InterviewStack.io LogoInterviewStack.io

Cloud Security Fundamentals Questions

Core security principles and operational practices for cloud computing environments. Topics include the shared responsibility model and delineation of provider and customer responsibilities, identity and access management basics and least privilege, secure configuration and common cloud misconfigurations, data protection including encryption at rest and encryption in transit, key and secrets management basics, network security and segmentation, secure API design, audit logging, monitoring and alerting, cloud security posture management and automated misconfiguration detection, incident response and forensic readiness in cloud environments, governance, compliance and data residency considerations, strategies to reduce blast radius and prevent privilege escalation, and common cloud specific threats and mitigations. Candidates should be able to discuss trade offs, how to apply controls across major cloud providers, detection and mitigation strategies, and practical examples of securing cloud workloads.

MediumTechnical
71 practiced
Design a set of SIEM detection rules to identify potential privilege escalation or abuse in an AWS environment. List the log sources you would use (for example CloudTrail, CloudWatch, LDAP), example detection rules (for example, iam:PutUserPolicy followed by console login), and strategies to reduce false positives.
MediumTechnical
70 practiced
You receive an alert for a sudden CPU spike on an instance; investigation reveals outbound connections to unfamiliar external IPs and multiple child processes spawning shells. Outline the technical investigation steps you would take to determine whether the host is compromised, how to isolate it with minimal business disruption, and what forensic artifacts to preserve.
MediumTechnical
67 practiced
How would you enforce data residency controls for sensitive PII that must not leave specific regions? Describe architecture and controls across cloud accounts and regions, including preventative controls (policies, SCPs), detection controls, and how to handle third-party SaaS vendors.
EasyTechnical
53 practiced
Explain the difference between cloud security groups and network ACLs (stateless vs stateful) and provide examples of when each should be used. Include a short explanation of how you would implement microsegmentation for a three-tier web application in a VPC.
HardTechnical
69 practiced
A production managed database shows suspicious read activity at odd hours. You cannot take disk-level snapshots, but you have DB logs, backups, and read replicas. Describe a step-by-step forensic approach to determine which data was accessed and whether data exfiltration occurred. Include the use of logs, replicas, snapshots, and any provider-specific features you would leverage.

Unlock Full Question Bank

Get access to hundreds of Cloud Security Fundamentals interview questions and detailed answers.

Sign in to Continue

Join thousands of developers preparing for their dream job.