Secure Coding mailing list archives
Questions asked on job interview for application security/penetration testing job
From: arian.evans at anachronic.com (Arian J. Evans)
Date: Sun, 22 Mar 2009 16:05:47 -0700
On Sat, Mar 21, 2009 at 2:43 PM, Matt Parsons <mparsons1980 at gmail.com> wrote:
I was asked the following questions on a job phone interview and wondered what the proper answers were.?? I was told their answers after the interview. I was also told that the answers to these questions were one or two word words.? In the beginning of next week I will post what they told me were the proper answers.?? Any references would be greatly appreciated.
Looks simple enough. Were there tricks to it? Some companies play games with these type of interviews. (Google) I empathize with brevity. Usually when people ramble too long in interviews they don't know what they are talking about (and are extra nervous because of this). So what are the word answers?
1.? What are the security functions of SSL?
Transport layer security. Asymmetric public key, symmetric private key, blah blah
2.? What is a 0 by 90 bytes error.
Error? 0x90 is NOP. A bunch of them make a good sled.
3.? What is a digital signature, Not what it is?
Authentication
4.? What is the problem of having a predictable sequence of bits in TCP/IP?
Session Prediction (leads to etc. etc.)
5.? What is heap memory?
Pooled memory dynamically allocated, no fixed-life
6.? What is a system call?
Software call to underlying OS function ( FileOpen())
7.? what is two factor authentication?
Two of something you have, know, or are -- Arian Evans "Let me issue and control a nation's money, and I care not who writes its laws" --Mayer Amchel Rothschild
Current thread:
- Questions asked on job interview for application security/penetration testing job Matt Parsons (Mar 21)
- Questions asked on job interview for application security/penetration testing job Arian J. Evans (Mar 22)
- <Possible follow-ups>
- Questions asked on job interview for application security/penetration testing job Matt Parsons (Mar 22)