Categories
Uncategorized

Interview with a Google Certified Cloud Architect: Frequently Asked Questions

As technology advances, cloud computing has become more important and a part of our daily lives. There are many cloud providers available, including AWS, Microsoft Azure and GCP. Google Cloud Platform (GCP), however, is a popular cloud computing platform. This is due to its easy-to-use tools, and services. Professionals who can work in GCP are more in demand due to the increased use of GCP. A Cloud Architect is one such professional. A Cloud Architect plays a critical role in the development of an organization’s computing strategy. The primary responsibility of a Cloud Architect is to provide cloud infrastructure expertise to development teams. They provide expert guidance to development teams within an organization and manage cloud environments. Here are some frequently asked questions for a Google Certified Cloud Architect interview:
Question 1: Name some cloud service providers.
Answer: These cloud service providers are the best and most rapidly growing for Business-to-Business data analytics, AI and other services.
Amazon Web Services
Google Cloud Platform
Microsoft Azure
IBM Cloud
Snowflake
Salesforce
DataRobot
Oracle Cloud
Question 2: How can large data transfers be speeded up on the cloud?
Answer: The hybrid protocol, also known by Accelerated File Transfer Protocol or AFTP, is one of the best ways to transfer large files to the cloud. This protocol can increase file transfer speeds up to 100% using a TCP/UDP combination. Poor network conditions can sometimes hinder you from fully utilizing the big data cloud computing potential. This issue can be solved by using portable storage devices to store data and not using the internet to transfer files.
Question 3: Discuss the strategy to migrate cloud applications.
Answer: It all depends on the architecture and current licensing arrangements. These are some of the most important cloud migration strategies:
Using the cloud to detail the company’s goals
Recruting the best professionals
Conducting a detailed business and technical analysis of current environment, applications, infrastructure, and infrastructure
Choosing cloud distributors
The development of a cloud framework
Use migration models like Lift and Shift and Rearchitect to make your application cloud-ready
Create a data migration strategy
Question 4: What’s the importance of API gateways?
Answer: An API gateway allows you to manage APIs between clients. It also provides a range of backend services. The API gateway acts as an intermediary, accepting all requests for application programming interfaces, aggregating the required services, and returning accurate results. API gateways allow you to decouple the client interface and the server-side execution. The API gateway splits a client’s request into multiple requests, routes them to the correct locations, generates a reply, and records everything.
Question 5: Why use subnets?
Answer: A subnet (also known as a Subnetwork) is a section of a larger network. Subnets are a logical subdivision of an IP network into multiple smaller network segments. Organizations use them to split larger networks into smaller, more efficient, subnetworks. Subnets are designed to reduce traffic by dividing large networks into smaller, interconnected networks. This reduces the need for traffic take unneeded routes, which results in faster network speeds.
Question 6: Name some cloud security best practices.
Answer: Cloud services can be used for a variety of purposes in corporate environments. They can be used to store data or to transmit it.

Categories
Uncategorized

Common Questions in a CISA Certified Role Interview

The Certified Information Systems Auditor certification (CISA), is highly sought after credential for IT risk, IT Security, and IT Auditors. Many CISA (Certified Information Systems Auditor), certified positions are available at reputable firms, such as Internal Auditor and Accountant, Accountant, Audit Assistant, Accounts Executive and Accounts Assistant, Accounts Manager and Accounts Officer, and Audit Executive. We will be discussing frequently asked questions during a CISA interview.

