method is a kind of attack method based on the traditional DOS attack. A single DOS attack generally adopts a one-to-one method, and its effect is obvious when the performance indicators of the attack target such as low CPU speed, small memory or small network bandwidth are not high. With the development of computer and network technology, the processing power of the computer has increased rapidly, the memory has increased greatly, and a gigabit network has appeared at the same time, which makes DOS attacks more difficult—the target’s “digestion” of malicious attack packets "capability" has been enhanced a lot. For example, your attack software can send 3,000 attack packets per second, but my host and network bandwidth can handle 10,000 attack packets per second, so the attack will have no effect. At that time, distributed denial-of-service attacks (DDOS) came into being.

If the processing power of computers and networks has been increased by 10 times, and it is no longer effective to attack with one attack plane, what about the attacker using 10 attack planes to attack at the same time? How about using 100 units? DDOS is to use more puppet machines to launch attacks and attack victims on a larger scale than before.

Typically, a compromised server has the following symptoms:

1. There are a large number of waiting TCP connections on the attacked host;

2. There are a lot of useless data packets in the network, and the source address is false;

3. Create high-flow useless data, cause network congestion, and make the victim host unable to communicate with the outside world;

4. Taking advantage of the services provided by the victimized host or defects in the transmission protocol to repeatedly send specific service requests at high speed, so that the victimized host cannot process all normal requests in a timely manner;

5. In severe cases, the system will crash

Penetration testing process related

Penetration testing process

  1. project interview

  2. Information collection: whois, website source IP, side station, C-segment website, server system version, container version, program version, database type, second-level domain name, ***, maintainer information

  3. Vulnerability scanning: Nessus, AWVS

  4. Digging by hand: logic holes

  5. Validation Vulnerabilities

  6. repair suggestion

  7. (if any) Baseline Check/Retest Vulnerabilities

  8. output report

    • overview

    • Test basic information

      • Test Range

      • testing time

      • test task

      • Testing process

    • Comprehensive analysis of information security risks

      • Overall Risk Analysis

      • Risk Impact Analysis

      • System Security Analysis

      • List of Security Vulnerabilities

    • Solution suggestion

    • Retest report

Penetration Testing Project

Use seven or eight sentences to summarize the discovery, verify the details of the vulnerability, play a role, and specific work. If the technicians are interested, they will continue to ask, and then guide them elsewhere, so that they can talk about the details.

Common Web Security Vulnerabilities

  • SQL injection

  • XSS

  • File traversal, file upload, file download

  • vertical override, horizontal override

  • logic loophole

What logical loopholes have you dug?

Describe a CVE or POC that you have researched in depth (ms17-010/latest CVE)

MySQL interview questions

MySQL storage engine?

  1. InnoDB: mainstream storage engine. Support transactions, support row locks, support non-locking reads, support foreign key constraints

  • Provides MySQL with a transaction-safe (ACID-compliant) storage engine with commit, rollback, and crash recovery capabilities. InnoDB locks at the row level and also provides an Oracle-like non-locking read in the SELECT statement. These features increase multi-user deployment and performance. In SQL queries, you can freely mix InnoDB tables with other MySQL table types, even in the same query

  • The InnoDB storage engine maintains its own buffer pool for caching data and indexes in main memory. InnoDB organizes its tables and indexes in a logical tablespace, which can contain several files (or raw disk files). This is different from MyISAM tables, for example, where each table is stored in a separate file. InnoDB tables can be of any size, even on operating systems where file sizes are limited to 2GB

  • InnoDB supports foreign key integrity constraints. When storing data in a table, the storage of each table is stored in the order of the primary key. If the primary key is not specified when the table is defined, InnoDB will generate a 6-byte ROWID for each row, and use this as the primary key

  1. MyISAM: Fast access, does not support transactions, and is gradually eliminated

  2. MEMORY: BTREE index or HASH index. Put the data in the table in the memory, and the concurrency performance is poor. information_schema uses the engine

  3. MERGE, Archive, etc. are not commonly used

 Due to the space, I can’t fully display it. If you have a small partner who is preparing for the job interview of a network security engineer and is confused, I can share this set of interview questions with you, hoping to help you get your favorite offer. !

Guess you like

Origin blog.csdn.net/yinjiyufei/article/details/130200936
Recommended
Ranking
[Algorithm] greedy _ program scheduling issues
Spring 控制反转(IOC)
Data structure-6.6 figure
Indicates that the class or member method has abstract properties
Huawei v5 server installed Linux operating system
Postgresql source code analysis - creating ordinary tables
Chapter 10 Evaluation Classification Results
Cloud service Ubuntu 20.04 version uses Nginx to deploy static web pages
Java Exercise 17.1
Solve the problem that git cannot automatically push submission in IDEA Push failed: Failed with error: Could not read from remote repository.
Daily
More
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)

Code World

© 2018 codetd.com