Cloud & Infrastructure Topics
Cloud platform services, infrastructure architecture, Infrastructure as Code, environment provisioning, and infrastructure operations. Covers cloud service selection, infrastructure provisioning patterns, container orchestration (Kubernetes), multi-cloud and hybrid architectures, infrastructure cost optimization, and cloud platform operations. For CI/CD pipeline and deployment automation, see DevOps & Release Engineering. For cloud security implementation, see Security Engineering & Operations. For data infrastructure design, see Data Engineering & Analytics Infrastructure.
Switching VLANs and Layer Two Segmentation
Layer two and layer three switching concepts relevant to segmentation, including differences between layer two switches and layer three switches, virtual local area network concepts, tagged and untagged ports, trunking, and inter vlan routing. Cover spanning tree protocol for loop prevention, port security, access control at switch ports, common attacks such as VLAN hopping and mitigations, and how to design segmentation using switching and routing constructs to separate user groups, servers, and internet facing infrastructure. Include operational considerations for trunking, multicast, and broadcast domains.
Cloud Cost Optimization and Financial Operations
Covers strategies and organizational practices for minimizing and managing cloud and infrastructure spend while balancing performance, reliability, and business priorities. Candidates should understand cloud cost drivers such as compute, storage, data transfer, and managed services; pricing models including on demand pricing, reserved capacity commitments, savings plans, and interruptible or spot offerings; and engineering techniques that reduce spend such as rightsizing, autoscaling, storage tiering, caching, and workload placement. This topic also includes financial operations practices for continuous cost management and governance: resource tagging and cost allocation, budgeting and forecasting, chargeback and showback models, anomaly detection and alerting, cost reporting and dashboards, and processes to gate changes that affect spend. Interviewees should be able to estimate recurring costs and total cost of ownership, identify and quantify optimization opportunities, weigh trade offs between cost and business objectives, and describe tools and metrics used to monitor and communicate cost to stakeholders.
Cost Aware Architecture and Design
Focuses on how architectural decisions and design patterns affect operating cost and total cost of ownership. Interviewees should be able to reason about trade offs such as managed services versus self managed components, always on virtual machines versus event driven or serverless approaches, reserved versus on demand capacity, use of spot or preemptible instances, and multi region or edge placement. Candidates should demonstrate techniques for reducing cost through storage class selection and lifecycle policies, caching and batching, query and workload optimization, data transfer minimization, and workload isolation. The topic also covers modeling and communicating cost trade offs, estimating ongoing operating expense for alternative designs, and choosing architecture that balances budget constraints with reliability, performance, and engineering effort.
Capacity Planning and Resource Optimization
Covers forecasting, provisioning, and operating compute, memory, storage, and network resources efficiently to meet demand and service level objectives. Key skills include monitoring resource utilization metrics such as central processing unit usage, memory consumption, storage input and output and network throughput; analyzing historical trends and workload patterns to predict future demand; and planning capacity additions, safety margins, and buffer sizing. Candidates should understand vertical versus horizontal scaling, autoscaling policy design and cooldowns, right sizing instances or containers, workload placement and isolation, load balancing algorithms, and use of spot or preemptible capacity for interruptible workloads. Practical topics include storage planning and archival strategies, database memory tuning and buffer sizing, batching and off peak processing, model compression and inference optimization for machine learning workloads, alerts and dashboards, stress and validation testing of planned changes, and methods to measure that capacity decisions meet both performance and cost objectives.
Cloud Platform Fundamentals
Comprehensive understanding of core public cloud services and the primary trade offs when selecting among them across major providers such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform. Candidates should know compute options including virtual machines, managed compute, containers and serverless functions; storage types including object, block and file storage and lifecycle and archival strategies; managed database offerings for relational, non relational, and data warehouse workloads; networking fundamentals including virtual private networks, subnets, routing, load balancing, content delivery networks, and private connectivity; messaging and integration services such as message queues and event streaming; identity and access management and secrets management; monitoring, logging, and observability; autoscaling, elasticity, high availability, and basic disaster recovery patterns; and cost and pricing considerations. The topic also covers the trade offs between managed services and self managed infrastructure in terms of consistency, latency, cost, operational overhead, and durability, and the ability to map common workload requirements to the right service categories.
Google Cloud Platform Deep Dive
In depth coverage of Google Cloud Platform services across compute, networking, storage, orchestration, and platform integrations. Areas include Compute Engine instance management and machine type selection, Google Kubernetes Engine concepts for container orchestration, managed databases such as Cloud SQL and Firestore, Cloud Storage features including versioning and lifecycle, networking components including Virtual Private Cloud, VPN and load balancing, content delivery with Cloud CDN, eventing and messaging with Pub/Sub, and analytics with BigQuery. Candidates should demonstrate design decisions, operational practices, scaling strategies, security and identity considerations, and service limits and trade offs for production deployments.
