Tricky Interview Questions?
#1
Scooby Regular
Thread Starter
iTrader: (3)
Join Date: Dec 1999
Location: UK
Posts: 13,274
Likes: 0
Received 0 Likes
on
0 Posts
Tricky Interview Questions?
I'm interviewing for a Firewall Engineer at the moment, but I'm after some tricky questions to test their ability.
I don't want the "What port does this protocol run on?" type questions, but something to test both depth and breadth.
Someone mentioned ask an more open ended question, such as "Describe how an email gets from Hotmail to your Exchange server". Then see if they understand ports, MX records, Email protocols, Email servers, etc.
Any evil questions welcome!! Oh and the answers may be useful as well!!!
I don't want the "What port does this protocol run on?" type questions, but something to test both depth and breadth.
Someone mentioned ask an more open ended question, such as "Describe how an email gets from Hotmail to your Exchange server". Then see if they understand ports, MX records, Email protocols, Email servers, etc.
Any evil questions welcome!! Oh and the answers may be useful as well!!!
#3
Scooby Regular
iTrader: (1)
Join Date: Jul 2004
Location: There on the stair
Posts: 10,208
Likes: 0
Received 0 Likes
on
0 Posts
yeesh....
What firewall? Checkpoint? ASA? ISA?
Ummm.... lemme think. How about what does packet out of sync mean?
(ack, syn, data packet and then increment cycle out of whack) How can it happen (network latency)
What does stateful inspection mean? (interogates each packets contents to ensure no malicious payload as opposed to just port filter)
You could paint a scenario of front end web server, back end database server, and have him draw up a diagram of the internal lan DMZ and what ports go where (sql to/from int/dmz and watch him miss netbios if you mention connection is via named pipes) and then HTTP outbound. Personally I just get the damn list out and make a group. No point re-inventing the wheel. If someone said this to me they would get extra credit!
Why should you NEVER allow HTTPS into the internal network ('cos the ISA / ASA whatever can't inspect the packets as they are encrypted and therefore not trusted.
Ummm.... when CAN you allow HTTPS? (when you are publishing it and the FW has the certificate installed so you CAN decrypt the packets)
What is stealth? (not even replying to port sniffers when they start probing active IP addresses)
Why are proxies important for firewalls? ('cos you limit the number of devices allowed through and therefore lower the admin overhead plus the processing overhead - that counts both inbound and outbound
Will that do for a start?
What firewall? Checkpoint? ASA? ISA?
Ummm.... lemme think. How about what does packet out of sync mean?
(ack, syn, data packet and then increment cycle out of whack) How can it happen (network latency)
What does stateful inspection mean? (interogates each packets contents to ensure no malicious payload as opposed to just port filter)
You could paint a scenario of front end web server, back end database server, and have him draw up a diagram of the internal lan DMZ and what ports go where (sql to/from int/dmz and watch him miss netbios if you mention connection is via named pipes) and then HTTP outbound. Personally I just get the damn list out and make a group. No point re-inventing the wheel. If someone said this to me they would get extra credit!
Why should you NEVER allow HTTPS into the internal network ('cos the ISA / ASA whatever can't inspect the packets as they are encrypted and therefore not trusted.
Ummm.... when CAN you allow HTTPS? (when you are publishing it and the FW has the certificate installed so you CAN decrypt the packets)
What is stealth? (not even replying to port sniffers when they start probing active IP addresses)
Why are proxies important for firewalls? ('cos you limit the number of devices allowed through and therefore lower the admin overhead plus the processing overhead - that counts both inbound and outbound
Will that do for a start?
#4
Scooby Regular
Thread Starter
iTrader: (3)
Join Date: Dec 1999
Location: UK
Posts: 13,274
Likes: 0
Received 0 Likes
on
0 Posts
Kieran,
That is spot on, thanks for that.
He claims to be an expert on Checkpoint and SonicWALL.
I have a SonicWALL instructor in my team to ensure that side, but I needed the Checkpoint skills for Stonesoft (which not everyone knows, but Checkpoint is near as damn it!) and I think your questions will help!
Thanks
Andy
That is spot on, thanks for that.
He claims to be an expert on Checkpoint and SonicWALL.
I have a SonicWALL instructor in my team to ensure that side, but I needed the Checkpoint skills for Stonesoft (which not everyone knows, but Checkpoint is near as damn it!) and I think your questions will help!
Thanks
Andy
#7
ask them to provide a situation where they were at a technical disadvantage when asked to complete a task/project. how did they use the resources around them to complete the task?
they have a chance to provide detail on initiative, management of people, lateral thinking or just integrity that they didn't know how to do this task.
they have a chance to provide detail on initiative, management of people, lateral thinking or just integrity that they didn't know how to do this task.
