This is the Security learning track.
- What is a proxy? Why might that be important for security?
- What does IAM mean?
- What is the difference between a public and a private key?
- What is OAuth?
- What is JWT?
- What is /etc/shadow?
- What is X-Frame-Options doing?
- What is HTTP Strict Transport Security?
- What is KMS/Vault?
- What is TLS/SSL?
- What is Cross Site Scripting?
- How does CORS work?
- How do you tunnel a port using SSH?
- What is HTTP Basic Auth and how does it work? (is the login information encrypted?)
- What is the difference between symmetric and asymmetric encryption?
- How would you supply database credentials to a service? How would you store that information?
- What does “encryption at rest” mean?
- What is Two/Multi Factor Authentication?
- What is a bastion host?
- What does DoS/Denial of Service mean?
- How do you allow a person to log into a system via SSH?
- What does SSO/Single Sign-On mean?
- What is chmod/chown used for?
- What do you do if you see failing SSH login attempts? (john, lisa, admin, root, …)
- What do you do if you see suspicious HTTP requests? (/admin/login.php, /logs/, …)