2. Your resume says that you worked with BGP. What can you tell me about that? Lift a skill from their resume, and see how deep their particular well of knowledge goes. They claim to know BGP? Great. That could mean anything from building simple neighbor relationships to managing a complex mesh of autonomous systems with customized policies. The candidate doesn't need to know everything you know or everything there is to know. Chances are, you don't know everything there is to know. The point is to see just how much they know, and determine if that's sufficient for your needs.
3. You've got nothing but a laptop that's been assigned a DHCP address and no other special privileges. What are the steps you would take to discover the network topology? This is a loaded question. Practically speaking, there's a limited amount of network that can be discovered if it's even vaguely secure, but an engineer who has been around the block should be able to come up with multiple answers. For instance, run a ping sweep against a range of addresses. Run a packet analyzer and see what sorts of broadcast frames come across the wire. Run a MAC flooding tool to get the switch to dump all traffic to their port through unicast flooding, and see what they can pick up from that.
I could go on, but the idea with a question like this is to answer it yourself ahead of time, then see what the candidate comes up with. As they make their suggestions, you can probe them. Oh, so you'd try to get a DNS zone transfer. If you succeeded, how would that information help you? Ah, so you'd look for broadcast traffic with Wireshark. What sort of broadcasts would you find useful? As candidates explain their answers, you learn about their knowledge, but you also learn how they think. Is the candidate clever? Resourceful? Independent? Determined? Logical? Or is their only answer that they'd go up to your desk and ask you for a network map? (See the next question below for more about that.) What happens if you point out a critical flaw in their logic? Do they get defensive? Angry? Or do they see the error they made and move on?
4. How do you find answers when you don't have them? You want to learn one thing from this question: Whether this person is going to live at your desk, asking you every little thing they can't grok in two minutes. You don't want that. You want the person who, within reason, doesn't bother anyone else until they've exhausted every possible avenue to find the answer themselves.
You want the candidate to tell you they'll Google, search vendor manuals, try five different command sequences, build a lab exercise, scour documentation in the local wiki, and so on. The last thing they should say they will do is come to you. If they do say that, they should add that they would come armed with all of the things that they tried that didn't work out.
To sum up my approach, I want to get inside the candidate's head as much as possible. I don't need candidates to know everything, but I do need to be confident that their thinking process is sound, that they are motivated to discover new things, and that they have the capacity to learn. Such a candidate will probably be a great asset.
Ethan Banks is CCIE #20655 and a 16-plus year IT veteran. He has designed, implemented and supported networks in government, banking, higher education and corporations. He is a host of the Packet Pushers podcast and an independent blogger covering the data networking industry. A version of this post originally appeared on Packet Pushers.