当前位置:网站首页>Interview questions of a blue team of Beijing Information Protection Network
Interview questions of a blue team of Beijing Information Protection Network
2022-04-23 15:40:00 【Less than two meters tall】
Recently, I participated in the of a letter 2022 Blue guard interview , I feel there is a big gap between the safety clothing work and the net protection blue team . Many of the questions raised by the interviewer are half solved . Today, I will sort out the topic of net protection , It's convenient for me to take the time to repeat and summarize the special problems .
Sort out the questions as follows :
1. Introduce yourself , Master skills and direction , Job content
2. common web Know what vulnerabilities
3. What are the functions of error reporting injection
4.updatexml What is the error reporting principle ;floor What is the principle of function error reporting
5. What is the principle of secondary injection ; What is the principle of Stack Injection ;
6. How to prevent sql Inject ;sql Injection disposal methods and repair suggestions
7.CSRF Vulnerability principle and repair method
8. common web Bug fixes ; What other bug fixes do you know
9. common web What is middleware
10. Let me talk about it. weblogic What are they? CVE
11.fastjson Loophole principle
12.shiro Principle of deserialization vulnerability , How to determine shiro frame ?
13. What other frameworks do you know ? What are the vulnerabilities of the framework ? How to repair ?
14.thinkphp There are some loopholes in the framework
15. What emergency experience do you have ? What are the emergency ideas ?
16. Flow analysis method ? Flow analysis ideas ?
17. See that the traffic log has scanning behavior , How to determine the authenticity of the source ip Address ?
18. How many domain contacts ? How much do you know about intranet ?
19. Talk about an intranet idea 、 Experience
20. Have you ever taken an emergency environment
21.OWASP TOP10 What are they? ?
22. XXE Is it right? TOP10?
23. What are the loophole shooting ranges ?
Probably remember so much , Others can't remember clearly .
Overall process : Call and make an appointment , Join Tencent Conference , Two interviewers met me alone , From the above answers, extend and expand , The total interview time is nearly half an hour . I'm a big girl. I got on the car head once , A little nervous , Many problems touch the blind spot of knowledge , The question is quite elaborate , An uncertainty can determine my level .....
summary
Originally, my personal expectation was that I prefer how to fight when I encounter loopholes , But the interview questions are more inclined to the underlying principles and repair methods ; Personal work tends to penetrate 、 Missing cleaning and other clothing work , The safety net is more inclined to emergency 、 Flow analysis and traceability methods . As for the blue team work, I personally think it is to look at the flow equipment to study and judge the alarm content , But two interviewers asked how to do domain and Intranet ........( Waldfa )
Some helplessness , But I also gained a lot of knowledge and experience , Now I have time to repeat the above framework , Although it has been done before, but the answer is not complete, it still shows that there are problems , There is still room for improvement .
The result of this interview is temporarily unknown , If successful, make persistent efforts , If you fail, learn from your experience , Keep an ordinary heart . The road of network security is blocked and long , Heroes work harder .
版权声明
本文为[Less than two meters tall]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/04/202204231535026132.html
边栏推荐
- Upgrade MySQL 5.1 to 5.611
- PHP operators
- Cookie&Session
- Code live collection ▏ software test report template Fan Wen is here
- WPS品牌再升级专注国内,另两款国产软件低调出国门,却遭禁令
- What role does the software performance test report play? How much is the third-party test report charged?
- 网站建设与管理的基本概念
- Explanation of redis database (III) redis data type
- Codejock Suite Pro v20. three
- Go语言条件,循环,函数
猜你喜欢
山寨版归并【上】
cadence SPB17.4 - Active Class and Subclass
Mysql database explanation (8)
2022年中国数字科技专题分析
For examination
Deep learning - Super parameter setting
Multi level cache usage
Demonstration meeting on startup and implementation scheme of swarm intelligence autonomous operation smart farm project
Cookie&Session
一刷314-剑指 Offer 09. 用两个栈实现队列(e)
随机推荐
山寨版归并【上】
Openstack command operation
Mysql database explanation (VII)
regular expression
通过 PDO ODBC 将 PHP 连接到 MSSQL
Codejock Suite Pro v20.3.0
fatal error: torch/extension. h: No such file or directory
Upgrade MySQL 5.1 to 5.68
Special analysis of China's digital technology in 2022
一刷314-剑指 Offer 09. 用两个栈实现队列(e)
时序模型:门控循环单元网络(GRU)
【AI周报】英伟达用AI设计芯片;不完美的Transformer要克服自注意力的理论缺陷
How to test mobile app?
软件性能测试报告起着什么作用?第三方测试报告如何收费?
Connect PHP to MSSQL via PDO ODBC
JSON date time date format
一刷312-简单重复set-剑指 Offer 03. 数组中重复的数字(e)
导入地址表分析(根据库文件名求出:导入函数数量、函数序号、函数名称)
控制结构(一)
移动app软件测试工具有哪些?第三方软件测评小编分享