"Mr. Li, this is the courier sent to you yesterday."
Cai Xiaowei walked into the office with a file bag and placed it on Li Yi's desk.
After putting down the courier, Cai Xiaowei was about to turn around and leave.
"Wait a minute, the file bag should contain the company's official seal and business license. Do you know the payment process for social security employees? If you don't understand, study it now." Li Yi suddenly explained.
Hearing this, Cai Xiaowei was refreshed and was considering whether to change her job. She was so excited that she almost burst into tears when she was awakened by Li Yi's words.
"Mr. Li, are you going to buy me social security?" Cai Xiaowei asked with concern.
"Yes! If I don't buy it for you, I'm afraid it won't be long before I receive my resignation letter." Li Yi looked at Cai Xiaowei and said with a smile.
"How could it be!" Cai Xiaowei smiled embarrassedly and said insincerely.
"Go get busy! Hurry up to implement the social security payment and the recruitment. I usually don't have classes on Wednesday and Thursday afternoons, so I will schedule these two days." Li Yi suggested.
"Okay!" Cai Xiaowei happily responded.
Li Yi smiled, watched Cai Xiaowei leave, and started to get busy, adding a 'safety lock' to the vulnerability scanning tool.
The function algorithm of the vulnerability scanning tool adopts many new algorithms, which is unique to any software on the market. It is unique and has great technical value. In the case of no registered patent, it is used by employees. Li Yi asked Change the vulnerability mining tool to client mode, and store important data on the server in the computer room.
The server side that provides data services for clients is configured with a 'safety lock' to protect data security.
More than a dozen functions of the client, employee permission design, vulnerability data recording, intelligent data analysis, ..., etc., all functions are covered, and in two weeks, Li Yi devoted most of his time and energy to the writing and improvement of the client.
Coming to the company today, Li Yi began to deploy the server environment and test the client.
Busy time always flies by quickly.
Unconsciously, more than two hours passed.
Cai Xiaowei appeared at the door: "Mr. Li, a candidate is here, are you free for an interview?"
"Okay, give me the resume and lead him to the conference room to wait for me." Li Yi readily responded.
"Okay!" Cai Xiaowei respectfully left her resume.
Li Yi picked up his resume and checked it.
Zhang Yang: Male, Age: 27, Height: 178, Weight: 77KG, from southern Fujian, graduated from Fuda University, computer software, proficient in: Server/Linux, database, middleware, etc., professional knowledge of operation and maintenance and security reinforcement; work Experience: 3 years, former employer: Oxi Electronics, position: safety engineer, currently resigned, ….
Job Application: Technical Manager
Li Yi took a cursory glance at the resume information, and got a general understanding of the applicant's situation.
Judging from the resume, age and ability are not a problem. I don't know what his ability is. We need to talk about it in detail.
Li Yi went to the conference room with his resume.
To be honest, this is the first time that Li Yi has formally interviewed others. As for Cai Xiaowei's interview, it was not formal. At that time, he only needed someone to help with his work.
Zhang Yang, who was waiting in the conference room, showed a look of remorse, some regrets coming to this company for an interview.
Not to mention the small size of the company, at first glance it has just opened. There are not many employees, and the halls are empty. It is basically a leather bag company.
When Zhang Yang was hesitating whether to leave, the door of the conference room was pushed open.
A young man walked in with his resume in his hand.
Come on, is this the interviewer? so young!
Have you graduated?
Given the age, the technical level is definitely not that high. Let a person with a low technical level act as an interviewer. The background of this company can be imagined.
Zhang Yang wanted to turn around and leave immediately, but out of courtesy, he held back.
"Hello, Mr. Zhang, the boss of my company - Li Yi." Li Yi noticed something from Zhang Yang's face, smiled and introduced himself.
Hearing this, Zhang Yang's complexion looked a little better.
It turned out to be the boss! This identity is definitely no problem as an interviewer, young, can only say that he has a background.
"Hello, President Li!" Zhang Yang replied.
"Mr. Zhang, you have three years of work experience. In your work, you are exposed to a lot of system loopholes!" Li Yi asked with a smile.
"Yes, system vulnerabilities are flaws in the specific implementation of hardware, software, protocols, or system security policies, which are difficult to avoid," Zhang Yang said calmly and calmly.
"Well, is it convenient for me to ask a few technical questions?" Li Yi asked with a smile.
"No problem!" Zhang Yang had no stage fright.
I have no expectations for this job, but the interview has already started. Zhang Yang would like to see what kind of questions he can ask him to become a boss at such a young age, and consider it as an interview drill!
"Horizontal unauthorized access, have you encountered this kind of loophole?" Li Yi asked with a smile
"It is very common that unauthorized access is a vulnerability caused by a design flaw in "data-based access control"..." Zhang Yang replied. UU Reading
"Yeah! Yes, if it were you, how would you overstep your defense level!" Li Yi nodded with a smile, and then asked.
"There are several defense methods. 1. The login credentials must be verified at all times. .
Li Yi nodded, Zhang Yang's answer was very specific and the foundation was solid.
"If you get a station to be tested, what actions are you going to do?" Li Yi then asked.
Zhang Yang thought for a moment and replied, "There are several steps. The specific process is: information collection, vulnerability mining, vulnerability exploitation, privilege escalation, log cleaning, summary report, making a repair plan, ..., etc."
"mysql injection point, using a tool to directly write a sentence to the target station, what conditions are required?"
"3389 cannot be connected, what are the situations?"
"How to escape characters when breaking through injection?"
"The target station prohibits the registration of users, and the user name is entered casually when the password is retrieved, and the prompt: "This user does not exist", how do you think it can be used here?"
…
Soon, Li Yi asked one question after another, Zhang Yang's expression gradually became serious, and the speed of answering became slower and slower.
The questions asked by the other party are all very basic, but they are all-inclusive and have a wide range of knowledge.
There were some questions he couldn't answer, so he gave detailed answers to Fang Shunkou.
From the questions he asked casually, the standard answers he gave quickly, and various technical problems, Zhang Yang already understood that he had misunderstood the boss, who was a few years younger than himself, and had knowledge in system security. level higher than one level.