Security Engineer Mock Interview: How does the Internet work?
Video Overview & Insights
Prep for your upcoming security engineer interviews. Start free: https://bit.ly/3YlRqiO
Prep for your upcoming security engineer interviews. Start free: https://bit.ly/3YlRqiO
Ansh is a security engineer on Google's offensive security team. In this video, he answers the mock interview question, "How does the internet work?" He explains how networking, SSL, and encryption work to come together and deliver the experience we know as "the Internet."
Chapters -
Very Nice Answer Reading. Well Done :)
00:00 - Introduction
00:55 - Question
is it okay to feel like this interview was way to easy for me.
01:08 - Answer
02:56 - Follow-up questions
im cooked
12:45 - Test cases
13:10 - Interview analysis
Very Useful Content👏
Watch more security engineering videos:
Security Eng. Interview - How does the Internet work?: https://youtu.be/GM9yGj5tdHc
why explaining that much , why he not going to explain short answer. is that is needed to give that much brief answer. can anyone answer to my question
Security Eng. Interview - Design a cyber attack: https://youtu.be/IZKfZNVhItg
Security Eng. Interview - Handling malware attacks: https://youtu.be/_iswRn7qZ3Q
日本人?
Top Security Eng. Interview Questions: https://youtu.be/s4NX_YwvWuU
👉 Subscribe to our channel: http://bit.ly/exponentyt
What a load of technobabble BS, I'm a cissp and this put me to sleep. Keep is simple please. no interviewer deep dives into ssl handshakes
📷 Check us out on Instagram: http://bit.ly/exponentig
📹 Watch us on TikTok: https://bit.ly/exponenttiktok
As a 10 year network engineer, he didnt really answer the first question.
He didn't touch on the usage of ARP, Internal and External Routing, and NAT, things that in my opinion are critical to routing from point A to B and back.
ABOUT US:
Did you enjoy this interview question and answer? Want to land your dream career? Exponent is an online community, course, and coaching platform to help you ace your upcoming interview. Exponent has helped people land their dream careers at companies like Google, Microsoft, Amazon, and high-growth startups. Exponent is currently licensed by Stanford, Yale, UW, and others.
This looks like a memorisation test.
I'd rather talk about advantages of EC over RSA for example. Or the reason behind hybrid encryption schemes ...
After a job interview like like I'd lose any interest in the job offer
Our courses include interview lessons, questions, and complete answers with video walkthroughs. Access hours of real interview videos, where we analyze what went right or wrong, and our 1000+ community of expert coaches and industry professionals, to help you get your dream job and more!
That’s a very detailed and thorough answer. Maybe more than what’s asked. I would try to limit the uhs and ums because that’s what recruiters/hiring managers pay attention to. You could very much making up things, but someone who is confident, will more than likely not say um and uhs as much. Might come out a bit not as much. What I do is answer in a clear concise method. If the one interviewing asks me for more clarity im more than happy to elaborate!
More User Perspectives
Is he reading a response to the internet question?
@ssboxerI’m trying for proxy I’m 10th pass only can I survive
@saitejaanumatla962What are these question. This is basically asking him if he is an encyclopedia. Where are the critical thinking
@firewall_chroniclesAnother set of Advanced interview questions here
https://youtu.be/Z70BLVAuniQ?si=z6rj_FNHcnVav1i_
Need more of these, sadly not much security interview experience-related content is available compare to a software developer interview.
@griffin-dollar1999I have my technical interview on Monday and this video makes me feel like I’m going to totally bomb. 😢
@Sosovibes22Is DSA required as a Cybersecurity or is DSA questions asked in interview?
@anonymous_____18I interview and screen Security Engineers and Architects a few times a year. 30 years in the field.
I think these answers suffer just a a bit from being disorganized or overly technical focus in mentioning specific details (e.g. showing off or geeking out about minutia). This may be fine for distinguishing yourself at the entry level but maybe not the best path forward.
What I look for in an answer is more of an organized response, and a basic communication skill to consider the audience (interviewer) may not have your same skillset, or interest. Don't try and baffle anyone with BS (even if it is accurate). Examples of personal experience is fine but you have to connect it to the overall answer.
