Ultimate Interview Question Pack: Linux, Nginx, MySQL, Kafka, Security & More

Linux Interview Questions (142)

Disk usage detection (shell script)

LVS load‑balancing strategies

Explain your understanding of LVS

Principles of load balancing

Components of LVS

Related LVS terminology

LVS‑NAT mode principle

LVS‑NAT model characteristics

LVS‑DR mode principle

LVS‑DR model characteristics

Comparison of three LVS load‑balancing modes

LVS scheduling algorithms

Differences between LVS and Nginx

Roles of load balancing

Nginx load‑balancing distribution strategies

What is keepalived?

Understanding of VRRP protocol

Working principle of keepalived

Causes of keepalived split‑brain

How to resolve keepalived split‑brain

How to monitor keepalived split‑brain with Zabbix

Nginx load‑balancing strategies

Nginx modules used for load balancing

Various load‑balancing implementation methods

How to achieve layer‑4 load balancing with Nginx

Common web service types

Why use Nginx?

Performance comparison of Nginx vs Apache

Composition of epoll

Differences between Nginx and Apache

Tomcat advantages and disadvantages as a web server

Tomcat three ports and their purposes

Differences between FastCGI and CGI

Common Nginx commands

Definition and differences of reverse proxy vs forward proxy

Differences among Squid, Varnish, and Nginx

How Nginx processes HTTP requests

Nginx virtual host types

How Nginx performs backend health checks

Apache Worker vs Prefork differences

Tomcat default port and how to modify it

Tomcat working mode

Tomcat request processing flow

How to monitor Tomcat memory usage

Nginx optimization experiences

Tomcat optimization experiences

Nginx session synchronization issues

Nginx common modules

Nginx common status codes

Website access flow

TCP three‑way handshake and four‑way termination

Dynamic vs static resources

Maximum concurrency supported by worker processes

Differences between Tomcat and Resin

What is gray‑release deployment?

IP access statistics analysis using Nginx logs

Differences between various Nginx versions

Latest Nginx version

Nginx access module interview questions

Default Nginx configuration file

Location directive rules

How to configure Nginx anti‑hotlinking

Differences between DROP, DELETE and TRUNCATE

MySQL master‑slave principles

Issues in MySQL master‑slave replication

MySQL replication methods

Causes and solutions for master‑slave lag

Methods to detect master‑slave lag

Forgotten MySQL root password recovery

MySQL data backup methods

InnoDB characteristics

Difference between varchar(100) and varchar(200)

Major MySQL index types

Typical NoSQL products, features and scenarios

MySQL security hardening measures

Binlog work modes and characteristics

Recovering from master failure in a multi‑slave setup

MyISAM vs InnoDB differences (at least five points)

Website slowdown analysis and database‑related solutions

xtrabackup backup, incremental backup and recovery principles

Recovering dropped data with xtrabackup

Master‑slave data consistency verification

Number of MySQL logs

Binlog log formats and differences

Handling MySQL CPU usage spikes up to 500%

Is Redis single‑threaded or multi‑threaded?

Common Redis versions

Redis use cases

Common Redis data structures

Redis persistence methods

Redis master‑slave replication principle

Redis Sentinel mode principle

Differences between Memcached and Redis

Redis architectural patterns

Cache avalanche, cache penetration, cache breakdown

Why Redis is so fast

Memcached application scenarios and characteristics

Memcached authentication method

MongoDB overview and advantages

MongoDB use cases

Kafka ISR, AR meanings and scaling

Kafka broker role and necessity of Zookeeper

Kafka follower‑leader data synchronization

Reasons for Kafka high speed

Kafka message loss and duplicate consumption

Why Kafka does not support read‑write separation

What is a consumer group?

Kafka terminology

Kafka suitable scenarios

Kafka write flow

Zabbix components

Zabbix two monitoring modes

General monitoring system workflow

Zabbix worker processes

Zabbix common terminology

Custom discovery in Zabbix

WeChat alert configuration

Zabbix client batch installation

Zabbix distributed deployment

Zabbix proxy usage scenarios

Prometheus working principle

Prometheus components

ELK workflow

Logstash input sources

Logstash architecture

ELK related concepts

Elasticsearch common plugins

Zabbix monitored parameters

MySQL sync vs semi‑sync

CI/CD and K8s monitoring metrics

K8s log monitoring methods

K8s Service vs Ingress differences

K8s component overview

TCP/IP protocol overview

Understanding of CDN

Nginx Interview Questions (40)

What is Nginx?

List some features of Nginx.

Differences between Nginx and Apache.

Explain how Nginx handles HTTP requests.

How to block requests using undefined server names?

