Information Security Officer Question: Download Questions PDF
Suppose if you were a site administrator looking for incoming CSRF attacks, what would you look for?
This is a fun one, as it requires them to set some ground rules. Desired answers are things like, “Did we already implement nonces?”, or, “That depends on whether we already have controls in place…” Undesired answers are things like checking referrer headers, or wild panic.
Download Information Security Professional Interview Questions And Answers PDF