Interview Questions

How well the person can do architecture from scratch ...

Computing Security,Information Security, NT security, Web Security and Network Security Questions and Answers


(Continued from previous question...)

6. How well the person can do architecture from scratch ...

The question about "here design a secure network" on the white board. This is an open ended question, and works on how well the person can do architecture from scratch. My favorite variation on this is that given a web server, an e-mail system, switch, router, Firewall, and SIM or central data repository (aka kiwi syslog daemon) and IPS system, tie them all together into a Security Information management system, show information paths, ports used, and protocols used. Usually the original question does not go into ports and protocols and remains at the logical hierarchy, assuming that all the systems work and can talk back to a central repository, this really opens up the questioning to how well they not only understand architecture, but dependencies, interdependencies, protocol use, and the security arrangements around protocol use. Same question, just more in-depth to determine how well they understand the risks, limitations, and support for various systems in the path.

All the above questions, depending on which ones are used, can give a real good indication of what the person knows to do, and how well they think about large and small issues. All of these questions do not trigger any HR issues, and as long as they pertain to the job, should not get the interviewer into any issues. The key thing on these questions is that the interviewer has to be knowledgeable about these, or if it is team interviewing, they should be knowledgeable about the answers. Many of these are leading and can provide for some really interesting responses back from the interviewee's. These are really just solid technical interview questions that many information security people should be able to answer given how many years they have been in the field, or how much exposure they have had to various technologies, or what they like to do.

(Continued on next question...)

Other Interview Questions