TCP

[Cliotoby]

OK so Ive got an interview soon, a friend works there (High up) and I asked for a few tips. He told me to "make sure I know TCP inside out" along with other stuff.

Im not really sure what there is to know, or what I should know about TCP, im at ccna level and soon to be sitting my ccnp switch so I know whats in ccna about TCP.

Its for a tier 1/2 network security role, although Ill mainly be doing performance monitoring, producing reports and stuff.

Other than how it works and what everything means in the TCP segment, what should I know???? No way am I running through RFC.

 

[ChrisR]

In a security context I'd guess it'd cover things such as being able to follow a packet capture, know what's going on and generally make sense of things, what TCP based attacks there are such as SYN attacks etc.

Know your common port numbers, the services that run on them and again in a security context maybe know a bit about what's possibly 'bad' to find on a port scan output. For instance knowing that FTP and telnet aren't ideal as they are unencrypted channels.

Depends on how much into security or networking the role goes, I'm a security guy but not a network guy so I'm sure there's more networking focused answers that people will be able to give

 

[Cliotoby]

Cheers ill try read/remember what youve suggested. Somethings there I dont know about. I think Ill be performing monitoring on Arbour stuff mainly.

 

[ChrisR]

If you have any other questions on security stuff feel free to drop me a message as still not paid up here again so will run out of posts

As said I'm in security but not strictly networks, more around pen testing, vuln + risk management and assessment stuff lately.

 

[Cookie]

If you have any other questions on security stuff feel free to drop me a message as still not paid up here again so will run out of posts

As said I'm in security but not strictly networks, more around pen testing, vuln + risk management and assessment stuff lately.

Ugh, I hate security teams

Good luck with your interview. I've never understood why interviewers for some network roles want to go into the pure packet level stuff, especially if you're never ever going to be touching it as part of your role.

 

[ChrisR]

Ugh, I hate security teams

I don't like a lot of them for various reasons too

 

[Donny_Dog]

Every interview yet, this has occurred:

In your own words, what is tcp/ip and what is its use in modern networking.

not saying you'll be asked that.
Ccna knowledge of it, is as good as you'd need for an interview I believe.

 

[Cliotoby]

Ugh, I hate security teams

Good luck with your interview. I've never understood why interviewers for some network roles want to go into the pure packet level stuff, especially if you're never ever going to be touching it as part of your role.

Think they just want me to know what it is and what it does

Every interview yet, this has occurred:

In your own words, what is tcp/ip and what is its use in modern networking.

not saying you'll be asked that.
Ccna knowledge of it, is as good as you'd need for an interview I believe.

Basic s**t thenlol

 

[KDF]

Just tell them it's a large car parking company.. then wink at them..

Hired !





Or just follow your CCNA training and tell them it's a "best effort" packet delivery protocol, then go into the basics of why we need it and why it works so well in todays networks, like handling out of sequence packet delivery, retransmission of lost/corrupt packets etc.

 

[Cookie]

I put TCP on wounds.

 

[Cliotoby]

Or just follow your CCNA training and tell them it's a "best effort" packet delivery protocol, then go into the basics of why we need it and why it works so well in todays networks, like handling out of sequence packet delivery, retransmission of lost/corrupt packets etc.

Best effort......... :nono:

they wanted to know some basic stuff really. Wasnt technical as such. name these port numbers (Forgot most of these FFS). Explain the three way handshake to me.....i also told them about TCP briefly while i was at it. Explain Virus, trojan, worm to me. What did i know about IDS/IPS systems. Something else although id never heard of it before and just said id not heard of it. Explain DDOS. What layer does a switch, router and firewall operate at. I said L2 for Switches as well HURRR DURRR.

Rest of the interview was pretty poorly constructed tbh, asked me how I would handle a situation where ive got two customers on the phone at once and ive got a major incident happening with the core network, why the company, what can I bring to the company (listed a few of my qualities with some examples but then she cut me short f**k sake).

Needless to say I havent got the job, and I got really bad vibes from the woman interviewing me. She basically told me I should be looking at apprenticeships and that I should be looking to enter a role much lower down the ranks so to speak. Was like...."Oh ok".

 

[Donny_Dog]

That sounds Like a pretty bad experience to be honest.

Dust yourself off and go again. Dont think I'd like to work for them even if they offered it.

 

[KDF]

Best effort......... :nono:

My bad. I meant guaranteed. Well spotted.. HIRED !!

In my experience, if the interviewer is a b**ch (or b*****d) I wouldn't work for them anyway.. even if they offered the job. Got headhunted for a role and said no in the past.

 

[Cliotoby]

Unfortunately im only a shitty grad with a ccna. So nothing much to offer them really. I was down to about 4 people they wanted to interview as well. It was a grad role and apparently they know I wont have everything they want and are looking to build a team of 15 although take on people with different skillsets around networking or the products they use, me with general networking for example. She also had a go about the fact I was applying for a security based role when my background knowledge was ccna/ccnp and I should have focussed on the ccna security/ccsp. I mean wtf?

