InterviewStack.io LogoInterviewStack.io

Networking and Security Basics Questions

Covers foundational networking and security concepts that underpin secure system design and assessment. Topics include virtual private cloud design and segmentation subnets firewalls security groups network access control lists demilitarized zones differences between public and private endpoints network isolation patterns least privilege and defense in depth principles encryption at rest and in transit common authentication and authorization flows in cloud environments and high level compliance considerations such as data residency and payment card industry data security standards.

HardTechnical
29 practiced
Compare firewalls (stateful network appliances), cloud security groups, and host-based firewalls (iptables, Windows Firewall). For each, explain ideal deployment placement, scalability characteristics, performance trade-offs, and situations where each is required.
MediumSystem Design
36 practiced
Design a VPC and network segmentation approach for a multi-tenant SaaS platform that must support 1,000 tenants with strong isolation guarantees. Compare shared-vpc, per-tenant VPCs, and account-per-tenant models and recommend an architecture, explaining trade-offs in manageability, cost, and security.
HardTechnical
31 practiced
Compare and contrast the use of VPC endpoints (private link) versus NAT Gateway for outbound access from private subnets. Discuss security benefits, monitoring, pricing, scalability, and how each approach affects the ability to prevent or detect data exfiltration.
MediumTechnical
52 practiced
Create a threat model for a public API that issues OAuth tokens to browser-based clients storing tokens in local storage. Identify key threats (token theft, CSRF, replay), propose mitigations at network and application layers (CORS, SameSite, secure cookies, short token lifetimes), and explain residual risk.
MediumTechnical
37 practiced
Explain common authentication and authorization flows used in cloud environments: OAuth2 authorization code flow, OIDC, and SAML SSO. For each, describe where it fits in an enterprise SSO design and how it ties into network controls (e.g., conditional access based on network location).

Unlock Full Question Bank

Get access to hundreds of Networking and Security Basics interview questions and detailed answers.

Sign in to Continue

Join thousands of developers preparing for their dream job.