<p><pre><code> * what are certificates and what are their practical benefit (how do TLS and mTLS work on a conceptual level)
* how should you store password auth info
* what is XSS and how do you prevent it
* how to properly escape user-provided data in various contexts (sql, html, file formats and/or encodings)</code></pre>