Trending Topics
#8
Scooby Regular
iTrader: (1)
Join Date: Jul 2004
Location: There on the stair
Posts: 10,208
Likes: 0
Received 0 Likes
on
0 Posts
Well - if it's checkpoint you want:
Where do you find the log of rule changes? (smartview tracker, audit tab)
What is the difference between static NAT and hide. How do you configure it? (host properties, nat, pull down list of options)
Why does the source port increment in the tracker logs? (it shows the session packet count - refer back to syn ack bit)
What is anti-spoofing? (packets from the wrong subnet appearing on the wrong adapter)
How do you configure Checkpoint to stop it Policy, Smart Defense, Ant Spoofing, define the subnets found behind each adapter - this is a bitch to get right!
Offers over £40K and a relocation package, and I'll accept the job
Where do you find the log of rule changes? (smartview tracker, audit tab)
What is the difference between static NAT and hide. How do you configure it? (host properties, nat, pull down list of options)
Why does the source port increment in the tracker logs? (it shows the session packet count - refer back to syn ack bit)
What is anti-spoofing? (packets from the wrong subnet appearing on the wrong adapter)
How do you configure Checkpoint to stop it Policy, Smart Defense, Ant Spoofing, define the subnets found behind each adapter - this is a bitch to get right!
Offers over £40K and a relocation package, and I'll accept the job
#9
#18
Scooby Regular
Join Date: Oct 2007
Location: Northants
Posts: 84
Likes: 0
Received 0 Likes
on
0 Posts
#19
Scooby Regular
Join Date: Jul 2006
Location: Swindon, Wilts
Posts: 912
Likes: 0
Received 0 Likes
on
0 Posts
When interviewing for technical roles one thing I always used to do was to give the candidate access to a PC with Word on it, and give him/her a scenario that required them to type a formal letter (often to a supplier, expressing concern over a faulty product and suggested remedial/compensatory action required)... whatever the scenario, it didn't matter - I was always testing a reasonable command of the English language and grammer, and common sense ability to express themselves in the written word - and to correctly formulate a formal document (in this case a properly formatted letter).
It was amazing how very 'technically intelligent' individuals simply didn't know how to write a simple letter, or couldn't spell (even with a spell checker), or who typed the entire letter as a single sentence, etc.
Worth doing something similar IMHO...
My first interview question was always "Tell me a good joke...." - which, again, gets an interesting response!
DN
It was amazing how very 'technically intelligent' individuals simply didn't know how to write a simple letter, or couldn't spell (even with a spell checker), or who typed the entire letter as a single sentence, etc.
Worth doing something similar IMHO...
My first interview question was always "Tell me a good joke...." - which, again, gets an interesting response!
DN
#20
Scooby Regular
Join Date: May 2002
Location: Liverpool
Posts: 3,229
Likes: 0
Received 0 Likes
on
0 Posts
When interviewing for technical roles one thing I always used to do was to give the candidate access to a PC with Word on it, and give him/her a scenario that required them to type a formal letter (often to a supplier, expressing concern over a faulty product and suggested remedial/compensatory action required)... whatever the scenario, it didn't matter - I was always testing a reasonable command of the English language and grammer, and common sense ability to express themselves in the written word - and to correctly formulate a formal document (in this case a properly formatted letter).
It was amazing how very 'technically intelligent' individuals simply didn't know how to write a simple letter, or couldn't spell (even with a spell checker), or who typed the entire letter as a single sentence, etc.
Worth doing something similar IMHO...
My first interview question was always "Tell me a good joke...." - which, again, gets an interesting response!
DN
It was amazing how very 'technically intelligent' individuals simply didn't know how to write a simple letter, or couldn't spell (even with a spell checker), or who typed the entire letter as a single sentence, etc.
Worth doing something similar IMHO...
My first interview question was always "Tell me a good joke...." - which, again, gets an interesting response!
DN
If I went to your interview I'd walk out!!
