How to Answer: Can you tell me what the difference is between stored and reflected XSS, and the common defenses against XSS?
Advice and answer examples written specifically for a Tanium job interview.
7. Can you tell me what the difference is between stored and reflected XSS, and the common defenses against XSS?
How to Answer
To better understand why an interviewer would ask a question about an XXS script, let's examine what it is, and how you might be positioned to best answer this question. XSS, also known as Cross Site Scripting is a script that is used to attack a network or system with a malicious virus. There are two versions of this script, the first one is a stored XSS, and the other is a reflected XSS. The stored XSS is an attack that permanently injects a script on a server or database that allows the attacker to access confidential information. The reflected XSS is similar in that it also injects a malicious script into a web server or email in the form of an error. The attacker can then access confidential information after an unsuspecting victim clicks or opens up that link.
The reason the interviewer is asking this question is to see how familiar you are with XSS scripts. Many organizations make it a policy to train their employees on how to spot malicious or harmful viruses that come in the form of an email or web browser errors. Your answer to this question should address your level of expertise in this area, and what you have done to combat these attacks in the past. Mentioning that you were a part of a training program that educated employees on how to spot malicious emails and fake links will help give the interviewer a higher level of confidence in your technical abilities in this area. It also doesn't hurt if you mention some before and after improvements of how the company is doing as a result of your training initiative. This will also show that you are pro-active as well.
1st Answer Example
"When I address Cross-Site Scripting (XSS), or more specifically Stored XSS attacks, my first thought is how can I prevent future attacks from happening. Since Stored XSS attacks happen without the victim knowing they've been compromised, it's important for me to look at ways that we can inform our personnel about the various methods that attackers use to make you think that an email or browser plug-in, for example, is safe. I set up periodic informational training sessions to educate our personnel on how to spot these malicious attacks, and what to do if they come across any suspicious messages or errors. Another important part of my role is to cleanse Input validation and output sanitation."
2nd Answer Example
"Reflected XSS attacks can occur at any time, so it's important for me to educate our employees, so they don't become a victim of these unsuspecting attacks. I always take a pro-active approach to these things, and have designed a series of educational classes to educate all employees on new attacks that have been discovered, and how to respond in case they may be targeted as an unsuspecting victim. One of the many things I cover in our training sessions is to show examples of what these emails and errors look like, and how to report them as soon as you notice them. In my role, I also have to make sure that I sanitize requests from the server side scripts to further reduce or eliminate vulnerabilities."