Deloitte Interview Questions and Answers

XSS (Cross-Site Scripting) is a type of security vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users.

• XSS attacks can be used to steal sensitive information, such as login credentials or personal data.

• Attackers can also use XSS to hijack user sessions, redirect users to malicious websites, or deface web pages.

• There are three types of XSS attacks: stored, reflected, and DO...read more

XSS stands for Cross-Site Scripting. It is a type of security vulnerability that allows attackers to inject malicious scripts into web pages.

• Reflected XSS: The injected script is embedded in the URL and executed when the victim visits the manipulated link.

• Stored XSS: The injected script is permanently stored on the target server and executed whenever the vulnerable page is accessed.

• DOM-based XSS: The vulnerability aris...read more

Network VAPT is conducted by identifying vulnerabilities in the network and testing its security measures.

• The process involves identifying potential vulnerabilities in the network infrastructure

• Penetration testing is conducted to simulate attacks and test the effectiveness of security measures

• Vulnerability assessment is done to identify weaknesses in the network

• The results are analyzed and recommendations are made to i...read more

Yes, open for fixed term hire and working from client location at Gurgaon for 3 days a week.

• Open for fixed term hire

• Willing to work from client location at Gurgaon for 3 days a week

Implemented automated testing using Selenium WebDriver and JUnit in Agile environment

• Implemented automated testing framework using Selenium WebDriver

• Utilized JUnit for test case management

• Worked in Agile environment to ensure continuous testing and integration

Pilot testing is done by a small group of users before the full release, while beta testing is done by a larger group of users. Automation testing can be used for regression testing, smoke testing, and performance testing.

• Pilot testing involves a small group of users testing the functionality in a controlled environment.

• Beta testing involves a larger group of users testing the functionality in a real-world environment.

• ...read more

Primary key uniquely identifies a record, while unique key allows only one instance of a value in a column. Query to find last id involves using ORDER BY and LIMIT.

• Primary key enforces uniqueness and not null constraint on a column

• Unique key enforces uniqueness but allows null values

• To find row with last id, use ORDER BY id DESC LIMIT 1 in SQL query

Software Testing Life Cycle (STLC) involves planning, designing, executing, and reporting on tests. Defect Life Cycle includes identification, logging, fixing, and retesting defects.

• STLC includes requirements analysis, test planning, test design, test execution, and test closure.

• Defect Life Cycle involves defect identification, defect logging, defect fixing, defect retesting, and defect closure.

• STLC ensures that the so...read more

303 status code in API means 'See Other'. PUT method is used to update data, while DELETE method is used to remove data. 3 point estimation technique in Agile is used to estimate tasks.

• 303 status code indicates that the resource can be found at a different URI and should be retrieved from there

• PUT method is used to update an existing resource in the API

• DELETE method is used to remove a resource from the API

• 3 point esti...read more

Links and labels that can be tagged to a bug in Jira

• Links: related issues, documents, websites

• Labels: priority, severity, type, status

Shell scripting is a way to automate tasks in Unix/Linux systems. Grep is used to search for specific patterns in text files. Href is not a standard Unix command.

• Shell scripting automates tasks by writing scripts in a Unix/Linux environment

• Grep command is used to search for specific patterns in text files

• Example: grep 'search_pattern' file.txt

• Href is not a standard Unix command, it may be a typo or a custom script

To resolve conflict with a team member, communication is key. Prioritize understanding, address the issue calmly, find common ground, and work towards a solution together.

• Listen to the team member's perspective and concerns

• Communicate openly and calmly about the issue

• Find common ground and areas of agreement

• Work together to find a solution that benefits both parties

• Seek input from other team members or a mediator if ne...read more

Open to relocating to Bangalore, working in night shifts, long hours, and 24X7 culture. Goal is to excel in automation testing.