Network Troubleshooting and Tools
Hands on skills for diagnosing and resolving network problems using standard command line and packet analysis tools. Topics include systematic troubleshooting workflows (start with reachability tests and escalate to captures), use of ping and traceroute to verify connectivity and routing paths, netstat and ss to inspect sockets and listening ports, arp and interface commands to check layer two mappings and interface state, router and switch show commands to view routing tables and interface status, and DNS troubleshooting using nslookup and dig. Deep packet capture and analysis with tcpdump and Wireshark is covered, including capture filters, interpreting packet headers and flows, identifying retransmissions, latency sources, and protocol errors. Emphasis is on interpreting tool output, correlating results across layers, and choosing the right tool at each step of an investigation.
Routing Fundamentals and Protocols
Comprehensive Internet Protocol routing principles and common routing protocol behaviors that network engineers are expected to know. Candidates should understand how routers build and consult routing tables to forward packets, the forwarding decision process including longest prefix match and tie breaking, the difference between static routing and dynamic routing, and how the control plane and the forwarding plane interact. Core concepts include route selection logic, route metrics and how they influence path choice, administrative distance and route preference, default routes, route summarization and aggregation, and route redistribution between protocols. Familiarity with interior gateway protocols and their typical behaviors is expected, including Routing Information Protocol version two, Open Shortest Path First, Enhanced Interior Gateway Routing Protocol, and Intermediate System to Intermediate System, plus an introduction to Border Gateway Protocol for interdomain routing where relevant. Candidates should also understand convergence properties and failure handling, basic configuration trade offs for performance and scalability, and common troubleshooting techniques and commands used to diagnose routing and reachability issues in enterprise and service provider networks.
AWS Compute and Networking
Covers design and operational knowledge of Amazon Web Services compute and network components. Candidates should understand Amazon Elastic Compute Cloud instances including instance families, sizing considerations, and pricing models such as on demand, reserved, and spot instances. Knowledge of Amazon Machine Images and launch templates, network interfaces, security groups, route tables, and Virtual Private Cloud architecture including public and private subnets, NAT gateways, and peering is expected. Expect questions on load balancing options including Application Load Balancer and Network Load Balancer, autoscaling groups and policies for availability and cost optimization, and hybrid connectivity patterns such as VPN and Direct Connect. Candidates should also be able to reason about high level multi tier application architectures on AWS, security and networking trade offs, and common infrastructure as code and automation approaches used to provision and manage these resources.
Infrastructure as Code Tools
Practical skills for authoring, deploying, and managing Infrastructure as Code templates and configurations across cloud platforms. Candidates should be able to author, read, and modify templates or configuration files for native platform tools such as AWS CloudFormation, Azure Resource Manager templates or Bicep, and Google Cloud Deployment Manager, as well as for multi cloud tools such as Terraform. Key areas include file formats such as YAML and JSON, declaring resources, passing parameters or variables, and emitting outputs, together with expressing resource dependencies, conditions, and mappings. Candidates should be able to write templates for common infrastructure patterns including networking such as virtual private clouds, subnets, and security groups, compute resources such as virtual machines and instances, and storage resources such as buckets and storage accounts. They should know how to deploy templates to create stacks or equivalent constructs, perform stack updates and change sets or plan and apply workflows, handle rollbacks and deletions, and manage state for tools that require it including remote state and state locking. Additional important skills are modularization through nested stacks or modules, template validation and linting, integration with continuous integration and continuous delivery pipelines, drift detection and remediation, and basic troubleshooting of template errors and deployment failures. Interview tasks may include writing or modifying short templates, explaining the lifecycle of a deployment, and comparing trade offs between native templates and multi cloud tooling.
Capacity Planning and Forecasting
Covers forecasting demand and planning infrastructure and platform capacity to meet expected business needs reliably and cost effectively. Candidates should be able to analyze historical usage and growth trends, build and validate capacity models, define capacity metrics and thresholds, estimate headroom and safety margins, and translate business growth scenarios into procurement or cloud provisioning plans and timelines. Includes storage and compute lifecycle planning such as archiving and retention strategies, upgrade and rollout planning to avoid disruption, and trade offs between overprovisioning and right sizing. Also addresses design for scale and redundancy, autoscaling and elasticity patterns, load balancing and failover planning, capacity testing and stress testing, monitoring and alerting for capacity signals, and techniques to measure and improve forecast accuracy. Finally it covers operational governance and decision making including cross team resource allocation, capacity reviews, cost optimization and budgeting, runbooks and change control, and alignment of capacity plans with service level objectives and business projections.