Interview Questions
Question 1: What is a Request for Change?
Answer: A Request for Change is a method to authorize system changes. CISA Auditors must be able recognize and respond to developments that could compromise the network’s security. The RFC keeps track all system changes, both current and past.
Question 2: What is Change Management, and how can it be applied to your organization?
Answer: Change Management is a group of professionals that are responsible for identifying the risks and impacts of system modifications. The CISA will assess security concerns related to modifications.
Question 3: What happens when a change to a system causes harm or fails to go according to plan?
Answer: The CISA and other change management personnel are responsible for calling a rollback. All modifications should include a rollback plan in case something goes wrong during deployment.
Question 4: What security measures do you have in place for unauthorized traffic protection?
Answer: Firewalls protect the internal network at the router or server levels. Antivirus protection stops viruses from being installed by antivirus protection.
Question 5: What’s the role of a CISA audit trail?
Answer: Audit trails allow you and your firm to track sensitive data systems. Audit trails are used to track who accessed the data and when. These audit trails can be used to help businesses detect unauthorized access of personal information.
Question 6: Which risk assessment is done first by an IS Auditor when performing a risk-based auditor?
Answer: Inherent Risk Assessment. Independent of an audit, inherent risk can be due to the nature of the business. To conduct an audit successfully, it is important to understand the business process. An IS Auditor must understand the business process before they can perform an audit. An IS Auditor can better understand the business process and the inherent risk.
Question 7: What’s the most important reason that audit planning should be reviewed at regular intervals?
Answer: It is important to periodically review audit planning in order to consider changes in the risk environment. Changes in the business environment, technologies and business processes can have a significant impact on audit planning.
Question 8: What’s the purpose of an IT audit?
Answer: An IT audit is primarily designed to assess existing methods of maintaining an organization’s essential information.
Question 9: What are IT General Controls exactly?
Answer: IT General Controls (ITGC), are the basic controls that apply to IT systems like databases, operating systems, applications, and other IT infrastructure. They ensure data integrity and security.
Question 10: What are the essential skills required to be an IT auditor?
Answer: These are the essential skills required to be an IT auditor:
IT risk
Management of security risks
Auditing and security testing
Standards for internal auditing
Computer security in general
Data analysis and visualization tools
Critical and analytical thinking skills
Communication skills
Question 11: How do I conduct a risk assessment?
Answer: Risk assessments can vary depending on the industry. In some industries, auditors are required to perform a pre-written risk assessment.

Categories
Uncategorized

Frequently Asked Questions during a Certified Scrum Master Interview

Scrum is a method for solving multiple adaptive problems in a creative and productive way. It also provides high-value solutions. It is used primarily in product development strategy. We will be discussing the most common questions asked in a Scrum Master interview.

Question 1. Question 1. What is the difference between Agile testing (development) and other testing (development).
Answer: The testers and developers assure that the entire testing process (development) is broken down into as many small steps as possible, with only one unit of code produced in each step. The Agile testing results have shown that the testers (developers) regularly communicate the results to their team and adjust the short-term strategy or even the development plan based on them. Agile allows for flexibility and quick modifications, which results in better results.
Question 2. Question 2.
Answer: The main distinctions can be found here:
AgileScrum * It’s a collection of principles that is incremental and iterative in character* It is suitable for projects that require a small team of professionals* The Project Manager oversees all work, and is crucial to the success of the project* There is no one in control. The Scrum Master and team deal with issues* There are no regular changes* Teams can react quickly to changes* Regular distribution to end-users is necessary* Sprints deliver usable versions to users for feedback
Question 3. Question 3.
Answer: There are three main procedures in Scrum:
Planning Meeting: The Scrum Team, along with the Scrum Master (and Product Owner), meet to discuss all items in the Product Backlog that can potentially be worked on during the sprint. Once a topic has been evaluated and is well-known by the team it is added to their Sprint Backlog.
Review Meeting: This is where the Scrum Team presents their work to customers.
Sprint Retrospective Meeting: The ScrumMaster, Scrum Team, and Product Owner gather to reflect on the sprint.
Question 4. Question 4.
Answer: There are many roles in Scrum.
Product Owner: The Product owner is responsible for enhancing the ROI by choosing product features, prioritizing them into a list, identifying the needs of the future Sprint, etc. These are often re-prioritized or changed.
Scrum Master: This person helps the team learn how to use Scrum in order to maximize business value. The Scrum Master helps remove obstacles, distract the team, and encourages them to adopt Agile principles.
Scrum Team: This is a group of people that work together to ensure that clients’ needs are met.
Question 5. Question 5.
Answer:
Product BacklogSprint backlog* It is a list that must be completed in order to develop the product. The Product Owner collects this backlog from the customer. The team then establishes the Sprint schedule. It has an end goal* The backlog is maintained until the project is complete by the Product Owner. The backlog is created by the team for each SprintQuestion 6. What is a Scrum Master? What do they do?
Answer: A Scrum Master supports the team’s use Scrum.
They are familiarized with Scrum’s principles, processes, principles, values, and theory
They ensure that the Scrum principles, principles, and practices are adhered to by the team.
They remove all distractions and obstructions from the proj

