namishelex01/Scenario-based Interview Questions

## Scenario-based Interview Questions
What are the consequences if private keys of a Root CA gets compromised?
If you have rogue certificates of a well-known company, as an attacker, how can you use it for you own benefit?
As a security threat analyst, what will be your approach to respond to this incident? Securing Infra, servers and people!
> https://darknetdiaries.com/transcript/3/

How would you check the signature of a binary and restrict any unsigned binaries to run on a machine(Win/Linux/Mac)
> https://docs.microsoft.com/en-us/windows/win32/seccrypto/using-signtool-to-verify-a-file-signature
> (Rogue) https://blog.rapid7.com/2019/01/03/santas-elfs-running-linux-executables-without-execve/

How can I restrict the normal user to run only limited set of commands in Linux?
> https://access.redhat.com/solutions/65822

Say your frontend is running on a cloud CDN and the APIs are deployed via cloud Load balancers. The security team saw a 10X spike while monitoring the traffic but nothing went down except the portal faced some latency. As an analyst, give a not-too-brief plan about your approach to triage and respond to this incident which can be presented to the board/management.
> Different approaches depending upon how deep you can think of.

You have given a naked cloud platform(AWS/GCP/Azure). Describe your approach to make it secure for the company.

Interviewer gives you an obfuscated Powershell script and asks details what can you extract from this?
> https://neodymiumphi.sh/BlueTeamLabs-Malicious-PowerShell-Analysis/
> https://malware.news/t/deobfuscating-powershell-putting-the-toothpaste-back-in-the-tube
	What are the consequences if private keys of a Root CA gets compromised?
	If you have rogue certificates of a well-known company, as an attacker, how can you use it for you own benefit?
	As a security threat analyst, what will be your approach to respond to this incident? Securing Infra, servers and people!
	> https://darknetdiaries.com/transcript/3/

	How would you check the signature of a binary and restrict any unsigned binaries to run on a machine(Win/Linux/Mac)
	> https://docs.microsoft.com/en-us/windows/win32/seccrypto/using-signtool-to-verify-a-file-signature
	> (Rogue) https://blog.rapid7.com/2019/01/03/santas-elfs-running-linux-executables-without-execve/

	How can I restrict the normal user to run only limited set of commands in Linux?
	> https://access.redhat.com/solutions/65822

	Say your frontend is running on a cloud CDN and the APIs are deployed via cloud Load balancers. The security team saw a 10X spike while monitoring the traffic but nothing went down except the portal faced some latency. As an analyst, give a not-too-brief plan about your approach to triage and respond to this incident which can be presented to the board/management.
	> Different approaches depending upon how deep you can think of.

	You have given a naked cloud platform(AWS/GCP/Azure). Describe your approach to make it secure for the company.

	Interviewer gives you an obfuscated Powershell script and asks details what can you extract from this?
	> https://neodymiumphi.sh/BlueTeamLabs-Malicious-PowerShell-Analysis/
	> https://malware.news/t/deobfuscating-powershell-putting-the-toothpaste-back-in-the-tube