connor/assistant-skills
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
assistant-skills/prep-tech-screen/references/peer-tech-screen-guide.md

83 KiB
Raw Blame History

Peer Technical Interview

Overview

The goal of this stage of the interview is to verify that the candidate has the right blend of technical expertise to perform the job appropriately. Depending on the candidates background, try to go deep on topics that are/were relevant in their career. For other topics, verify what level of basic (or advanced) understanding exists.

Goal
Verify how the candidate handles questions, that they are able to articulate technical concepts appropriately and that there is enough technical knowledge across various subjects. The ideal candidate has a broad understanding of multiple basic concepts, and ideally the candidate can go deep on at least one of the subjects. Based on their experience, tailor questions to areas they should be more comfortable with (e.g. if the candidate has a strong networking background, go deeper there, if they have stronger IAM experience, go deep there). Basic networking should be verified for basic knowledge.

Utilize the sections below (Outlined) as guidance. Try to keep things conversational rather than grilling question after question. Use scenario based questioning when possible.

Scoring
The candidate does need to be asked and/or answer every question right, but using best judgment, is there a basic foundation of how devices communicate across networks/Internet? Once its clear there is basic or advanced knowledge, feel free to move onto another topic.

Culture and Other Interview Topics:
While the technical assessment is the main driver of this interview, leave time to have a more conversational interview with the candidate. Ask the candidate about hobbies, home lab, previous company labs, etc. Ask yourself:

  • Would I want to mentor this candidate?
  • Will this candidate fit well into the Verkada culture?
  • Would I want to have coffee/drink with this person in a social setting?

Preparing Candidate

  • “With any of these scenarios, go into as much detail as you can.”

  • “Verkada is a hybrid cloud solution that involves many different technologies. Few people are masters in all of these concepts, our goal is to see if theres foundational knowledge in any of the areas.”

  • “Youre not expected to know all of these subjects, its ok if youre not familiar with a concept or specific question.”

Candidate Scoring

(copy/paste and send to HM after interview):

Candidate Name:
Current/Previous Employer:
Area(s) of Expertise:

Subject Basic Advanced Notes
Networking (Required) No Knowedge No Knowedge
Storage No Knowedge No Knowedge
Cloud No Knowedge No Knowedge
Identity & Access No Knowedge No Knowedge
Physical Security No Knowedge No Knowedge
Other No Knowedge No Knowedge


Additional Notes:

Recommendation:

Definitely Not

Recommendation Notes:

Basic Networking

Scenario Question:

  • You plug your computer into a fresh new network and it needs to get an IP and talk out to the internet (www.verkada.com), explain how that happens.
  • Customer wants to cloud backup 10 cameras on a remote site. What things need to be taken into consideration?
  • Customer wants to segment Verkada traffic on their physical network - talk through it

Minimum Concepts:

  • Layer 1
  • DHCP
  • DNS
  • Gateway/Router/Subnet/NAT

Additional Concepts:

  • What is PoE?
    • Power over Ethernet (there are multiple specs)
  • Explain the differences between a Router and a Switch?
    • Switch connects multiple devices to make a network
    • Router connects multiple switches to form a larger network and/or a router routes traffic beyond your network/switch to a wider network (aka Internet)
  • Explain what a firewall does?
    • A firewall is a network security devices that monitors and secures/filters traffic to and from a network or the Internet
    • Different firewalls with varying technology can simply filter traffic based on IP address and ports while others can recognize protocols or even run inline anti-virus/IPS/etc.
  • How can you determine if your web connection is secure or not?
    • Verify HTTPS/TLS in a browser
    • Look for a signing certificate
  • How does a web proxy work?
    • Intermediary that sits between a device and web sites. It can be configured explicitly or implicitly
      • PBR/WCCP/PAC
    • Popular before NAT as a means to share Internet access
    • Early proxies focus on caching to improve performance
    • Modern proxies filter web traffic and analyze traffic
      • SSL decryption, DLP, Anti Malware
  • What does a VPN do and how does it work?
    • Virtual Private Network
      • Encrypts traffic
      • Provides connectivity back into an internal network from a remote network
      • Split vs Full tunnel
  • Concepts around Bandwidth
    • How can you check the speed of an Internet connection?
    • What bitrate do you think modern video is (SQ/HD/4K)?
      • Ballparks are fine, but SQ might be 100-400 Kbps, HD at 1-2 Mbps, 4K at 3+ Mbps
      • There is wide variance, see if they ask questions about compression/codecs/formats/etc.
      • Theres no specific right or wrong answer, but just confirm they have a basic grasp on how video quality and bandwidth are related
  • What is a VLAN and why would you use one?

Advanced Networking

You plug your computer into a fresh new network and it needs to get an IP and talk out to the internet, explain how that happens.

*Use answers from the candidate to dig deeper into specific protocols to understand depth of knowledge

Here is what we are looking for at L1 and follow up questions.
Layer 1

  • Good Cable
    • How might we test if a cable is good?
  • Good port
    • MAC table?
  • Ethernet - copper
    • Limitations of ethernet?
  • POE

Here is what we are looking for at L2 and follow up questions.
Layer 2

  • Device MAC address is used to communicate @ L2
    • What is a mac address?
    • How can we look up a vendor via mac?
  • How do we get an IP address using L2?
    • DORA
      • Discover, Offer, Request, Ack
      • What will be the Destination IP of those messages?
        • Unicast or broadcast?
      • What other network parameters are given in DHCP process?
        • Default Gateway
        • DNS
        • Subnet mask

Here is what we are looking for at L3 and follow up questions.
Layer 3

  • Talking to nodes on the same network - direct
  • Go to talk to nodes outside of the broadcast domain, go to Default Gateway.
  • What if DHCP server is on another network? What would you need?

