#Security

67 questions

How do you hash passwords and use the crypto module?Node.js#securityMiddle
What is CORS and how do you handle it in Node?Node.js#securityMiddle
What are key security best practices for a Node.js app?Node.js#securitySenior
How do you embed content safely with iframe and sandbox?HTML#securityMiddle
How do you handle authentication in a Next.js App Router app?Next.js#securitySenior
What are guards used for?NestJS#securityMiddle
How do you implement authentication (OAuth2/JWT)?FastAPI#securitySenior
How do you configure CORS in FastAPI?FastAPI#securityMiddle
How does Django's authentication system work?Django#securityMiddle
What security protections does Django provide?Django#securitySenior
Why and how should you use a custom user model?Django#securitySenior
How do you access a database safely with PDO?PHP#dataMiddle
How do sessions and cookies work in PHP?PHP#securityMiddle
What are key security best practices in PHP?PHP#securitySenior
How does authentication work in Laravel?Laravel#securityMiddle
How does authorization with policies and gates work?Laravel#securitySenior
How do you secure Android applications?Android#securitySenior
How do you secure React Native applications?React Native#securitySenior
How do roles and privileges work in PostgreSQL?PostgreSQL#securityJunior
How do you secure a Redis deployment?Redis#securitySenior
How do you secure RabbitMQ?RabbitMQ#securitySenior
What is AWS IAM?Cloud & AWS#securityJunior
What are security groups and how do they control access?Cloud & AWS#securityMiddle
How do IAM roles and policies work in depth?Cloud & AWS#securityMiddle
What are AWS security best practices?Cloud & AWS#securitySenior
How do you secure Docker containers?Docker & K8s#securitySenior
How do you handle secrets in CI/CD pipelines?CI/CD#securityMiddle
How do you secure CI/CD pipelines?CI/CD#securitySenior
What is application security and why does it matter?Security#securityJunior
What is the OWASP Top 10?Security#securityJunior
What is the difference between authentication and authorization?Security#securityJunior
What is SQL injection and how do you prevent it?Security#securityJunior
What is Cross-Site Scripting (XSS) and how do you prevent it?Security#securityJunior
How should passwords be stored and handled securely?Security#securityJunior
What is HTTPS and why is it important?Security#securityJunior
Why is input validation important for security?Security#securityJunior
What are basic secure coding practices?Security#securityJunior
What are common types of security attacks?Security#securityJunior
What is CSRF and how do you prevent it?Security#securityMiddle
What are common authentication mechanisms (sessions, JWT, OAuth)?Security#securityMiddle
What is encryption and how is it used?Security#securityMiddle
How do you manage secrets and credentials securely?Security#securityMiddle
How does access control work (RBAC, least privilege)?Security#securityMiddle
How do you manage security of dependencies?Security#securityMiddle
What are HTTP security headers?Security#securityMiddle
How do you design secure APIs?Security#securityMiddle
What is threat modeling?Security#securitySenior
What are key principles of secure architecture?Security#securitySenior
How do you handle security incidents and breaches?Security#securitySenior
What is a Secure Development Lifecycle (SDLC)?Security#securitySenior
What are key considerations for cloud security?Security#securitySenior
Why are security logging and monitoring important?Security#securitySenior
How do you manage sessions securely?Security#securityMiddle
What is security misconfiguration and how do you avoid it?Security#securityMiddle
How do you handle file uploads securely?Security#securityMiddle
What are key considerations for data privacy and compliance?Security#securityMiddle
What is penetration testing?Security#securitySenior
What is the Zero Trust security model?Security#securitySenior
How do you ensure AI-generated code meets your project's quality and security bar?Tech Lead#tech-leadSenior
What are the risks of giving an AI agent permission to act, and how do you limit it safely?AI-Assisted Development#aiSenior
How do you build a plugin or app with AI inside, e.g. integrating the Claude API into a WordPress plugin?AI-Assisted Development#aiSenior
What security and privacy considerations apply when sending company code to an AI tool?AI-Assisted Development#aiMiddle
How do you tell a DDoS attack apart from a natural traffic spike?Site Reliability & Operations#ddosMiddle
What are the layers of DDoS defense, and what does each handle?Site Reliability & Operations#ddosMiddle
Where and how do you configure rate limiting?Site Reliability & Operations#rate-limitingMiddle
What is the difference between Layer 7 and Layer 3/4 DDoS attacks, and why do mitigations differ?Site Reliability & Operations#ddosSenior
How would you build a DDoS incident response runbook?Site Reliability & Operations#ddosSenior