Post

Architect Interview Summary

Posted Updated
By Sakharam Shinde 2 min read

Veritas:

  • Managing the security posture for 3 veritas products: ASP, AMP & ITA.

ASP:

Qualys Deployment 
Qualys and JIRA integration 
SRE - Grafana Dashboards 
Journaling AutomationDoker Image, GitLab CI/CD, Terraform

ASP FedRamp

Sentinel Implementation 
Defender for Cloud 
PIM Implementation 
Image Hardening 

AMP & ITA

Vulneralability ManagementQualys deployed on AKS Clusters, Qualys and JIRA integration
Web Application FirewallAnalyse WAF Logs, Creating Workbooks
Sentinel ImplementationAdding Data Connectors, Analytics Rules, Automation Playbooks
Azure Policies 

PCI HIPAA

  • Scoping: Office Location, Data Center Location, App List, Asset List (App, DB, Storage), Diagrams (Architecture, Data Flow, Network), External IP address list
  • Network: Rules, Configuration, Ports, Protocols, Network Access List (I&O), Permissions, Backups, Change Management, Annual Reports, Sample Logs
  • Configuration Management: User Access Review, User List, Roles List, WAF, Device Encryption, Controls Implementation (for HTTP, FTP, Telnet, SSL/TLS, SSH), Configruation Scan
  • Data Encryption at Rest: Storage Location, Retention, Encrpytion Details, User List (with access), Identify Storage hold Confidential Data, Data Protection Methods (Encrpytion, Hashing, Tokenization, Hasing, etc), Key Management
  • Data Encryption in Transit: Certificates, End-to-End TLS, Public and Private Communication
  • Anti-Malware: Microsoft Defender for Cloud, Defender Agent
  • Applicatino Security: Code Review Process, Patch Levels, Upgrade Process, Advisory Alerts, Secure Software Developement Policy (CIS Benchmark, OWASP), Test Data Generation, Sample Change Requests, WAF, Duties Segregation, Logical Seperation between Prod and Non-Prod, Secure Code Training
  • Logical Acces: Password Encrpytion, User List, Permissions and its Justification, Process of User CRUD, Password Complexity, MFA
  • Physical Security: Physical Locations, User CRUD, Visitor Access, Physical Media, POS Devices
  • Logging and Monitoring: Sample Alerts, FIM, Event Logs, Moinitoring Systems, Audit Logs, Network Time Protocol, Central SysLog Server, SIEM
  • Security Testing: Internal & External Pen Test Methods and Reports, Vulnerability Scan Reports and Assessments (Annual, Quarterly), Configuration Assessment Report
  • Huam Resources: Information Security Policy, Information Security Awareness Training Material, Employee Background Checks
  • Policies and Procedures: Organization Information Security Policies, Organizational Chart and their roles, Emergency Access Evidence, Technology used for Remote Access. Ex. VPN, Data movement policy, Facility Repairs
  • 3rd Party Management: List, Compliance Documents, Incident Response Plan, Breach Notification Handling Process
  • Business Continuity Plan/Disaster Recovery: BCP/DR Plan, DR Test Results, Data Backup Procedures, Enterprise Governance
  • Risk Assessment: Risk Assesment Methodology and Reports
  • Governance & Compliance: Seperation of duties between Operation and Security Teams

FedRamp

  • System Security Plan (SSP)
  • Security Assessment Plan (SAP)
  • Security Assessment Report (SAR)
  • Plan of Action and Milestones (POA&M)
  • Continuous Monitoring Strategy & Plan
  • Role-based Training
  • Implement NIST Security Controls
  • Third-Party Assessment Organization (3PAO)
  • Authorization Package
  • Incident Reporting
  • FedRAMP Package Repository
  • Periodic Assessments
  • Engage with FedRAMP PMO (Program Management Office)
  • Policies and Procedures
interview
This post is licensed under CC BY 4.0 by the author.