So we now we have an IP and want to go to www.verkada.com, explain how that happens

  • DNS

    • How is your computer going to translate www.verkada.com to an IP address
    • What are the ways
      • Cache
      • Hosts file
      • Local DNS
      • Top level DNS servers

  • NAT/PAT

    • Route through default gateway to edge router
    • Multiple clients using the same public IP?
    • How to keep track of connections?

  • TCP vs UDP

    • 3 way handshake: SYN - SYN ACK - ACK
    • Gracefully end the connection” FIN (ACK) - FIN ACK - ACK

  • SSL/TLS

    • What is encryption and why do you need it?

      • How would you know connection is secure?

    • Client Hello, what is sent?

      • Supported TLS versions
      • Supported ciphers
      • Client random

    • Server Hello, what is sent?

      • Server certificate
      • Chosen cipher
      • server random

    • Key exchange, why?

      • Generate a master secret that only the client and server know to decrypt the data exchange

    • Besides setting up encryption what is also be done with TLS certificates?

      • Authentication
      • Possibly authorization (client certificate)

  • How does a firewall work?

    • How do we filter?

  • HTTPS

    • HTTP methods
    • Rest api
    • HTTP codes
      • 2XX - Success
      • 3XX - Redirection
      • 4XX - Client error
      • 5XX - Server error

Basic Storage

Scenario Question:

  • If using a local storage server to store backups/recordings/etc, explain options to increase storage

Tech Questions:

  • Explain the differences between hard drive and flash storage?
  • What is RAID?
  • What is a NAS and how does it work?
  • What is the relationship between KB, MB, GB, TB?
  • How large would you expect a photo (JPEG/HEIC) taken from a modern iPhone/Android phone to be?
    • Same for video?
  • What is a partition in terms of storage?

Advanced Storage

Scenario Questions:

Tech Questions:

  • How do you properly architect a storage system?
    • Capacity
    • IOPS
    • Fabric
    • Application
    • Uptime Requirements
    • Redundancy
  • Explain HCI and its advantages and disadvantages
  • Explain Scale-Up vs Scale-Out
  • What type of storage would you recommend for video storage? Why?
  • Explain storage protocols and how they are utilized?
    • FC
    • iSCSI
    • CIFS/NFS
    • SMB
    • HDFS
    • S3
  • Explain a write to disk in an enterprise storage system
  • What replication technologies are you familiar with? How does it work?

Basic Cloud

Scenario Questions:

  • Explain what cloud managed is to a non technical user

Tech Questions:

  • Name some public cloud providers?
    • Azure, AWS, GCP, OCI
  • What does Hybrid Cloud mean?
  • In modern cloud solutions, explain the concepts of:
    • Compute
      • EC2/VMs/Containers
    • Storage
      • S3
    • Archive
      • Glacier

Advanced Cloud

Scenario Questions:

Tech Questions:

  • Containers
  • Kubernetes
  • Serverless
  • Availability Zones

Basic Authentication, Identity

Scenario Questions:

  • A small but growing business has been managing their users by using local users and passwords. Explain the advantages to moving to a directory services model.

Tech Questions:

  • Whats the difference between authentication and authorization?
    • Authenticate = Verify who a user is
    • Authorize = Verify what a user/device has access to
  • What is an IDP
    • Active Directory (or LDAP)?
    • Name some cloud IDPs
      • Okta, Entra ID, Ping, Jumpcloud, Google
  • What is MFA?
    • How does MFA typically deploy in a modern enterprise?
      • At the IDP layer
  • What is Single Sign-On
  • What is Zero Trust?

Advanced Authentication, Identity

Scenario Questions:

Tech Questions:

  • What are SAML and SCIM
    • How are they different?
  • What is NAC
  • Explain the difference between SP and IDP initiated
  • What is hybrid identity and provide some examples
    • Looking for examples like local AD syncing to Okta or “AD Connect”, etc. Can they walk through understanding the source of truth and why companies use hybrid identity?

Basic Physical Security Questions

Scenario Questions:

Tech Questions:

  • How are modern IP cameras powered?
  • What is an NVR?
  • Which companies are in this space?
  • Whats the difference between digital and optical zoom
  • How do you spec how many HDDs are needed for an NVR?
  • Fail secure vs fail open?

Advanced Physical Security Questions

Scenario Questions:

  • You need to design an AC system for max redundancy. What are some top things that come to mind when comes to design?
    • Network failover, UPS, batteries in the panel, etc

Tech Questions:

  • Explain how modern motion detection works?
  • Explain the difference between H.264 and H.265
  • Describe the importance of PPF
  • Whats the difference between RTSP and ONVIF
  • OSDP vs Weigand
  • Whats the difference between high-frequency and low-frequency cards?
  • What is a REX, DPI, and maglock?
  • How does an AC system know if a door was forced open vs held open?
  • How do you integrate a fire alarm system with access control?

Low Voltage Questions:

  • What's the difference between POE, POE+, POE++
  • What's the difference between AC and DC Power
  • Explain how Volts, Watts and Amperes are different