Home >Common Problem >Real experience sharing: Alibaba Security Engineer (four sides)
This article will share with you what questions I was asked when I was interviewing for a security position at Alibaba. I experienced a total of one, two, three and HR interviews. Let’s take a look at them together. I hope it will be helpful to friends in need. It’s helpful~
Security Job Interview Series: Alibaba Rookie-Security Engineer
Timeline:
x Delivery Security Engineer
x 16 one side
x 23 two side
x 32 Three sides
x 50 HR side
x 53 Oral intention
x 56 Formal Intention Email
One side
Duration: 30 minutes
Self-introduction
hw’s responsibilities
hw’s achievements
Share Interesting case
What are the differences between hw’s scores and rules every year
Will you dig loopholes other than hw
The idea of code audit, the audit process
Is the code audit based on Java or PHP
Is java used a lot?
Java deserialization (differences between fastjson, log4j, and its own deserialization)
How to repair java fastjson
Repair of java native deserialization (readObject, writeObject)
The idea of black box penetration testing
Logical loopholes in retrieving passwords
Have you ever done anything related to development, writing small tools, etc.
Understand Alibaba , Rookie?
Rhetorical question
二面
Duration: 35 minutes
Self-introduction
Let me talk about my hw experience this year
What is the difference between this hw and previous years? , different from previous years, rules, attack methods, etc.
Opinions on data analysis of the supply chain
About the code from the perspective of Party A Thoughts on audit
Opinions on unauthorized vulnerabilities, from a research and development perspective
Recent security incidents and opinions (chat Spring4shell and log4shell)
Can you tell me your views on these two (in fact, the interviewer asked about security incidents and opinions, but my answer was inexplicably the principle of the vulnerability. . )
Northwestern Polytechnical University attack, what do you think about such a thing
What do you think about the Shanghai data leakage incident
Talk about your views on the security industry from Party A’s perspective, security measures, security strategies and ideas, etc.
What are your own requirements in your career plan? , what do you think if you choose to take the rookie as the offer?
Why didn’t you stay in the internship 3
Reflective question
Overall, I didn’t ask any technical questions. Most of them were about my views on certain events and issues. The interviewer introduced a lot of Rookie’s operating model, industry, etc., including work routes. The overall interview experience was very good. Good
三面
Duration: 25 minutes
Introduce yourself
Introduce internship experience and project experience
Key points for writing POC, and which products will be written for POC
Key points for fingerprint identification
What are the key factors when working on a surveying and mapping engine?
hw results of internship 3
Can you achieve this result? What are the key factors
Talk about internship 3
Reflective question
## HR interview
Duration: 40 minutesPHP Video Tutorial》《Java Video Tutorial》
The above is the detailed content of Real experience sharing: Alibaba Security Engineer (four sides). For more information, please follow other related articles on the PHP Chinese website!