It was an internal recommendation too which they knew about, my old tutor works there who taught me the ccnp. So they asked me what sort of relationship I had with him, how did I knew him etc. I mean what the f**k was I ment to say to that. Just said I got on very well with him and had loads of support, also a useful contact and he kept in touch with a few of us (The ones that werent complete f**king mongs).

Ill get confirmation through my recruiter early next week most likely. Just properly fucked off with that woman, left at dead on 11am to take a call too, i was on my last question to them anyway. So f**king rude.

Going to smash my ccnp switch as im almost through the book now then Ill go pass the ccna security just for the lol. Might put me in better standing tbh!

 

[Donny_Dog]

Don't get too hung up on doing the ccnp. Just try get some experience. I was even prepared to work for free to get it, that was in 2001!

You may find the ccnp cert yet lack of experience might put you a little more in the cold. I have done recruitment many times as an appointing officer and I'd rather have a ccna with experience than a ccnp with none. don't take that the wrong way, just trying to offer a different perspective.

The HP DWP contract starts in December have you gone for that? Where in the uk are you based? I know of positions in Leeds that maybe available in April.

 

[Cliotoby]

Yeah a few people have said that. Maybe Im better going for ccna security, or just keeping quiet about the ccnp. Based in Hull but willing to move anywhere.

Ill take a look at HP, I have a 2-2 as well so im even less desirable. I think DESG/MOD have a scheme coming up (Or they did last year) that take 2-2 grads.

Literally considering supermarket management now.

I applied for a job as an IT tech in a school and was apparently too over qualified and they knew I wouldn't stick around. I cant win haha.

 

[Donny_Dog]

I applied for a job as an IT tech in a school and was apparently too over qualified and they knew I wouldn't stick around. I cant win haha.

That's what I mean about your quals.

Right, so you're relatively local. Hull to Leeds is commutable.

pm me your email address and you can reply with your cv? might be able to help you out. I am potentially leaving an organisation which is definately going to need staff.

If you haven't done so, ensure you are registered as a contractor with Hayes.

 

[Cliotoby]

PM'd.

I also got "which nation would you say posed the biggest security threat?"

 

[Donny_Dog]

PM'd.

I also got "which nation would you say posed the biggest security threat?"

Er.. What a strange question.

 

[Cliotoby]

Also..."from the job spec sheet, which task would you say you would struggle the most with".

They admitted at the start the interview was literally put together last minute as its a fairly new role.

Im not sure who Im more annoyed at, myself for not giving more info out, or them for putting together an interview like that. Ive had better interviews for supermarket roles.

 

[ChrisR]

I said they'd ask about common port numbers, not a bad guess

Overall I'd say as crap as it was its all good experience, you now know what a reasonably experienced position interview will be like and by the sounds of it am surprised they interviewed you based on a recommendation knowing you didn't have the experience or security focus rather than networking. But if its a grad role what are they expecting people to know already, and definitely wouldn't be asking for SSCP certified people as that comes with experience requirements to be certified.

To me those are pretty entry level security interview questions, but I wouldn't expect someone fresh to the field to know the answers.

If security is something you fancy grab the Mike Meyers security+ book as its a good intro to the area.

Whilst you must be realistic, never let anyone tell you that you should be aiming lower if you think you can do a job.

 

[Cliotoby]

They werent after experience. The role is graduate, has graduate in the title and the job title, and the recruiter did specifically they were looking to put together a team of graduates, a team they can train up.

Port numbers aside I gave them good answers for the technical questions, and I was shocked at how basic they were.

Im confused as to why they mentioned CCSP or basically criticised me for applying for a specialist security role when my background was "general networking". There were two roles from what I can gather, one is definately a team of 15 grads for security analyst roles and the other is a specialist analyst role (Senior). I got two job spec sheets through in the email, a grad sec. ana role and a management sec analysist. The management role specifically states "expert level technical support" and "required to lead a team of analysts".

 

[*JimmyJ*]

Keep going bud and keep applying for jobs. You'll get something I'm sure. All the best.

 

[Cookie]

LOL at some of those interview questions. f**king hate companies like that.

 

[Cliotoby]

Keep going bud and keep applying for jobs. You'll get something I'm sure. All the best.

Cheers dude. I hope so!

LOL at some of those interview questions. f**king hate companies like that.

Couldn't believe it when they asked me some of the stuff. If it was an assessment centre I could understand them not knowing anything. Im still fairly annoyed at myself also.

Recruiter rang me yesterday as well so might have something else lined up.

 

[ChrisR]

They werent after experience. The role is graduate, has graduate in the title and the job title, and the recruiter did specifically they were looking to put together a team of graduates, a team they can train up.