Domain Name System and Name Resolution
Comprehensive understanding of the Domain Name System and the end to end name resolution process. Candidates should be able to explain the full query flow from a client stub resolver to a recursive resolver and onward to root name servers, top level domain name servers, and authoritative name servers, and to distinguish recursive and iterative queries and the roles of stub, recursive, and authoritative resolvers. Expected knowledge includes common resource record types and their purposes such as A and AAAA address records, CNAME alias records, MX mail exchange records, NS delegation records, SOA start of authority records and zone serials, TXT arbitrary text and verification records, PTR reverse mapping records, and SRV service records. Candidates should understand caching behavior, the role of time to live values and negative caching, how propagation delays occur, and how time to live choices affect rollouts and rollbacks. The topic covers operational impacts and common failures including misdelegation and missing glue records, stale caches and slow resolution, DNS cache poisoning and denial of service amplification, and mitigations such as domain name system security extensions, rate limiting, and validating authoritative responses. Candidates should be able to perform diagnostics using tools and commands such as dig, nslookup, host, tcpdump, and traceroute, and to run checks like querying authoritative servers, performing a trace of the resolution path, inspecting SOA serial numbers, and testing from multiple resolvers. Practical troubleshooting steps and best practices are expected, including zone verification, checking delegation chains, understanding resolver configuration and forwarders, and planning DNS changes to minimize user impact.
Governance, Policy Enforcement, and Guardrails
Implementing policy as code, compliance checking, and safety mechanisms into infrastructure systems. Topics include automated cost controls, security policy enforcement, resource naming standards, tagging strategies, and preventing common misconfigurations. Discussion of balance between flexibility and governance.
AWS Well-Architected Framework Principles
Principles and guidelines from the AWS Well-Architected Framework for designing, building, and operating robust, secure, efficient, and cost-optimized systems on AWS. Covers the five pillars—Operational Excellence, Security, Reliability, Performance Efficiency, and Cost Optimization—and related architecture decisions, patterns, and best practices.
Cloud Migration Strategy and Planning
Comprehensive planning and execution for migrating applications, data, and infrastructure from on premise environments to cloud platforms. Candidates should be able to assess existing application architecture, infrastructure, data flows, dependencies, performance and operational practices; prioritize workloads based on technical characteristics and business value; and select appropriate migration approaches such as rehost or lift and shift, replatform, refactor or rearchitect for cloud native, repurchase or move to software as a service, retire, or retain. Evaluation should include trade offs for each approach with respect to total cost of ownership, time to migrate, implementation effort, operational complexity, and long term optimization. Candidates should also plan phased migration execution including discovery and dependency mapping, migration waves, cutover and rollback strategies, and data migration and synchronization techniques. Interviewers may probe planning for domain name system updates, testing and validation, monitoring and operationalization after migration, security and compliance controls, and hybrid or coexistence patterns during transition. Candidates should be familiar with assessment tools and migration services, methods to estimate effort and risk, strategies for automation and continuous integration and continuous delivery pipelines, and training and organizational change management needed for a successful migration.
Large Scale Infrastructure Challenges
Awareness of engineering and operational challenges at massive scale including global network optimization, multi region failover and redundancy, integration of cloud and on premise systems, security and compliance at scale, performance and latency for a global user base, cost optimization across large fleets, and maintaining reliability without exponential operational complexity. Candidates should demonstrate thinking about architecture patterns, trade offs, monitoring and incident response at scale, and strategies for evolving platform capabilities as load and feature sets grow.
Advanced Routing and Traffic Engineering
Advanced routing protocols, algorithms, and real world deployment practices for large scale and multi domain networks. Topics include deep Border Gateway Protocol knowledge such as path selection, attribute handling including weight, local preference, AS path manipulation, multi exit discriminators, communities, route filtering, route aggregation, and mitigation of route hijacking. Also covers advanced aspects of interior protocols such as Open Shortest Path First and IS IS including area design, adjacency and LSA or link state behavior, convergence optimization, and comparison of link state versus other approaches. Traffic engineering topics include load balancing, multi path routing, MPLS fundamentals and label switching, segment routing principles, and using routing and BGP for traffic engineering across internet exchanges and multi carrier environments. Practical skills include designing redundancy, scaling routing control planes, route policy design, and troubleshooting complex inter domain routing behaviors.
