Information Security Officer Question:
Download Questions PDF

Tell me how would you implement a secure login field on a high traffic website where performance is a consideration?

Answer:

We’re looking for a basic understanding of the issue of wanting to serve the front page in HTTP, while needing to present the login form via HTTPs, and how they’d recommend doing that. A key piece of the answer should center around avoidance of the MiTM threat posed by pure HTTP. Blank stares here mean that they’ve never seen or heard of this problem, which means they’re not likely to be anything near pro level.

Download Information Security Professional Interview Questions And Answers PDF

Previous QuestionNext Question
Suppose you had to both encrypt and compress data during transmission, which would you do first, and why?Tell me you see a user logging in as root to perform basic functions. Is this a problem?