[Sohcahtoa82]

> On the "interviewer" side of the table, I can't tell you the number of times I've asked a question that should produce a quick, simple answer, and instead got a 5-10 minute stream-of-consciousness word salad out of the candidate.

Yup.

There's a fine line between giving a thorough answer and just vomiting up everything you know that's slightly relevant to the original question.

I do AppSec. If I'm interviewing a candidate, and I ask them what Cross-site Scripting is, then if at some point during their answer they bring up SQL Injection, that's a red flag.