# Interview Labs

![Interview Labs](/files/V8VjP4MnEb6IvB6ruoGN)

## Interview Labs

> **Section focus:** Interview Labs.\
> **Best use:** start with the section map below, then move into the deeper pages that match your role or stack.\
> **Design note:** this index was refreshed to act as a cleaner GitBook landing page instead of a plain directory listing.

### Start with these pages

| Page                                                                                                                                                                            | Why open it first                                                                                          |
| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- |
| [Interview Answer Patterns, Tactics, and Hiring-Loop Meta](/learning-labs-interview-and-templates/index-1/interview-answer-patterns-and-tactics.md)                             | Best starting point before any of the role packs below.                                                    |
| [AppSec Engineer Interview Pack (2026)](/learning-labs-interview-and-templates/index-1/appsec-engineer-interview-pack-2026.md)                                                  | 30 questions split into technical, theory, and real-world case blocks.                                     |
| [DevSecOps Engineer Interview Pack (2026)](/learning-labs-interview-and-templates/index-1/devsecops-engineer-interview-pack-2026.md)                                            | 30 questions focused on pipeline, cloud, Kubernetes, and release-plane security.                           |
| [Product Security Architect Interview Pack (2026)](/learning-labs-interview-and-templates/index-1/product-security-architect-interview-pack-2026.md)                            | Architecture-heavy interview loop with design and trade-off questions.                                     |
| [🧠 AppSec Engineer STAR Case Stories](/learning-labs-interview-and-templates/index-1/appsec-engineer-star-case-stories.md)                                                     | Four strong anonymized STAR stories that sound like real-world AppSec work.                                |
| [🧠 DevSecOps Engineer STAR Case Stories](/learning-labs-interview-and-templates/index-1/devsecops-engineer-star-case-stories.md)                                               | Four strong anonymized STAR stories centered on CI/CD, cloud, runtime, and delivery trust.                 |
| [🧪 AppSec Engineer Code and Weakness Review Drills](/learning-labs-interview-and-templates/index-1/appsec-engineer-code-and-weakness-review-drills.md)                         | Language-oriented interview drills across Python, PHP, Java, C++, SQL, and TypeScript.                     |
| [🔎 AppSec Vulnerable Code Screening Cheat Sheet by Language](/learning-labs-interview-and-templates/index-1/appsec-vulnerable-code-screening-cheat-sheet-by-language.md)       | Fast by-language cheat sheet for spotting dangerous sinks, weak constructs, and interview-worthy findings. |
| [🧪 DevSecOps Engineer Configuration and Platform Review Drills](/learning-labs-interview-and-templates/index-1/devsecops-engineer-configuration-and-platform-review-drills.md) | Ten realistic misconfiguration and platform-review exercises for CI/CD, Kubernetes, cloud, and secrets.    |
| [Live Code-Review Drills and Answer Guides](https://github.com/D3One/Product-Security-Gitbook/blob/main/14-interview-labs/live-code-review-drills-and-answer-guides.md)         | Short live-review drills with worked answers and interviewer framing.                                      |
| [Take-Home Assignments and Evaluation Guide](https://github.com/D3One/Product-Security-Gitbook/blob/main/14-interview-labs/take-home-assignments-and-evaluation-guide.md)       | Reusable take-home prompts, scoring criteria, and red flags.                                               |
| [GitLab Mock Interview Pack](/learning-labs-interview-and-templates/index-1/gitlab-mock-interview.md)                                                                           | High-value page inside **Interview Labs**.                                                                 |
| [Argo CD Mock Interview Pack](/learning-labs-interview-and-templates/index-1/argocd-mock-interview.md)                                                                          | High-value page inside **Interview Labs**.                                                                 |
| [Terraform Mock Interview Pack](/learning-labs-interview-and-templates/index-1/terraform-mock-interview.md)                                                                     | High-value page inside **Interview Labs**.                                                                 |
| [Kubernetes Security Assessment Pack](/learning-labs-interview-and-templates/index-1/kubernetes-security-assessment-pack.md)                                                    | High-value page inside **Interview Labs**.                                                                 |
| [AWS Cloud Security Assessment Pack](/learning-labs-interview-and-templates/index-1/aws-cloud-security-assessment-pack.md)                                                      | High-value page inside **Interview Labs**.                                                                 |
| [Network Policy Assessment Pack](/learning-labs-interview-and-templates/index-1/network-policy-assessment-pack.md)                                                              | High-value page inside **Interview Labs**.                                                                 |
| [Terraform and IaC Security Assessment Pack](/learning-labs-interview-and-templates/index-1/terraform-and-iac-security-assessment-pack.md)                                      | High-value page inside **Interview Labs**.                                                                 |
| [CI/CD and Runner Security Assessment Pack](/learning-labs-interview-and-templates/index-1/ci-cd-and-runner-security-assessment-pack.md)                                        | High-value page inside **Interview Labs**.                                                                 |