Advantages of using a reverse proxy server.

Best use cases for Nginx servers.

Explain the Master and Worker processes in Nginx.

How to run Nginx on a non‑standard port?

Can Nginx error pages be replaced with 502/503?

How to preserve double slashes in URLs?

Purpose of ngx_http_upstream_module.

What is the C10K problem?

Functions of stub_status and sub_filter directives.

Does Nginx support compressing requests to upstream?

How to obtain the current time in Nginx?

Purpose of the -s option in Nginx.

How to add modules to Nginx?

Why use Nginx?

Reasons for Nginx high performance.

How does Nginx process requests?

Difference between forward and reverse proxy.

Benefits of reverse proxy servers.

Nginx advantages and disadvantages.

Nginx application scenarios.

Nginx directory structure.

Key modules in nginx.conf.

Nginx static resources.

How Nginx solves front‑end cross‑origin issues.

Configuring Nginx virtual hosts.

Purpose of the location directive.

How to implement rate limiting.

Token bucket vs leaky bucket algorithms.

Why separate static and dynamic content.

How Nginx achieves static‑dynamic separation.

Nginx load‑balancing algorithms and strategies.

Configuring high availability in Nginx.

How Nginx blocks inaccessible IPs.

How to restrict browser access.

What is the rewrite global variable?

Network Security Interview Questions (93)

What is SQL injection?

What is XSS?

What is CSRF?

What is a file upload vulnerability?

DDoS attacks.

Important protocol distribution diagram.

ARP protocol working principle.

What is RARP? Working principle.

What is DNS? How does DNS work?

What is RIP? How does RIP work?

RIP disadvantages.

OSPF protocol and its operation.

Differences between TCP and UDP.

Three‑way handshake and four‑way termination; why TCP needs three‑way handshake.

GET vs POST differences.

Cookies vs session differences.

Session working principle.

Complete HTTP request process.

HTTPS vs HTTP differences.

OSI seven‑layer model.

HTTP long‑connection vs short‑connection.

How TCP ensures reliable transmission.

Common HTTP status codes.

What is SSL? How does HTTPS ensure security?

How to protect public keys from tampering.

PHP absolute path bypass methods.

Common penetration tools and the most used one.

XSS blind attack against internal servers.

Spearfishing and watering‑hole attacks.

What is VM escape?

Man‑in‑the‑middle attacks.

TCP three‑way handshake process.

Seven‑layer model.

Understanding of cloud security.

Do you know WebSocket?

DDoS and CC attacks differences.

What is a LAND attack?

Information gathering methods.

What is CRLF injection?

Preventing XSS from front‑end and back‑end perspectives.

How to secure a port.

Webshell detection ideas.

What is GPC and how to bypass it.

Common web encryption algorithms.

Beyond stealing cookies, what can XSS do?

Network hijacking by ISPs or others.

DNS spoofing.

Buffer overflow principles and defenses.

Network security incident response.

Internal enterprise security.

Testing a product before launch from multiple angles.

Dealing with unfixable vulnerabilities in production.

CSRF protection methods.

File upload bypass techniques.

Captcha exploitation points.

What to test in cookies.

Typical business logic vulnerability types.

File inclusion vulnerabilities.

Business logic vulnerability example: arbitrary password reset.

Ideas for testing a zip‑only upload feature.

Why ASPX webshells have higher privileges than ASP.

How to bypass open‑basedir restrictions.

Common backdoor methods.

Python standard libraries.

Reverse TCP vs bind TCP differences.

OAuth authentication issues and related vulnerabilities.

How to obtain real IP from a CDN‑protected site.

Cross‑origin implementation methods.

JSONP vs CORS cross‑origin differences.

Common sorting algorithms.

SSRF exploitation.

Common backdoor techniques.

Open‑basedir bypass methods.

Pitfalls in PHP code auditing.

Blue‑team counter‑attack scenarios.

How attackers hide Linux cron jobs.

Common Redis unauthenticated get‑shell methods.

JWT attack techniques (header, payload, signature).

Java middleware vulnerabilities examples.

DNS exfiltration usage.

Middleware vulnerability summary.

Privilege escalation ideas for Windows vs Linux.

Python frameworks and associated vulnerabilities.

Differences between mini‑program penetration and regular penetration.

App vulnerability testing components.

IDS/IPS protection principles and bypass ideas.

JSON CSRF exploitation.

Vulnerabilities detectable in JSON payloads.

Internal network information gathering.

How to probe other internal machines after compromising one.

To obtain the complete PDF containing all these questions and answers, scan the QR code below and send the secret phrase "【大厂面试题】". The resource will be provided for free.