• Yes, open to relocating to Bangalore and working from client's office

• Yes, open to working in night/rotational shifts

• Yes, open to working in long extendable hours or 24X7 culture

• Goal is to excel in automation testing

Code to read a CSV file into a DataFrame using PySpark

• Import necessary libraries: from pyspark.sql import SparkSession

• Create a Spark session: spark = SparkSession.builder.appName('example').getOrCreate()

• Read CSV file into DataFrame: df = spark.read.csv('file.csv', header=True, inferSchema=True)

I approach refactoring code by breaking it down into smaller tasks, identifying areas for improvement, and testing changes incrementally.

• Break down the code into smaller, manageable tasks

• Identify areas for improvement such as performance, readability, and maintainability

• Test changes incrementally to ensure functionality is not compromised

Optimizing pyspark code involves tuning configurations, using efficient transformations/actions, caching data, and leveraging partitioning.

• Tune configurations such as adjusting memory allocation, parallelism, and executor cores.

• Use efficient transformations/actions like map, filter, reduceByKey instead of groupByKey.

• Cache intermediate data using persist() or cache() to avoid recomputation.

• Leverage partitioning to optim...read more

SQL query to join employee departments with count of employees in each department

• Use JOIN to combine employee and department tables

• Use GROUP BY to group by department and COUNT() to get employee count

• Include department name and employee count in SELECT statement

Lazy evaluation in PySpark delays the execution of transformations until an action is called.

• Lazy evaluation allows PySpark to optimize the execution plan by combining multiple transformations before executing them.

• Transformations in PySpark are not executed immediately, but are stored as a directed acyclic graph (DAG) until an action is triggered.

• Examples of transformations in PySpark include map, filter, and reduceBy...read more

SQL queries can be written in PySpark code using the Spark SQL module.

• Use the SparkSession object to create DataFrames from data sources.

• Register the DataFrames as temporary tables using the createOrReplaceTempView method.

• Write SQL queries using the sql method of the SparkSession object.

• Execute the SQL queries using the DataFrame API or collect the results as a DataFrame.

Various methods include bulk insert, ETL tools, APIs, and manual entry.

• Bulk insert: Loading large amounts of data at once using SQL commands like BULK INSERT.

• ETL tools: Extract, Transform, Load tools like Informatica or Talend for automated data loading.

• APIs: Using application programming interfaces to transfer data from external sources.

• Manual entry: Manually inputting data into the database through forms or interface...read more

Redshift Spectrum is a feature in Amazon Redshift that allows users to run queries against data stored in Amazon S3.

• Redshift Spectrum extends Redshift's querying capabilities to include data stored in S3

• It allows users to query and join data across Redshift tables and S3 data lakes

• Redshift Spectrum uses Redshift's SQL engine to query data directly in S3 without the need to load it into Redshift

• It can be used to query s...read more

Different types of indexing in databases include B-tree, hash, bitmap, and full-text indexing.

• B-tree indexing is commonly used for range queries and sorting data efficiently.

• Hash indexing is used for quick lookups but not suitable for range queries.

• Bitmap indexing is efficient for low cardinality columns with repetitive values.

• Full-text indexing is used for searching text fields with natural language queries.

Experience sharing PySpark code on mobile device in Teams call

• I have experience sharing my screen on a mobile device to write PySpark code during Teams calls

• I have used the screen sharing feature in Teams to collaborate with team members on PySpark code

• I have successfully troubleshooted code issues while sharing my screen on a mobile device

Various types of documentation are created during a project, such as design documents, technical specifications, user manuals, and test plans.

• Design documents outline the architecture and functionality of the system.

• Technical specifications detail the technical requirements and constraints of the project.

• User manuals provide instructions on how to use the system.

• Test plans outline the testing strategy and procedures to...read more

I ensure optimal code quality through code reviews, performance testing, and continuous learning.

• Conduct code reviews with team members to identify and address any inefficiencies or errors

• Utilize performance testing tools to analyze code performance and make necessary optimizations

• Stay updated on best practices and new technologies through continuous learning and training sessions

Documentation for pyspark code includes code comments, README files, and API documentation.

• Code comments should explain the purpose of each function, class, and major code block.