You could ask if they want the most technical answer (for example, explaining to a peer) or a more general answer (say for a technical manager but not expert on this topic). Have you heard the saying "if you can't explain it to a child, you don't really understand it". Talking to people outside of your skill bubble is an important skill to demonstrate.
LISTEN to the questions. ASK for clarification. CONSIDER if they want to be wowed with buzzwords and minutia or not. It is OKAY to think for 5 seconds before you answer.
Internet- better answer for a "manager", for example:
The most important thing to understand is that it is based on all the computers, networks, and data centers agreeing to standardize and use specific network technologies and protocols. Those are TCP/IP, DNS, and some Routing Protocols. This unlocks the inter-operability globally. There were many local and regional networks before the Internet, and often they were proprietary and could not communicate with each other (or did only in a limited fashion). So understanding that standardization opened the interoperability is helpful and gives us these steps:
Then there are basically five tricks that get resolved here:
1. Network Address resolution (DNS),
2. Routing across the globe (BGP, etc.),
3. Application level session (e.g. browser and webserver in sync on TCP/IP port 443 and your source port),
4. Encryption across that connection (TLS+ starts assymetric and then goes symmetric),
5. Authentication and Authorization (login, MFA, permissions, etc.).
You can spend 30 seconds on each of those tricks. Use some analogies for examples like (1) sending a letter to someone you have to know their address for the envelope. "Consider the problem this way... You can't just write "Grandma" on the envelope, but you only typed "wikipedia" into the browser... so DNS answers that problem and here is how."
(2) Your postal carrier does not know how to get to Grandma's house... but they know the "next step" e.g. get it to the local post office, which knows the "next step" and so on. That is how the letter will travel many miles based on "next step" rules. For the network we use the term "next hop". Here is how ISP's do that...
(3) Your PC and the webserver are likely running dozens of programs, processes, and connections running, lots of data to keep track of. This HTTP request has to get sorted so each side knows which application and which data to link it to. Example is calling a hospital and knowing the extension of the party you are calling, extension 443 webserver please. Webserver, this is Patient (source port) 25123, and so on. Now the applications on each side are in sync and actual conversation can happen. (i.e. you understand the problem and how the technology solves for it)
etc.
Now, if you want me to spend 5 minutes (or 60) talking deep technical about any part of that overall picture, tell me and I will. I just did that off the top of my head, and it should show. The interview is a chance for you to show that.
I am not interviewing for someone who has memorized how RSA works under the hood. If you can explain Diffie Hellman in 30 seconds and it is clear, great... I don't need 5 minutes about it, but can you give me the context of why I care? What problem does that address?
You will get plenty of "canned" questions and an HR person that asks "tell me more" when they don't understand the answers... they just want to see if you can provide some coherent answer. So figure out quickly your interviewer skillset and what they want. (that is it's own demonstration of problem solving)
Just my personal opinion, worth what you paid for it.
not really sure what "defang" means in this case..Someone can articulate? Thanks
@aussietrampThe way he explained everything that was super clear I'm still trying to get in as a sec engineer hope will get the chance as soon as possible
@RishabhLife-07Would you include PCI DSS in your courses? Also in demand is path to becoming an ISA or QSA. Thanks
@essj844very a helpfull video, I will use a white Board for explain how a handshak between the server and the client works !
@Maa3zclghlggTerrible answer on how the internet works.
@cyclonus01These are the exact question I was asked for a sec eng job. Although i was not ready, i definitely learned something out of it!
@milkteaboba3348This guy is awesome. Hired!
@Digital_opportunistI dont know if this would be a rea life job interview.
@wnalikkaThis is a phenomenal video! I wish you could interview for me
@JradandYmanAwsome really amazing, I'm a Cybersecurity Analyst, and to be honest, I'm not that good with Programming! but after seeing the video I'm really motivated and now I have a strong reason to improve my programming knowledge.
@WiredWanderer-qGreat content.
But this was more of a networking engineer interview rather than a security one.
Thanks for sharing I was wondering if google test the cybersecurity skill using a CTF or a website to validate the skills.
@h3ct0rjs