#21
He's making the same point I did, just because people have a long list of qualifications doesn't make them clever. It's surprising, and frankly worrying how many of today's grads have zero common sense
#22
Scooby Regular
Join Date: Dec 2002
Location: Couch Spud
Posts: 9,277
Likes: 0
Received 0 Likes
on
0 Posts
We had an interviewee put in a formal complaint to the agency because we dint wear a suit for the interview
Needless to say his CV got chucked in the bin, and it was only for a cabling job
My interview for my current job was in a Chinese Restaurant, I got aked one technical question, and told to give my descision before the Crispy Duck
I started in mid June as an engineer, to becoming senior engineer within a week, and im now Technical Manager
We interviewed again the other day, and it was mostly just banter, totally informal, we need people who we know will fit in, we can give them training on the job for the roles that we need
informal interviews are way better than formal ones, and thats coming from both sides
Needless to say his CV got chucked in the bin, and it was only for a cabling job
My interview for my current job was in a Chinese Restaurant, I got aked one technical question, and told to give my descision before the Crispy Duck
I started in mid June as an engineer, to becoming senior engineer within a week, and im now Technical Manager
We interviewed again the other day, and it was mostly just banter, totally informal, we need people who we know will fit in, we can give them training on the job for the roles that we need
informal interviews are way better than formal ones, and thats coming from both sides
#23
Scooby Regular
iTrader: (6)
We had an interviewee put in a formal complaint to the agency because we dint wear a suit for the interview
Needless to say his CV got chucked in the bin, and it was only for a cabling job
My interview for my current job was in a Chinese Restaurant, I got aked one technical question, and told to give my descision before the Crispy Duck
I started in mid June as an engineer, to becoming senior engineer within a week, and im now Technical Manager
We interviewed again the other day, and it was mostly just banter, totally informal, we need people who we know will fit in, we can give them training on the job for the roles that we need
informal interviews are way better than formal ones, and thats coming from both sides
Needless to say his CV got chucked in the bin, and it was only for a cabling job
My interview for my current job was in a Chinese Restaurant, I got aked one technical question, and told to give my descision before the Crispy Duck
I started in mid June as an engineer, to becoming senior engineer within a week, and im now Technical Manager
We interviewed again the other day, and it was mostly just banter, totally informal, we need people who we know will fit in, we can give them training on the job for the roles that we need
informal interviews are way better than formal ones, and thats coming from both sides
#24
Scooby Regular
Thread Starter
iTrader: (3)
Join Date: Dec 1999
Location: UK
Posts: 13,274
Likes: 0
Received 0 Likes
on
0 Posts
We interviewed again the other day, and it was mostly just banter, totally informal, we need people who we know will fit in, we can give them training on the job for the roles that we need
informal interviews are way better than formal ones, and thats coming from both sides
informal interviews are way better than formal ones, and thats coming from both sides
#25
Scooby Regular
Join Date: Jul 2006
Location: Swindon, Wilts
Posts: 912
Likes: 0
Received 0 Likes
on
0 Posts
As a Support person I'd expect you to either write, or have input into formal status reports, activity reports or other 'business process' reports or information - all of which need similar skills... ie the ability to string a written sentence together!
I can't remember the last time I wrote a formal letter (of complaint or otherwise) - but I can still damn well do so if asked or I need to!
Some people simply can't - and it was frightening how many candidates used 'text speak' in a formal letter!
DN
#26
Scooby Regular
iTrader: (1)
Join Date: Jul 2004
Location: There on the stair
Posts: 10,208
Likes: 0
Received 0 Likes
on
0 Posts
Exactly! It's not that the job usually entails writing a letter, as it doesn't - it's testing the interviewees ability to string a coherent sentence together, and have a modicum of common sense.
As a Support person I'd expect you to either write, or have input into formal status reports, activity reports or other 'business process' reports or information - all of which need similar skills... ie the ability to string a written sentence together!
I can't remember the last time I wrote a formal letter (of complaint or otherwise) - but I can still damn well do so if asked or I need to!
Some people simply can't - and it was frightening how many candidates used 'text speak' in a formal letter!
DN
As a Support person I'd expect you to either write, or have input into formal status reports, activity reports or other 'business process' reports or information - all of which need similar skills... ie the ability to string a written sentence together!
I can't remember the last time I wrote a formal letter (of complaint or otherwise) - but I can still damn well do so if asked or I need to!
Some people simply can't - and it was frightening how many candidates used 'text speak' in a formal letter!
DN
Do I get the job?
#28
... I was always testing a reasonable command of the English language and grammer, and common sense ability to express themselves in the written word ...
It was amazing how very 'technically intelligent' individuals simply didn't know how to write a simple letter, or couldn't spell (even with a spell checker) ... or who typed the entire letter as a single sentence, etc.
It was amazing how very 'technically intelligent' individuals simply didn't know how to write a simple letter, or couldn't spell (even with a spell checker) ... or who typed the entire letter as a single sentence, etc.
Thread
Thread Starter
Forum
Replies
Last Post
Brzoza
Engine Management and ECU Remapping
1
02 October 2015 05:26 PM