Information Security Officer Question:
Download Questions PDF

Suppose if you were a site administrator looking for incoming CSRF attacks, what would you look for?

Answer:

This is a fun one, as it requires them to set some ground rules. Desired answers are things like, “Did we already implement nonces?”, or, “That depends on whether we already have controls in place…” Undesired answers are things like checking referrer headers, or wild panic.

Download Information Security Professional Interview Questions And Answers PDF

Previous QuestionNext Question
Explain cryptographically speaking, what is the main method of building a shared secret over a public medium?Tell me what is an easy way to configure a network to allow only a single computer to login on a particular jack?