Security Engineering
Cryptography
9 practice questions. Free questions open a full answer guide; the rest unlock with Pro.
- What is the difference between symmetric and asymmetric encryption, and when would you use each in a cloud context?
- When you rotate an encryption key in a cloud KMS, what happens to data that was already encrypted with the old key, and why doesn't all of it have to be re-encrypted?Go Pro
- How would you approach migrating your TLS and data-at-rest cryptography to be post-quantum ready, and why does crypto-agility matter more than picking an algorithm today?Go Pro
- How should an application store user passwords, and why is a plain hash like SHA-256 not enough?Go Pro
- Why is hashing the right tool for storing user passwords rather than encryption, and what makes a password hash strong enough today?Go Pro
- A lot of our service-to-service auth still relies on long-lived certificates and API keys that we rotate on a calendar. Walk me through why short-lived, automatically-issued credentials are a stronger model, and what the 'secret zero' problem is.Go Pro
- Explain how TLS termination at a load balancer differs from end-to-end TLS, and what are the security trade-offs?Go Pro
- Explain how envelope encryption works with a KMS, and what actually happens to your encrypted data when you rotate the key.Go Pro
- When would you use symmetric versus asymmetric encryption, and how does envelope encryption combine the two?Go Pro
Want questions matched to your role? Paste a job title, job description, or CV for a personalized set, or go Pro to unlock the full bank.