Categories
Uncategorized

Frequently Asked Questions in a Interview with a Penetration & Vulnerability Tester

Vulnerability Assessment & Penetration Testing (VAPT), a comprehensive security assessment service, is designed to identify and address cyber security weaknesses in an organization’s IT infrastructure. The most sought-after job in cyber security is VAPT. These are the most common interview questions. Make sure you fully understand them.

Interview Questions
Question 1. Question 1.
Answer: A vulnerability assessment is a quick assessment on network devices, servers and systems in order to detect critical vulnerabilities and configuration flaws that could be exploited by an attacker.
Question 2. Question 2.
Answer: A cyber-security expert attempts exploit vulnerabilities in a computer network through penetration testing. This simulate attack is used to identify any weaknesses in the defenses of a system that could be exploited by attackers.
Question 3. Question 3.
Answer:
Enterprises can gain actionable insight about security threats within the system
Businesses need VAPT
Customers often ask their providers and partners for security certificates. VAPT comes in handy here
VAPT protects data and information from unauthorized access
Question 4. Question 4.
Answer: If VPAT operations are part an enterprise, the following deliverables will keep the IT staff current on cybersecurity issues:
Executive Report
Technical Report
Real-time Dashboard

Question 5. Question 5.
Answer: Tools for vulnerability assessment
Nikto2
Netsparker
OpenVAS
w3af
OpenSCAP
Nmap
Nessus
Question 6. Who is responsible to Vulnerability Assessment?
Answer: Vulnerability Assessment is the responsibility of the Asset Owner. The Asset Owner is responsible for scanning the IT asset as part of the vulnerability management process.
Question 7. Question 7.
Answer: VAPT should always be performed in accordance to the internal change cycle, laws, and regulatory requirements.
Question 8. Question 8.
Answer: Yes. You can either do a vulnerability assessment or penetration testing.
Question 9. Question 9.
Answer: The VAPT fees are often dependent on the activity that would be completed. The estimated cost will depend on the number of devices, servers and program sizes, as well as the number of locations.
Question 10. Question 10.
Answer:
Before entering into a contract to breach security
Be aware of malware, infections, and spyware at your workstation
After significant changes are made to a website/network,
Unauthorized network activity was detected

InfosecTrain Security Testing Certification
InfosecTrain is a well-known source for IT security training and certification. It is used by both experts and customers around the world. InfosecTrain offers a variety of Penetration Testing courses.

Categories
Uncategorized

Upwork Publishes New Index to Track Demand for Amazon DynamoDB Skills. Upwork, a freelancing site, has published a new index that tracks the most sought-after skills by organizations. The index includes the Amazon DynamoDB NoSQL service. According to Upwork’s Q4 2017 Skills Index DynamoDB skills ranked No. Employer demand is at number 2 (behind only the bitcoin technology upstart). Upwork, which connects freelance workers with employers looking for different skills, said that companies are leveraging AWS to boost business growth. “Amazon DynamoDB was second in skill growth last quarter. This quarter Amazon Web Services, an Amazon.com subsidiary, also announced new capabilities for its database products at AWS Re:Invent. Amazon DynamoDB is a flexible and fast NoSQL database service that is used by more than 100,000 AWS customers. It can be used for any application that requires consistent, single-digit millisecond latency at all scales. Upwork noted that AWS had just released new encryption functionality for DynamoDB at the same time as the Upwork report. Upwork stated that there was a surge in demand for tech-savvy freelancers shortly after AWS launched a multiplatform campaign. “The campaign highlights what AWS builders can do by showing real solutions being developed by builders on huge whiteboards. Here’s the complete list of the 20 fastest-growing skills in Q4 2017, as identified by Upwork.

