Interview Questions and Answers for 'Uri' | Search Interview Question - javasearch.buggybread.com
Javasearch.buggybread.com

Search Interview Questions


 More than 3000 questions in repository.
 There are more than 900 unanswered questions.
Click here and help us by providing the answer.
 Have a video suggestion.
Click Correct / Improve and please let us know.
Label / Company      Label / Company / Text

   



Interview Questions and Answers - Order By Newest

   
 Q31. What can be done to protect the application from DDOS attack ?Security
Ans. We can set the max number of requests from a given IP or an IP range

We can set the time out so that a single request cannot hold on to resources for too long.

We can identify patterns ( like too many requests from single IP for single page ) and then block such requests.

 Help us improve. Please let us know the company, where you were asked this question :   

   Like         Discuss         Correct / Improve     DDOS  security vulnerability

 Q32. How can we protect an application from an XSS attack ?Security
Ans. By properly encoding data while persisting as well as retrieval.

 Help us improve. Please let us know the company, where you were asked this question :   

   Like         Discuss         Correct / Improve     xss attack  web security     Asked in 3 Companies

 Q33. What is a csrf token ? What is it used for ?Security
Ans. A CSRF token is a unique, secret, unpredictable value that is generated by the server-side application and transmitted to the client in such a way that it is included in a subsequent HTTP request made by the client. When the later request is made, the server-side application validates that the request includes the expected token and rejects the request if the token is missing or invalid.

CSRF tokens can prevent CSRF attacks by making it impossible for an attacker to construct a fully valid HTTP request suitable for feeding to a victim user. Since the attacker cannot determine or predict the value of a user's CSRF token, they cannot construct a request with all the parameters that are necessary for the application to honor the request.

 Help us improve. Please let us know the company, where you were asked this question :   

   Like         Discuss         Correct / Improve     csrf token.csrf attack

 Q34. Difference between XSS and CSRF ?Security
Ans. SRF attack requires an authenticated session, whereas an XSS attack doesn’t.
XSS doesn’t require any user interaction.CSRF is restricted to the actions the victim can perform.
XSS requires a vulnerability to happen, whereas CSRF relies on tricking the user to click a link or access a page.
CSRF can only send an HTTP request but cannot view the response. XSS can send and receive HTTP requests and responses to extract the required data.

 Help us improve. Please let us know the company, where you were asked this question :   

   Like         Discuss         Correct / Improve     xss attack  csrf attack  security vulnerabilities  security attack  web security     Asked in 3 Companies

 Q35. What is SameSite cookie attribute ?Security
Ans. SameSite cookie attribute is used by browsers to identify how first- and third-party cookies should be handled.

 Help us improve. Please let us know the company, where you were asked this question :   

   Like         Discuss         Correct / Improve     samesite attribute  cookie

 Q36. Is it safe to use session storage ?Javascript
Ans. Session storage can be accessed from XSS (Cross site Scripting) attacks but cookies (if set with "HttpOnly" and "Secure" flags) are more safer against these attacks.

 Help us improve. Please let us know the company, where you were asked this question :   

   Like         Discuss         Correct / Improve     session storage  security

previous 30   

Help us and Others Improve. Please let us know the questions asked in any of your previous interview.

Any input from you will be highly appreciated and It will unlock the application for 10 more requests.

Company Name:
Questions Asked: