Sample Answer
In most backend services I’ve built, I separate authentication and authorization pretty cleanly. For authN, I usually rely on an identity provider (Cognito/Auth0/Keycloak or an internal service) and use short‑lived JWT access tokens plus long‑lived refresh tokens. For web apps, I prefer HTTP‑only secure cookies with SameSite=strict, even if the cookie just stores a reference to a session in Redis. For authZ, I start simple with role‑based access (admin, support, customer) but usually evolve to permission/claim‑based checks at the service layer. For example, our billing service checked claims like `can_refund` and `account_id`, not just “role=admin”. That let us safely delegate limited powers to support agents and cut production escalations by about 30%. Pitfall‑wise, I watch for: storing too much data in JWTs, not rotating signing keys, missing token invalidation on logout/role changes, CSRF on cookie‑based flows, and over‑trusting client‑side checks. I also enforce TLS everywhere and use rate limiting on login and token endpoints.
Keywords
Based on your hydrology and irrigation engineering background, explain how you would estimate the irrigation water requirement for a kharif crop in a semi-arid region of Gujarat. Walk me through each step: from reference evapotranspiration estimation, crop coefficient selection, effective rainfall calculation, to arriving at canal discharge for a given command area.
In your civil engineering studies, what specific design coursework or project work did you complete related to irrigation channels or canals (e.g., design of lined/unlined canals, distributaries, minors)? Describe one such design in detail, including how you determined discharge, permissible velocity, section dimensions, and lining choice for Gujarat-type soil and climate conditions.
Walk me through a recent multi-channel digital marketing campaign you managed end-to-end. How did you set objectives, choose channels, allocate budget, and measure success?
In your resume you note improving or optimizing [a process, KPI, or metric]. What specific baseline metrics did you start from, what steps did you personally take, and how did you verify that the improvement was due to your changes rather than external factors?
On your resume you mention working on a cross-functional project (e.g., involving multiple teams or stakeholders). Describe a situation from that project where priorities conflicted—how did you navigate the trade-offs and what was the final outcome?