InterviewStack.io LogoInterviewStack.io

Threat Modeling and Secure System Design Questions

Applying threat modeling and structured problem solving to secure system design. Candidates should be able to decompose complex security challenges by identifying business context, critical assets, threat actors, attack surfaces, and compliance requirements. Topics include threat modeling methodologies, attacker capability and motivation analysis, risk assessment and prioritization, selection of mitigations and compensating controls, and evaluation of trade offs among security, usability, cost, and performance. Candidates should also be able to produce implementation and monitoring plans that address scalability and maintainability and to clearly explain and justify design choices and residual risk to stakeholders.

MediumTechnical
28 practiced
Construct an attack tree for a payment authorization endpoint in an e-commerce system. Include branches for credential compromise, API abuse, man-in-the-middle, database tampering, and supply-chain compromise. For each major branch provide at least two leaf nodes describing specific attack steps and propose mitigations targeted at the highest-probability leaf nodes.
MediumTechnical
27 practiced
Given the table schema: access_logs(user_id varchar, ip inet, event varchar, ts timestamptz), write a PostgreSQL query that identifies IP addresses that attempted connections to more than 50 distinct user_ids within any 10-minute window (indicating credential stuffing or scanning). Use window functions or time-bucketing in your solution and state any assumptions.
HardSystem Design
30 practiced
Design a DDoS protection architecture for a public API that normally handles 500k RPS but must be prepared for short bursts up to 5M RPS. Include edge filtering (CDN/WAF), autoscaling and rate-limiting strategies, upstream scrubbing options, caching strategies to reduce load, and SRE playbooks and escalation paths for extreme events.
EasyTechnical
31 practiced
Define 'defense-in-depth' and provide three concrete examples showing how an SRE team would implement defense-in-depth across network, host, and application layers. For each example explain what layer it protects and why layering these controls reduces overall risk.
MediumTechnical
30 practiced
Design monitoring signals and an alerting strategy to detect privilege escalation activity in a Kubernetes cluster (examples: sudden creation of clusterroles, escalations of service accounts, unexpected binding changes, or suspicious kubectl exec usage). Include which audit logs and metrics to collect, alert thresholds, and a short mitigation playbook to follow when alerts fire.

Unlock Full Question Bank

Get access to hundreds of Threat Modeling and Secure System Design interview questions and detailed answers.

Sign in to Continue

Join thousands of developers preparing for their dream job.