Interview questions of a blue team of Beijing Information Protection Network
2022-04-23 15:40:00 【Less than two meters tall】
Recently, I participated in the of a letter 2022 Blue guard interview , I feel there is a big gap between the safety clothing work and the net protection blue team . Many of the questions raised by the interviewer are half solved . Today, I will sort out the topic of net protection , It's convenient for me to take the time to repeat and summarize the special problems .
Sort out the questions as follows ：
1. Introduce yourself , Master skills and direction , Job content
2. common web Know what vulnerabilities
3. What are the functions of error reporting injection
4.updatexml What is the error reporting principle ;floor What is the principle of function error reporting
5. What is the principle of secondary injection ; What is the principle of Stack Injection ;
6. How to prevent sql Inject ;sql Injection disposal methods and repair suggestions
7.CSRF Vulnerability principle and repair method
8. common web Bug fixes ; What other bug fixes do you know
9. common web What is middleware
10. Let me talk about it. weblogic What are they? CVE
11.fastjson Loophole principle
12.shiro Principle of deserialization vulnerability , How to determine shiro frame ？
13. What other frameworks do you know ？ What are the vulnerabilities of the framework ？ How to repair ？
14.thinkphp There are some loopholes in the framework
15. What emergency experience do you have ？ What are the emergency ideas ？
16. Flow analysis method ? Flow analysis ideas ？
17. See that the traffic log has scanning behavior , How to determine the authenticity of the source ip Address ？
18. How many domain contacts ？ How much do you know about intranet ？
19. Talk about an intranet idea 、 Experience
20. Have you ever taken an emergency environment
21.OWASP TOP10 What are they? ？
22. XXE Is it right? TOP10？
23. What are the loophole shooting ranges ？
Probably remember so much , Others can't remember clearly .
Overall process ： Call and make an appointment , Join Tencent Conference , Two interviewers met me alone , From the above answers, extend and expand , The total interview time is nearly half an hour . I'm a big girl. I got on the car head once , A little nervous , Many problems touch the blind spot of knowledge , The question is quite elaborate , An uncertainty can determine my level .....
Originally, my personal expectation was that I prefer how to fight when I encounter loopholes , But the interview questions are more inclined to the underlying principles and repair methods ; Personal work tends to penetrate 、 Missing cleaning and other clothing work , The safety net is more inclined to emergency 、 Flow analysis and traceability methods . As for the blue team work, I personally think it is to look at the flow equipment to study and judge the alarm content , But two interviewers asked how to do domain and Intranet ........( Waldfa )
Some helplessness , But I also gained a lot of knowledge and experience , Now I have time to repeat the above framework , Although it has been done before, but the answer is not complete, it still shows that there are problems , There is still room for improvement .
The result of this interview is temporarily unknown , If successful, make persistent efforts , If you fail, learn from your experience , Keep an ordinary heart . The road of network security is blocked and long , Heroes work harder .
本文为[Less than two meters tall]所创，转载请带上原文链接，感谢
- Upgrade MySQL 5.1 to 5.611
- PHP operators
- Code live collection ▏ software test report template Fan Wen is here
- What role does the software performance test report play? How much is the third-party test report charged?
- Explanation of redis database (III) redis data type
- Codejock Suite Pro v20. three
cadence SPB17.4 - Active Class and Subclass
Mysql database explanation (8)
Deep learning - Super parameter setting
Multi level cache usage
Demonstration meeting on startup and implementation scheme of swarm intelligence autonomous operation smart farm project
一刷314-剑指 Offer 09. 用两个栈实现队列（e）
Openstack command operation
Mysql database explanation (VII)
通过 PDO ODBC 将 PHP 连接到 MSSQL
Codejock Suite Pro v20.3.0
fatal error: torch/extension. h: No such file or directory
Upgrade MySQL 5.1 to 5.68
Special analysis of China's digital technology in 2022
一刷314-剑指 Offer 09. 用两个栈实现队列（e）
How to test mobile app?
Connect PHP to MSSQL via PDO ODBC
JSON date time date format
一刷312-简单重复set-剑指 Offer 03. 数组中重复的数字（e）