  • Bitcoin
  • Amazon DynamoDB
  • React native
  • Robotics
  • Go development
  • Forex trading
  • 3D rigging
  • Augmented reality
  • Computer vision
  • Penetration testing
  • Media buying
  • Chef.io
  • Shopify development
  • AngularJS development
  • Swift development
  • Video editing
  • Marketing to Influencers
  • Machine learning
  • 3D modeling
  • Motion graphics
Categories
Uncategorized

AWS Lambda Functions Now Opened up to Java

Jeff Barr, Amazon’s CEO, stated that “you will soon have the ability to write your Lambda function in Java!” He announced that the event-driven cloud computing service had been made available to production and was now in preview.
Yesterday, he declared that “soon”, is “now.”
Barr, the evangelist for Amazon Web Services Inc. (AWS), stated in a blog post that “Today we are making Lambda more useful by giving your Lambda function in Java” “We’ve received many requests for this feature and the team is delighted to be able respond.”
Functions for Lambda, which was launched as a preview last November, were previously written in Node.js. This JavaScript framework is designed for back-end, server side work.
Lambda functions are event-driven, making them an ideal fit for mobile back-end systems as well as supporting infrastructure for Web and Internet of Things (IoT). The Lambda page on AWS states that once you have created your Lambda function, it is ready to run whenever it is triggered. This is similar to a formula in spreadsheets. “Each function contains your code and some configuration information including the function name, resource requirements, and function name.”
The Lambda code may be associated with AWS resources such as storage, database or data processing stream. This allows you to respond to different events such as an image upload to storage (S3), an incoming Amazon Kinesis stream, or an update to an Amazon DynamoDB Table.
[Click on the image to see a larger view.] Authoring a Lambda Function. Source: AWS. “AWS Lambda typically executes your code within milliseconds after an event,” AWS stated. The service automatically manages your compute capacity and spins up the infrastructure to deploy your code. It then runs the code for each event. Each event is handled individually, so thousands of functions can be run simultaneously and performance remains consistent regardless of how frequent they occur.
Java 8, which was introduced last year, can be used by developers. It also includes all the Java libraries and the AWS SDK. AWS provides two libraries for Lambda, aws-lambda-java-core for function handlers and a context object, and aws-lambda-java-events for event source type definitions. You can use the AWS Toolkit to Eclipse to generate ZIP files of compiled codes and any required JAR files. AWS provides guidance on how to use the Java deployment tools Maven, Gradle and Gradle.
A Lambda FAQ states that your build process should be the same as the one used to compile Java code that relies on the AWS SDK. Run your Java compiler tool on the source files. Include the AWS SDK version 1.9 or later with transitive dependency on your classpath. Additional guidance is available for Authoring Lambda Functions with Java. Barr also gave details on the two possible approaches to authoring Lambda function, either using a stream-based low-level model or a higher level model that leverages “plain old Java objects” (or Java primitives) for the input and output objects.
Barr stated that support for programming languages other than English is possible.
Developers are charged for the number and time spent on code execution in the Lambda pay as you go pricing model. A free tier provides 1 million monthly requests and 400,000 “GB seconds” of compute time per month.