• README files should provide an overview of the project, installation instructions, and usage examples.

• API documentation should detail the input/output parameters, data types, and usage guidelines.

Some best practices include data governance, scalability, security, and performance optimization.

• Implement data governance policies to ensure data quality and compliance.

• Design for scalability to handle growing data volumes and user loads.

• Prioritize security measures to protect sensitive data from breaches.

• Optimize performance through indexing, query optimization, and data partitioning.

Experienced Senior Analyst with a background in financial analysis and data interpretation.

• Over 5 years of experience in analyzing financial data and providing insights to drive business decisions

• Proficient in using various analytical tools and software such as Excel, Tableau, and SQL

• Strong communication skills to effectively present findings to stakeholders and senior management

• Ability to work independently and in a t...read more

Yes, I have experience working on devops.

• Implemented CI/CD pipelines using tools like Jenkins and GitLab

• Automated infrastructure provisioning with tools like Terraform

• Managed containerized applications with Docker and Kubernetes

Tags can be deployed in Jenkins using the Git plugin and in UCD using the version control system integration.

• In Jenkins, tags can be deployed by configuring the Git plugin to fetch tags from the repository.

• In UCD, tags can be deployed by integrating with the version control system and selecting the specific tag to deploy.

• Tags can be used to mark specific versions of code for deployment and tracking purposes.

I will first analyze the issue, identify the root cause, implement a temporary fix if needed, and then work on a permanent solution.

• Analyze the issue to understand the impact and severity

• Identify the root cause by checking logs, code, and configurations

• Implement a temporary fix to restore service if necessary

• Work on a permanent solution to prevent future occurrences

I would communicate with the team to understand their priorities and try to find a solution that addresses both the issue and their priorities.

• Communicate with the team to understand their priorities and constraints

• Highlight the impact of the issue on the overall project or organization

• Collaborate with team members to find a mutually beneficial solution

• Escalate the issue to higher management if necessary

The .NET Framework is a software framework developed by Microsoft that provides a large library of pre-coded solutions to common programming problems.

• Developed by Microsoft

• Provides a large library of pre-coded solutions

• Supports multiple programming languages like C#, VB.NET, F#

• Used for building Windows applications, web applications, and services

C# is a programming language developed by Microsoft for building a wide range of applications on the .NET framework.

• Developed by Microsoft

• Used for building applications on the .NET framework

• Object-oriented language

• Supports modern programming features like generics, LINQ, and async/await

• Similar to Java and C++

ASP.NET page life cycle is a series of events that occur when a page is requested, processed, and rendered.

• Page request is received by the server

• Page is initialized, controls are created and properties are set

• Page is loaded with data and events are handled

• Page is rendered to HTML and sent to the client

• Page is unloaded and resources are released

Encapsulation is the concept of bundling data and methods that operate on the data into a single unit.

• Encapsulation helps in hiding the internal state of an object and only exposing the necessary functionalities.

• It allows for better control over the data by preventing direct access from outside the class.

• Example: A class 'Car' encapsulating variables like 'model', 'year', and methods like 'startEngine()', 'accelerate()...read more

Duplicate values in a table can be deleted by using the DELETE statement with a subquery.

• Use the DELETE statement with a subquery to remove duplicate values.

• Identify the duplicate values using a SELECT statement with GROUP BY and HAVING clauses.

• Ensure to keep at least one unique record for each duplicate value.

Group by is used to group rows that have the same values into summary rows, while having is used to filter groups based on a specified condition. Union combines the result sets of two or more SELECT statements, while Union All includes duplicates.

• Group by is used with aggregate functions to group rows based on one or more columns.

• Having is used to filter groups based on a specified condition after the group by operatio...read more

Use SQL query with ORDER BY and LIMIT to select last 5 records in a table

• Use SELECT statement to retrieve data from the table

• Use ORDER BY clause to sort the records in descending order based on a column

• Use LIMIT clause to limit the number of records returned to 5

SMTP stands for Simple Mail Transfer Protocol, used for sending emails.

