UHG

-

United Healthcare Group (UHG) Interview : Application Security

First round:
  • Explain SAST & DAST, How did you used these tools as manual or automated.?
  • How you handle the false positive cases scenario?
  • Explain SQL injection? How to prevent it.?
  • Any vulnerabilities you encountered in API security?
  • Experience in AWS cloud services like EC2, S3 bucket etc?
  • How do you create VPC in AWS? Explain the steps?
  • What is XSS attack? How to prevent it?
  • What is your approach to handle such false positive cases?
    • Use case: If you got to know from code base that some functionalities showing as false positive but app developer says that its needed from code base side.
    • Load one URL, Able to see some regular expression. role="some key"; How you convince that this is not a false positive.
    • You build tool, that tool is identified few parameters. Some set of vocab or keyword. If some regex is throwing error in code base like key=value? you report issue to developer. So as fix developer changed the regex value and string param name. What would you suggest for code quality practice to handle such kind of scenario?

Second round:
  • Have you worked on AWS? What all security services are available in AWS?
  • Explain the EC2 instance creation?
  • How do you configuration for logging and monitoring? What all native services are available in AWS?
  • Cloud trail for API security?
  • Deployment and scalability point of view what all native AWS services is available?
  • What is major project your deploying security application in AWS?
  • What is difference between AWS EC2 and Elastic beanstalk?
  • Any other cloud provider you worked like Azure or GCP?
  • Knowledge of Prisma Cloud services?
  • How you will create VPC services in AWS to security?

Comments

Post a Comment

Popular posts from this blog

Java Interview Question - New FAQs

-
1. Performance Testing & Setting up benchmarks Performance testing evaluate how a system performs under load & to setup benchmarks below steps to be noted down. Steps are: Define KPIs: Response time, throughput, CPU/memory usage etc. Identify Critical Scenarios: like login, search, submit form Use Tools: Gatling, Apache Bench, JMeter (Use to simulate 1000 concurrent users hitting a Rest API and measure the response time Baseline Measurement: Run tests under normal load to establish a baseline Load Testing: Gradually increase users to find system limits Stress Testing: Push beyond limits to see how the system fails Bench marking: Compare results against industry standards or previous releases 2. ACID properties in database It ensure the reliable transaction Atomicity : All operations in a transaction succeed or none do Consistency : DB remains in a valid state before and after the transaction Isolation : Concurrent transactions don't interfere Durability : Once commited...
Read more

Full Stack Java Developer - FAQ

-
PROJECT Explain project architecture & technologies stack used in current project?   Your current project deployment process, If its Microservices then explain its CI/CD process?   How do you scale up and down your application if its support microservice architecture?   If you worked on Jenkins then explain it job/pipeline?   What all approach you will take to track slow running application from end to end, Explain step by step?   How do you deal the difficult customer with adhoc requirement?   How will you handle pressure situation within team?   All achievements in IT career?   Anything you have learned during COVID situation last year? CORE JAVA Static method can be overloaded? Static method can be override...
Read more

DSA Interview Coding Questions

-
1] Arrays 1] Find first and second best score Example Given an array, write a function to get first, second best scores from the array and return it in new array. Array may contain duplicates. Example myArray = { 84 , 85 , 86 , 87 , 85 , 90 , 85 , 83 , 23 , 45 , 84 , 1 , 2 , 0 } firstSecond ( myArray ) // {90, 87} Solution: import java . util . Arrays ; import java . util . Collections ; public class Exercise { public static int [] findTopTwoScores ( int [] array ) { int firstHighest = Integer . MIN_VALUE ; int secondHighest = Integer . MIN_VALUE ;   for ( int score : array ) { if ( score > firstHighest ) { secondHighest = firstHighest ; firstHighest = score ; } else if ( score > secondHighest && score < firstHighest ) { secondHighest = score ; } }   return new int []{ firstHighest , secondHighest }...
Read more