Port numbers aside I gave them good answers for the technical questions, and I was shocked at how basic they were.

Im confused as to why they mentioned CCSP or basically criticised me for applying for a specialist security role when my background was "general networking". There were two roles from what I can gather, one is definately a team of 15 grads for security analyst roles and the other is a specialist analyst role (Senior). I got two job spec sheets through in the email, a grad sec. ana role and a management sec analysist. The management role specifically states "expert level technical support" and "required to lead a team of analysts".

I really don't understand why she was putting the downer on it saying you should be going for lower stuff then, sounds like a cretin to me

And again sounds nuts she is going on about having the CCSP if they are taking on fresh meat, chin up and all that you'll find something.

Have you looked at any grad schemes, or apprenticeship type roles (I know IBM have an apprentice program, there's a chap on here who is/was on it I believe).

I've had a flurry on contacts from recruiters this week and no idea why as I've not touched any of the job sites or linkedin for a while, but had a number of calls and emails which was a bit weird.

 

[Cliotoby]

Ive seen IBM mate, I cant apply -Ive got a 2-2.

I'm still kicking myself about the interview. I'm really annoyed it went so bad as it would have been an awesome role, especially for a grad.

Some people think they were playing the old good cop bad cop persona s**t with me as sometimes happens in interviews. But I rekon either way, I fucked up big time.

Ive been applying for more jobs, but as recruiters go I find that 1 in 10 will respond. Other than that, the recruiter who placed my mate into a job last week wants to speak to me, and some guy rang me up from another agency on Tuesday and left a voice mail saying he might have potential roles for me. So f**k knows. Its just frustrating not knowing where you're going in life. I could be in worse situations mind!

 

[ChrisR]

True, hopefully the recruiters won't be talking the usual bull s**t and actually be of some use

 

[@Spoonie]

PM'd.

I also got "which nation would you say posed the biggest security threat?"

I don't see why this is unreasonable. They would have been looking how you would identify risk, not for a specific answer.

When I do interviews there are a few questions I will give that I know people are unlikely to have an answer for. It's how they deal with it that I am interested in. Thought process etc. For example, I see so many people that have 'excellent troubleshooter' on their CV. You start giving scenarios and ask them to break down their approach and it soon becomes apparent that they possess excellent technical knowledge but lack troubleshooting skills. This is something that you need to weed out so sometimes the questions may seem a bit irrelevant.

 

[Cliotoby]

Thats a good point ill remember that for next time.

Had a call from a recruiter today and one yesterday so hopefully ill have more interviews lined up.

Hopefully.

 

[Cliotoby]

Well turns out there were no junior roles left when I went down. So the recruiter fucked me over. ha.

Not to worry. Have had SO much interest in the past 4 weeks its really starting to move now.

Got an interview with a local company for a junior network engineer but I will have to lie my ass off and tell them I intend to stay for like...forever.

Also had 2 phone interviews, one yesterday went really well and they gave off some really good vibes, Ill be surprised if I dont get offered an interview. Its With a decent company that's small enough to give a s**t but big enough to rake in big bucks, loads of potential there. Also one with Ericsson a few weeks back but that didn't go well and I haven't heard since. I know they will be busy with 4G though. Dont really want to go into wireless infrastructures either.

 

[Cr33do]

Where abouts are you?

 

[iain187]

lol just reading this thread. some of the earlier questions sound like a non-tech person has just googled 'IT interview questions'

awful!

 

[Cliotoby]

Based in Hull but I dont care where I end up.

Should have a job fairly soon I would imagine.

 

[Cliotoby]

Had another interview in Hull last week. Didnt get it. i knew I was fucked when I knew more about networks than the administrator who I would be reporting to. Also the technical interview was a f**king joke. What is port 443. What is NAT.

There was a "trick question" in the sheet. Can the IP address 192.168.45.0 255.255.0.0 be assigned to a host?

FML. Job hunting at grad level is horrid. I cant apply for the low end tech jobs in schools or local small business because the admins are f**king mongs and they know I wont stick around. And the larger companies who are actually willing to take on grads take forever to get back to you.

 

[@Spoonie]

Why don't you just go contracting to build up some experience? What was your degree in and what is your tech areas are you strong in?

 

[sn00p]

There was a "trick question" in the sheet. Can the IP address 192.168.45.0 255.255.0.0 be assigned to a host?

Why is that a trick question? And more to the point, what did you answer?

 

[@Spoonie]

Why is that a trick question? And more to the point, what did you answer?

I actually thought that, hardly a trick question. It either can or can't.

 

[Cookie]

Please tell me you didn't answer yes

 

[sn00p]

Please tell me you didn't answer yes

I'm laying money that if he thinks it's a trick question then he answered it wrong.