job screening question

Thomas York straterra at fuhell.com
Thu Jul 5 17:08:30 UTC 2012


My answer to that questionwould be "No..why would I ever blanket block ICMP?
If I'm that stupid, I shouldn't be deploying firewalls at all."

I also assume I wouldn't get the job after answering that...

Thomas York

-----Original Message-----
From: William Herrin [mailto:bill at herrin.us] 
Sent: Thursday, July 05, 2012 1:02 PM
To: nanog at nanog.org
Subject: job screening question

Hi folks,

I gave my HR folks a screening question to ask candidates for an IP expert
position. I've gotten some "unexpected" answers, so I want to do a sanity
check and make sure I'm not asking something unreasonable.
And by "unexpected" I don't mean naively incorrect answers, I mean
oh-my-God-how-did-you-get-that-cisco-certification answers.

The question was:

You implement a firewall on which you block all ICMP packets. What part of
the TCP protocol (not IP in general, TCP specifically) malfunctions as a
result?


My questions for you are:

1. As an expert who follows NANOG, do you know the answer? Or is this
question too hard?

2. Is the question too vague? Is there a clearer way to word it?

3. Is there a better screening question I could pass to HR to ask and check
the candidate's response against the supplied answer?

Thanks,
Bill Herrin


--
William D. Herrin ................ herrin at dirtside.com  bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls
Church, VA 22042-3004

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 7086 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20120705/fe466fb1/attachment.bin>


More information about the NANOG mailing list