• SMTP is a protocol used for sending emails over the internet

• It works by using a series of commands between the email client and the email server

• The namespace for SMTP is defined by RFC 5321

• Examples of SMTP servers include Gmail's smtp.gmail.com and Outlook's smtp.live.com

I have used namespaces such as std, boost, and Eigen in my code.

• std

• boost

• Eigen

Web API is a set of rules and protocols that allow different software applications to communicate with each other over the internet.

• Web API allows different software applications to interact with each other over the internet

• It defines the methods and data formats that applications can use to request and exchange information

• Examples include RESTful APIs like Twitter API, Google Maps API, etc.

Web API allows for more flexibility, scalability, and ease of use compared to traditional web services.

• Web API supports multiple data formats like JSON, XML, etc., making it easier to work with different clients.

• Web API is more lightweight and faster compared to SOAP-based web services.

• Web API allows for better security through the use of tokens and authentication mechanisms.

• Web API is easier to integrate with modern w...read more

Securing a WEB API involves using authentication, authorization, encryption, and monitoring.

• Implement authentication mechanisms such as OAuth, JWT, or API keys to verify the identity of clients accessing the API.

• Use authorization to control access to different parts of the API based on roles and permissions.

• Encrypt sensitive data transmitted between clients and the API using HTTPS or TLS.

• Implement rate limiting, input ...read more

Authentication verifies the identity of a user, while authorization determines what actions they are allowed to perform.

• Authentication confirms the identity of a user through credentials like passwords, biometrics, or security tokens.

• Authorization controls access to resources based on the authenticated user's permissions.

• Examples include logging into a website with a username and password (authentication) and then acce...read more

JSON is lightweight, easy to read, and primarily used for web APIs. XML is more verbose, structured, and commonly used for data storage and configuration.

• JSON stands for JavaScript Object Notation, while XML stands for eXtensible Markup Language.

• JSON is more lightweight and easier to read compared to XML.

• JSON is commonly used for web APIs, while XML is often used for data storage and configuration files.

• JSON uses key-v...read more

Filters in MVC are used to perform logic before or after an action method is executed.

• Filters can be used for authorization, logging, caching, error handling, etc.

• They can be applied globally, at controller level, or at action level.

• Examples include Authorize filter for authentication, OutputCache filter for caching.

• Filters can be created by implementing specific filter interfaces or by inheriting from FilterAttribute ...read more

MVC stands for Model-View-Controller, a software design pattern used for organizing code in a structured way.

• MVC separates the application into three main components: Model (data), View (UI), and Controller (logic).

• Model represents the data and business logic, View displays the data to the user, and Controller handles user input and updates the Model.

• MVC helps in achieving separation of concerns, making code more modul...read more

Routing in MVC is the process of mapping URLs to controller actions in order to handle incoming requests.

• Routing determines which controller and action should handle a request based on the URL

• Routes are defined in the RouteConfig.cs file in ASP.NET MVC applications

• Routes can include parameters that are passed to the controller action

• Routing can be used to create user-friendly URLs

An application interacts with an API by sending requests and receiving responses containing data or actions.

• The application sends a request to the API specifying the desired action or data

• The API processes the request and sends back a response containing the requested information

• The application then uses the data or performs the action based on the response received

• Examples: a weather app fetching current weather data ...read more

API architecture refers to the design and structure of the application programming interface.

• API architecture defines how different components of the API interact with each other

• It includes the endpoints, data formats, authentication methods, and communication protocols used

• Well-designed API architecture ensures scalability, security, and ease of use

• Examples of API architectures include REST, SOAP, and GraphQL

HTTP stands for Hypertext Transfer Protocol, a protocol used for transmitting data over the internet.

• HTTP is the foundation of data communication on the World Wide Web.

• It is a request-response protocol, where a client sends a request to a server and the server responds with the requested data.

• HTTP uses TCP/IP as the underlying transport protocol.

• Common HTTP methods include GET (retrieve data), POST (submit data), PUT (...read more