### Related sections

* [Snippets and Reference](/learning-labs-interview-and-templates/index/git-commit-signing-and-image-signing.md)
* [Secure Architecture Patterns](/architecture-api-crypto-and-identity/index-1.md)

***

> **Intro:** These packs are written like mock interviews or hiring loops. Each scenario is designed to reveal operating maturity, not just syntax recall.
>
> **What this page includes**
>
> * earlier mock interview packs in question-and-answer format;
> * new **assessment-style engineering labs** with snippets, misconfigurations, and worked fixes hidden under collapsible sections;
> * domain coverage centered on Kubernetes, AWS, NetworkPolicy, Terraform, CI/CD, Docker, Linux, and runner security.
>
> **Working assumptions**
>
> * the best answers explain tradeoffs, not just commands
> * a strong candidate can read broken YAML, IAM JSON, shell, HCL, or CI config and reason about risk quickly

### Packs

#### Role-based interview packs

* [Interview Answer Patterns, Tactics, and Hiring-Loop Meta](/learning-labs-interview-and-templates/index-1/interview-answer-patterns-and-tactics.md)
* [AppSec Engineer Interview Pack (2026)](/learning-labs-interview-and-templates/index-1/appsec-engineer-interview-pack-2026.md)
* [DevSecOps Engineer Interview Pack (2026)](/learning-labs-interview-and-templates/index-1/devsecops-engineer-interview-pack-2026.md)
* [Product Security Architect Interview Pack (2026)](/learning-labs-interview-and-templates/index-1/product-security-architect-interview-pack-2026.md)
* [AppSec Engineer STAR Case Stories](/learning-labs-interview-and-templates/index-1/appsec-engineer-star-case-stories.md)
* [DevSecOps Engineer STAR Case Stories](/learning-labs-interview-and-templates/index-1/devsecops-engineer-star-case-stories.md)
* [AppSec Engineer Code and Weakness Review Drills](/learning-labs-interview-and-templates/index-1/appsec-engineer-code-and-weakness-review-drills.md)
* [AppSec Vulnerable Code Screening Cheat Sheet by Language](/learning-labs-interview-and-templates/index-1/appsec-vulnerable-code-screening-cheat-sheet-by-language.md)
* [DevSecOps Engineer Configuration and Platform Review Drills](/learning-labs-interview-and-templates/index-1/devsecops-engineer-configuration-and-platform-review-drills.md)

#### New hiring-loop support pages

* [Live Code-Review Drills and Answer Guides](https://github.com/D3One/Product-Security-Gitbook/blob/main/14-interview-labs/live-code-review-drills-and-answer-guides.md)
* [Take-Home Assignments and Evaluation Guide](https://github.com/D3One/Product-Security-Gitbook/blob/main/14-interview-labs/take-home-assignments-and-evaluation-guide.md)

#### Earlier mock interview packs

* [GitLab Mock Interview Pack](/learning-labs-interview-and-templates/index-1/gitlab-mock-interview.md)
* [Argo CD Mock Interview Pack](/learning-labs-interview-and-templates/index-1/argocd-mock-interview.md)
* [Terraform Mock Interview Pack](/learning-labs-interview-and-templates/index-1/terraform-mock-interview.md)

#### New assessment-style engineering packs

* [Kubernetes Security Assessment Pack](/learning-labs-interview-and-templates/index-1/kubernetes-security-assessment-pack.md)
* [AWS Cloud Security Assessment Pack](/learning-labs-interview-and-templates/index-1/aws-cloud-security-assessment-pack.md)
* [Network Policy Assessment Pack](/learning-labs-interview-and-templates/index-1/network-policy-assessment-pack.md)
* [Terraform and IaC Security Assessment Pack](/learning-labs-interview-and-templates/index-1/terraform-and-iac-security-assessment-pack.md)
* [CI/CD and Runner Security Assessment Pack](/learning-labs-interview-and-templates/index-1/ci-cd-and-runner-security-assessment-pack.md)
* [Docker, Linux, and Ansible Security Assessment Pack](/learning-labs-interview-and-templates/index-1/docker-linux-and-ansible-assessment-pack.md)

### How to use these packs

Use them in three ways:

1. **self-test** — read the prompt, stop, and solve before opening the answer;
2. **interview prep** — rehearse aloud as if explaining to a hiring panel;
3. **team calibration** — compare how different engineers reason about the same trust-boundary problem.

### Reading note

These pages intentionally use HTML `<details>` blocks so the **prompt stays visible** while the worked answer remains hidden until needed.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.product-security.expert/learning-labs-interview-and-templates/index-1.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.