Few questions you will most probably hear on your next job interview.

Lately, for whatever reason it may be, many of my friends/colleagues/acquaintances switched the jobs and mostly because they wanted to. And hearing their accounts of job search I catch myself that while offered positions and employers differ there are ever returning themes/questions that arise on the job interviews pretty much universally.

So here I bring compendium of these questions planning to update it as I hear new stories.

Tell us about something at your current job that you did and it made you proud of yourself …

Bring us an example or few of initiatives you took at the current/previous job …

This probably tests that you actually have had some initiatives worth mentioning or in other words – Did you do something productive that didn’t come from your manager request directly?

What was the highest sign of appreciation you earned on the current/previous job and what was the cause ? …

They mean beyond the pay check that you got every month , or in other words – Did someone notice that you actually quit the job ?

Usage/Case studies .

This is rather a metacategory and will include slightly different subject depending on the sought title. I will bring united cases for the 2 titles – in enterprise networking and security. Networking.

We are the internet enabled and reliant company. What are the key factors in designing network topology and connectivity and how you suggest to implement them ?

Key words here: Redundancy, reliability of connection, cost saving in managing the lines utilization.

How do you implement this: Redundancy in Internet connectivity (different ISPs and infrastructure types with possible hot failover, routing advertisements of your IPs if you have them [BGP]). Redundancy in network equipment (HSRP and VRRP for standby routers/Etherchannel for Cisco switches/ ) .Proprietary clustering implementations by some vendors (3COM,HP, Checkpoint firewalls – you think you can escape it ?). Line utilization management – maximize bits for bucks ratio using traffic management or load balancing solutions like F5 Big-IP with Link Controller module for accessing the internet or if some webservers are hosted at the company premises then also using Local/Global Traffic Manager modules. On a cheaper side Radware load balancers like Linkproof for Internet access , Appdirector for webservers will do the job.
Implementing DRP procedure – remote hosting of database backups.


We are the Internet connected and publicly traded company that should safeguard against external and internal threats, what key factors in fulfilling this requirement would you list ? What would be actual implementation ?

Key factors:

  • Security in depth.

  • Accountability for security-related events in the company.

  • Ability to comply with external audit/standards requirements.

  • Data Leak/Lost Protection/Prevention (everyone says it differently anyway).

  • Ability to sustain determined and targeted external attacks.

How would you implement this ?

Perimeter security with Checkpoint firewall(s), possible with clustering for reliability.

Central log and events correlation and management system (ArcSight).

If there are web servers to be protected then Web Application Firewall – say Imperva.

For DLP – Websense/Symantec / maybe EMC Documentum as part of the more comprehensive task. Also endpoints data encryption – Symantec.

Antivirus ofcourse by default - Symantec or McAfee

To thwart and detect dedicated and highly skilled attacks IPS will be appropriate. Say McAfee or Tipping Point .

Regarding compliance usually people didn’t mean to exam you on every point of PCI requirement , but at least awareness of such standards is expected.

That is all I could remember from the stories told so far. As I hear new ones I will update this post. Cheers.