Categories
Uncategorized

AWS Lambda Functionality Expands to Other Clouds

Amazon Web Services Inc. (AWS), was the first major cloud provider to offer serverless event-driven computing with Lambda. However, two of its main competitors have since caught up and another company has announced a project that will provide Lambda functionality on other clouds.
IBM today announced OpenWhisk as a Bluemix cloud service. It’s described by IBM as “a new event-driven platform that allows developers to quickly and easily create feature-rich apps that automatically trigger events.” Lambda.
IBM claimed that the service is available for developers of mobile, web and Internet of Things (IoT). The company stated that, “it can enable mobile development teams to interface with backend logic running in the cloud without having to install server-side infrastructure or middleware.”
IBM stated that OpenWhisk is a service that provides Web developers access to cognitive and other services. It provides IoT developers access to analytical services that help them correctly react to sensor data. It can also be used to automate DevOps tasks like initiating the appropriate action when a build system indicates that a failed build has occurred.
Google Cloud Functions, another major competitor in AWS’ public cloud space, is now available in an alpha preview.
It is described by the search giant as “a lightweight event-based, asynchronous computing solution that allows you create single-purpose functions that respond directly to cloud events without having to manage a server or runtime environment.” In other words, Lambda.
Iron.io also announced Project Kratos earlier this month. “This will allow enterprises to run AWS Lambda functionality on any cloud provider as well as on premise, eliminating vendor lock in.”
The San Francisco-based company, which has been in existence for six years, is now seeking developers to join the project. Those who apply will be eligible to become beta users. Iron.io’s microservices approach to the project is a good fit.
Software development is a time-consuming and complex process that requires a variety of skills. According to the company, Al Hilwa, an IDC analyst, stated that enterprises are moving to microservices. This allows them to create small, specialized teams that work independently on evolvable software systems. “This microservices approach combined with cloud services — whether it’s a hybrid, public, or private approach — is key to fostering greater developer productivity, innovation, and enabling enterprises to stand apart in highly competitive markets.”

Categories
Uncategorized

AWS Lambda Adds. Core 2.1 Support

Amazon Web Services Inc. (AWS), announced that its Lambda service, which allows you to run programming code without the need to provision or manage servers, now supports.NET Core 2.1
Microsoft’s newest version of the.NET Framework is.NET Core. It has been modularized and made cross-platform and open sourced.
AWS Lambda supported.NET Core 2.0 in the early part of this year. Last summer, support was announced for the runtime for other coding tools.
AWS Lambda now supports.NET Core 2.1. This will be Microsoft’s Long Term Service (LTS), going forward. However, a flaw was discovered in.NET Core 2.1 which will extend the life expectancy of.NET Core 2.0.
AWS announced yesterday (July 9) that Microsoft would cease support for.NET Core 2.0 at October 1, 2018. AWS Lambda Runtime support policy will also apply to.NET Core 2.0 AWS Lambda function. After three months, you won’t be able create AWS Lambda function using.NET Core 2.0. However, you can update existing functions. Update functionality will be disabled after six months.
AWS announced that developers will now have access to new features in.NET Core 2.1. This includes a faster HTTP client. This is especially important when you integrate with other AWS services via your AWS Lambda function,” AWS stated. The post also highlights new Memory and Span language features.
You can find more information in a blog post. It said that the AWS Toolkit For Visual Studio is the best way to get started. It includes project templates for individual C# Lambda function, full C# serverless apps, and tools to publish both project types on AWS.
The.NET Core 2.1 runtime can now be found in all regions where Lambda has been available.

