27B Stroke 6 I just got off the phone with the DHS, in an interview for the Security Architect position.

Here are a few of the questions he asked me, with my answers (Okay, not verbatim). I should point out that he made it clear he was seriously strapped for time.

Q: How do you feel about port 80? A: It’s better than port 23, but not as good as port 666….

Q: What would you do to secure TN 3270 emulators? A: Disconnect them and upgrade to the 21st century.

Q: What is your experience with FISMA, FIPS, and FSH? A: Limited. I’m allergic to acronyms beginning with “F.”

Q: What do you know about firewalls? A: People think they stop malicious activity. They’re wrong.

Q: What would you do if you were asked to testify before Congress? A: Wear an ill-fitting suit and lie through my teeth so I wouldn’t stand out.

Humor (or pallid attempts thereto) notwithstanding, how do you answer broad questions like this, especially when the interviewer interrupts you after three or four words to move on to the next question? For example, after he asked me the 3270 question, he interrupted my answer with, “you obviously don’t have any experience with mainframes; let’s move on.”

I very nearly replied, “I’ve been working with mainframes since O/S 360, fucker. How about you?” But of course, I didn’t.