With 6+ years of experience in the field of security, I’ve had the opportunity to participate in numerous interviews for Security Engineering roles. Throughout these experiences, I have collected some unique and amazing questions which were asked in the interview which tests both technical knowledge and practical application.

I’m sharing a curated series of questions with answers asked in good companies such as Big 4s, Amazon, Google, Cisco, Grab etc.

1. With IDS (Intrusion Detection System), IPS (Intrusion Prevention System), and WAF (Web Application Firewall) in your architecture, how should these components be positioned in sequence?

The ideal placement should look like this :

Reason Behind :

1. The WAF is placed at the front, directly facing web traffic coming from the internet acting as first line of defense, protecting against application-layer attacks like SQLi, (XSS), and other threats.
2. Behind WAF, the IPS should be deployed as it actively monitors incoming traffic and blocks known attack patterns, protecting the system from threats like malware, DoS attacks…