InterviewStack.io LogoInterviewStack.io

Cloud Security and Governance Questions

Covers securing cloud environments and establishing governance and cost control practices. Core technical areas include identity and access management with least privilege, role and policy design, encryption at rest and in transit, virtual private cloud and network segmentation, security groups and firewall rules, key management services, logging and centralized audit trails, monitoring and alerting, compliance frameworks and controls mapping for regulations such as GDPR and CCPA, data governance (classification, retention, access control), and secure design of data pipelines. Also includes cloud cost management and optimization techniques such as tagging and resource organization, budgeting and alerting, rightsizing and autoscaling, reserved and committed capacity, storage lifecycle policies and data tiering, cost-aware architecture patterns, and operational processes for balancing security, compliance, and cost.

MediumTechnical
0 practiced
Design a secrets management policy for data pipelines: compare storing secrets in environment variables, in code/config repositories, and in managed secret stores (like AWS Secrets Manager/GCP Secret Manager). Recommend best practices for rotation, access control, and auditing for automated ETL jobs.
MediumSystem Design
0 practiced
Design a secure cross-account access model that allows an analytics team in Account B to query production datasets in Account A without giving them direct write or admin access. Describe roles, trust policies, data sharing patterns (e.g., cross-account read roles, data sharing services), and audit controls to ensure least privilege and traceability.
MediumTechnical
0 practiced
A managed analytics service is showing unusual query patterns suggesting potential data exfiltration (many SELECTs of specific columns, repeated downloads). As the data engineer, outline detection logic, containment actions, investigative steps, and long-term controls to prevent similar incidents.
EasyTechnical
0 practiced
Define data governance and classification in the context of a cloud data platform. How would you identify and tag PII, PHI, and low-risk analytics data across a data lake and downstream warehouses to enable access controls and lifecycle policies?
MediumSystem Design
0 practiced
Design a cost-aware architecture that supports both long-running batch ETL (large throughput) and ad-hoc interactive analytics (low-latency) while minimizing cost. Include options for separating compute tiers, autoscaling strategies, and how security and governance controls are applied consistently across tiers.

Unlock Full Question Bank

Get access to hundreds of Cloud Security and Governance interview questions and detailed answers.

Sign in to Continue

Join thousands of developers preparing for their dream job.