InterviewStack.io LogoInterviewStack.io

Threat Modeling and Secure System Design Questions

Applying threat modeling and structured problem solving to secure system design. Candidates should be able to decompose complex security challenges by identifying business context, critical assets, threat actors, attack surfaces, and compliance requirements. Topics include threat modeling methodologies, attacker capability and motivation analysis, risk assessment and prioritization, selection of mitigations and compensating controls, and evaluation of trade offs among security, usability, cost, and performance. Candidates should also be able to produce implementation and monitoring plans that address scalability and maintainability and to clearly explain and justify design choices and residual risk to stakeholders.

MediumTechnical
48 practiced
Describe how you would run an efficient, 90-minute threat-modeling workshop for a cross-functional team (product, engineering, security, operations) ahead of a feature release. Provide an agenda, required pre-work, roles (facilitator, scribe, owners), artifacts to produce, methods to reach consensus on mitigations, and how to integrate results into issue tracking and CI/CD.
HardSystem Design
34 practiced
Design a multi-cloud key management approach that uses HSM-backed master keys for root operations while enabling low-latency decryption in each region. Discuss key hierarchy (data keys vs master keys), envelope encryption, replication of wrapped keys, rotation strategy, and how to maintain auditability and compliance across providers.
HardTechnical
26 practiced
You discover a high-severity vulnerability that can be remediated only by disabling a widely used feature for 48 hours, which would reduce expected revenue by approximately 10%. As an SRE lead, how do you present the options to executive stakeholders, recommend a course of action, set measurable metrics to evaluate risk reduction, and plan communications and rollback? Explain how you would make the tradeoff clear and obtain buy-in.
EasyTechnical
31 practiced
Explain the principle of least privilege and provide three concrete SRE actions to apply it in a cloud infrastructure (for example: tightly-scoped IAM policies, short-lived service identities, and minimal port exposure). For each action describe how you would validate the policy is implemented correctly.
HardTechnical
45 practiced
An attacker gains access to a developer's laptop that holds active credentials, SSH keys, and short-lived cloud tokens. As the SRE lead, outline immediate containment steps, how you would identify affected services and credentials, steps to rotate or revoke keys and tokens, evidence collection, and long-term controls to reduce probability and blast radius of such compromises.

Unlock Full Question Bank

Get access to hundreds of Threat Modeling and Secure System Design interview questions and detailed answers.

Sign in to Continue

Join thousands of developers preparing for their dream job.