Categories
Uncategorized

AWS Lambda Adds Mobile Dev Features

Amazon Web Services Inc. (AWS), has moved its AWS Lambda service to full production, with new features for mobile app development.
AWS Lambda, the Amazon cloud compute service, allows developers to provide code that is executed in response events. It takes care of underlying backend details and automatically manages Amazon Elastic Compute Cloud instances (EC2).
Developers create code, called a Lambda, in the Node.js JavaScript framework. It’s executed in response events such as images uploads, notifications, and messages.
AWS Lambda, for example, can instantly create thumbnails of images that are uploaded to Amazon S3 storage.
According to the service’s Web site, “AWS Lambda typically runs code within milliseconds of an incident.” The service automatically manages your compute capacity and spins up the infrastructure to deploy your code. It then runs the code for each event. Each event is handled individually, so thousands of functions can be run simultaneously and performance remains consistent regardless of how frequent they occur.
AWS recently moved Lambda, which was first revealed as a preview at last year’s AWS reInvent conference, to full production mode. This increased the number of concurrent requests that can be submitted from 50 during the preview to 100.
Asynchronous invoke is one of the new features in the production edition. Although the preview was used by developers to create mobile apps it only used a synchronous model that wasn’t suitable for use cases where immediate action was needed with minimal latency.
Jeff Barr, a company executive, stated that the new Synchronous Invoke function “is a great fit to this use case.” In a blog post. “Lambda functions invoked in synchronous fashion using the Mobile SDK get detailed context information as part the request. They have access the following data: application data (name of build, version, package), device data(manufacturer model, platform), as well as user data (the client ID). The mobile back-end is able to respond quickly to requests because functions can be invoked in milliseconds. You can improve the app experience without worrying about hosting or scaling back end code.
AWS Lambda’s production version also includes new triggers such as Amazon Simple Notification Service notifications (SNS) notifications; AWS Mobile SDK for Android and iOS support; a simplified access system; cross-account resource access; an enhanced AWS Management console; the ability to attach multiple functions to one data processing stream; improved metrics and a simplified programming model; and many other features. You can find the complete list of new features here.
Barr promised that there would be more. Barr said, “We are just starting and we have all kinds of cool stuff in our works.” “For instance, you will soon have the ability to write your Lambda function in Java!” You’ll also be able use Lambda functions on your Cognito Datasets to intercept and resolve merge and conflict resolution events.

Categories
Uncategorized

AWS Lake Formation simplifies, automates Data Lakes for Analytics

Amazon Web Services Inc. (AWS), has made AWS Lake Formation available to all organizations, simplifying and automating the creation and management data lakes.
Data lakes are part of the Big Data analytics movement. They allow you to store data in a variety of formats and types, both structured and unstructured. This allows you to use them for business-driven analytics that is increasingly supported by machine learning.
However, in most cases, there are many manual steps required to create and manage data pools. AWS Lake Formation is designed for tasks such as cleaning, cataloging, and cataloging data while also making it available for analytics.
AWS stated in a press release that AWS Lake Formation “significantly simplifies the process and removes all the heavy lifting involved in setting up a data lakes.” AWS Lake Formation automates manual and time-consuming steps like provisioning and configuring storage and crawling the data to extract schema tags and metadata tags, optimizing the partitioning of data, and transforming data into formats like Apache Parquet or ORC that are ideal in analytics. AWS Lake Formation cleans up duplicates and improves data quality and consistency using machine learning.
[Click on the image to see a larger view.] AWS Lake Formation (source : AWS). The new service that is available in preview can be used with many other AWS services for analytics or other tasks. Amazon S3 buckets can be used for storage. For example, Amazon Redshift (data warehouse), Amazon Athena (“serverless interactive query service”) and AWS Glue (“extract, transform and load [ETL]) service). Over the next few months, support for Apache Spark analytics with Amazon EMR and Amazon QuickSight will be available.
AWS Lake Formation is available in the US East (N. Virginia), US East(Ohio), US West, Oregon, Europe (Ireland), Asia Pacific (Tokyo), and US East (N. Virginia). There are no additional charges for AWS Lake Formation.
A blog post explains how to set up a data pool using the new service. More information can be found on the “Data Lakes and Analytics on AWS”, the “What Is a Data Lake?” site. article, a “Data Lake Foundation on AWS” quick start, and the AWS Lake Formation website which includes a FAQ.