Area | Security Networking |
---|---|
Phase 1 (junior, mid) | • What popular attacks on web apps do you know and how to defend against them? ◦ xss, sql injection, csrf • How would you implement user's authentication? How would you store and protect his credentials? • How does hashing work? ◦ whats a hash collision? |
Phase 2 (mid, senior) | • What are public/private keys and why do we need them? • How can developers access production DBs if they have performance problems? • Whats an OSI model? • whats CORS? • whats the difference between HTTP & UDP • how does TCP work? ◦ TLS ◦ IP • how does CDN work? |
Phase 3 (senior+) | • you have 30 services. Each service has dependencies (npm, composer, go modules, docker etc.). How do you manage security updates? • You have password field that is md5 hashed. You need it to be sha1. How do you do that?◦ extra column or schema versioning while migrating • Whats are the benefits of OAuth? How does it work? |