Deep dive
Expanding on the short answer — what usually matters in practice:
- Context (tags): auth, authentication, authorization, security
- Scaling: what scales horizontally vs vertically, where bottlenecks appear.
- Reliability: retries/circuit breakers/idempotency, observability (logs/metrics/traces).
- Evolution: keep changes cheap (boundaries, contracts, tests).
- Explain the "why", not just the "what" (intuition + consequences).
- Trade-offs: what you gain/lose (time, memory, complexity, risk).
- Edge cases: empty inputs, large inputs, invalid inputs, concurrency.
Examples
A tiny example (an explanation template):
// Example: discuss trade-offs for "authentication-vs-authorization-—-what’s-the-dif"
function explain() {
// Start from the core idea:
// Authentication answers “who are you?” (prove identity). Authorization answers “what are yo
}
Common pitfalls
- Too generic: no concrete trade-offs or examples.
- Mixing average-case and worst-case (e.g., complexity).
- Ignoring constraints: memory, concurrency, network/disk costs.
Interview follow-ups
- When would you choose an alternative and why?
- What production issues show up and how do you diagnose them?
- How would you test edge cases?