How to Answer: Can you explain what a public and private key is in the world of public-key cryptography, and which key is used for which function?
Advice and answer examples written specifically for a Tanium job interview.
25. Can you explain what a public and private key is in the world of public-key cryptography, and which key is used for which function?
How to Answer
In an age where companies face breaches and intrusions on a daily basis, they need to make sure that their intellectual property and various confidential data is protected at every security level of the company. This is why private and public encryption and cryptography is implemented to safeguard that information.
Here's a great opportunity to craft a response that showcases your knowledge about public and private keys, and taking it a step further to give an example of how each key is used and for which function. Without going too deep, the hiring manager wants to hear you articulate the definitions of each, and how well you understand them. While you describe both keys, and what they represent, it would also be helpful to the hiring manager to explain the manner in which you use them in your current role. This helps the hiring manger gauge your level of expertise, and how involved you are with cryptography in your current role.
1st Answer Example
"My experience with private and public cryptographic keys goes very deep. I use private key cryptography where a single private key can encrypt and decrypt information. I'm very mindful that this key is only to be used with management's authority and approval since the data is very sensitive to the organization. If this key were leaked to the outside, this could potentially cause irreparable damage to the company. One of the responsibilities I had was to encrypt data so that the mobile devices used by our field consultants were secure. In addition to data encryption, I was also tasked with managing the security of our internal intranet websites that were used by everyone in the company to communicate and share data."
2nd Answer Example
"Understanding that encryption uses an algorithm to transform information (data) into an unreadable format is one of the most important cryptographic elements of public and private keys. I believe that it's important to designate where private and public keys are used. Every company has safeguards in place to monitor and manage these keys so that they don't fall into the wrong hands. Anyone given this responsibility should have extensive knowledge of encryption and cryptography, with the core elements being Secure Socket Layer (SSL) and Public Key Infrastructure ((PKI) for secure online purchase transactions as well."
Anonymous Interview Answers with Professional Feedback
Anonymous Answer
Rachelle's Feedback