This week's giveaway is in the EJB and other Java EE Technologies forum. We're giving away four copies of EJB 3 in Action and have Debu Panda, Reza Rahman, Ryan Cuprak, and Michael Remijan on-line! See this thread for details.
I will have a interview with a company which doing secure online payment transactions on next Tuesday. I applied a position as java software developer. Are there any technical security questions on the web, so I can prepare with. Please help. If I can get the job. I will bug beers for you.
I'd brush up on my security vocabulary. Even if they don't expect you to do crypto work, they'll probably want someone with some familiarity with crypto and security concepts. Here are some below, off the top of my head. Basic terms & concepts: Encryption / Decryption Cipher Hash Public key cryptography Symmetric key cryptography Eliptic curve cryptography Certificates Certificate chaining Authentication vs. Authorization
Algorithms & Protocols: DES, AES, SSL, RSA, El Gamal, Blowish, Twofish, RC2, RC4, RC5 Threats: Man-in-the-middle attack Denial-of-service attack Overwriting memory / Buffer overflow If you really want to impress them, read some basic cyrpto ideas and learn how the community uses the standard set of players: Alice, Bob, Eve, and Mallory, so you can use them in your answers.
Joined: Jan 23, 2002
Thank you mark for the advice. I very appreciated it