Network Troubleshooting Methodology
Focused approach to diagnosing network connectivity, performance, and reliability issues. Includes defining symptoms and scope, checking physical connectivity, verifying interface and link status, examining addressing and routing, investigating firewall and access control rules, performing path checks and packet captures, interpreting flow data and latency metrics, forming and testing hypotheses systematically, and escalating as needed. Familiarity with common network diagnostic tools and techniques, approaches to intermittent and performance degradation issues, and layer by layer reasoning are expected.
Network Performance and Latency Optimization
Network level performance considerations including bandwidth, latency, jitter, packet loss, quality of service, congestion management, and capacity planning. Techniques covered include request batching, compression, connection pooling, content delivery networks, edge caching, and transport level tuning. Candidates should also discuss measurement and monitoring of network metrics, trade offs for global user bases, and strategies to optimize tail latency for latency sensitive services.
Data Center Network Architecture
Design and operational principles for modern data center networks including fabric topologies such as spine leaf and non blocking Clos designs, east west traffic optimization for server to server communication, and considerations for scale and performance. Covers underlay and overlay separation, overlay technologies such as Virtual Extensible Local Area Network, Generic Network Virtualization Encapsulation, and Network Virtualization using Generic Routing Encapsulation, and the trade offs when designing underlay routing and overlay encapsulation. Includes load balancing at scale including connection tracking, stateful and stateless load balancing strategies, service chaining, and operational concerns for high performance fabrics. Also includes multi pod and multi site data center designs and inter pod communication patterns, network virtualization and software defined networking concepts, automation and programmability for provisioning and telemetry, quality of service and capacity planning, and physical infrastructure impacts such as power and cooling considerations when choosing architectures.
Network Automation
Automate network device configuration, provisioning, and operational workflows using automation frameworks and Infrastructure as Code principles tailored to networking. Topics include configuration management and orchestration for network devices, programmatic device access libraries, version controlling network configurations, testing and validation of network changes, event driven remediation, performance and scale considerations, and common challenges such as state reconciliation and vendor heterogeneity. Candidates should be able to discuss tools and libraries used in network automation and strategies for deploying safe, repeatable network changes at scale.
Configuration Management and Desired State
Configuration Management and Desired State focuses on ensuring systems remain in a known, consistent state across fleets and environments. Candidates should understand desired state configuration, idempotent operations, differences between declarative and imperative approaches, templating and variable management, configuration versioning, change control, validation and rollback strategies, drift detection and automated remediation, handling environment specific configuration, and the interaction between configuration management and operational concerns such as autoscaling. This topic also covers managing test environment configurations and using platform specific configuration systems such as Group Policy to apply and troubleshoot system settings at scale.
Cloud Strategy and Migration Planning
Fundamentals and planning practices for adopting cloud computing and migrating workloads to cloud environments. Coverage includes understanding cloud delivery models such as Infrastructure as a Service, Platform as a Service, and Software as a Service, and hybrid deployment options. Candidates should be able to evaluate migration strategies including lift and shift, refactor, replatform, and rebuild, and assess trade offs across cost, performance, security, compliance, and organizational readiness. Planning topics include workload assessment, suitability analysis, vendor evaluation for examples like Amazon Web Services, Microsoft Azure, and Google Cloud Platform, migration sequencing and runbooks, data migration and networking considerations, identity and access patterns, testing and rollback strategies, monitoring and observability, cost optimization and governance, and stakeholder and change management during migration.
Server Infrastructure and Resource Allocation
Covers designing and operating server infrastructure to support applications and workloads reliably and cost effectively. Topics include server architecture and configuration choices such as memory optimized, central processing unit optimized, storage optimized, and general purpose servers and when to use each. Includes virtualization concepts and virtual machines, hypervisors, containerization technologies such as Docker, and orchestration basics such as Kubernetes at a conceptual level. Covers infrastructure provisioning and automation practices including infrastructure as code and configuration management, and how to provision physical servers, virtual machines, or cloud instances. Emphasizes resource allocation and utilization optimization through right sizing, capacity planning, monitoring, scaling strategies, load balancing, redundancy, and high availability. Also addresses network connectivity and bandwidth planning, security and access considerations, cost trade offs, and physical constraints such as power, cooling, and space when comparing bare metal, virtualized, and cloud deployments.
Containerization and Virtualization Trade Offs
Examines trade offs between containers and virtual machines and the complexity of orchestrated environments. Topics include hypervisor and virtual machine basics, container isolation and resource models, performance and overhead comparisons, security and attack surface differences, when to prefer virtual machines versus containers, single container versus orchestrated multi container setups, operational complexity versus benefits, and criteria for selecting the appropriate platform at different scales.
Internet Protocol Suite Basics
Covers fundamental networking concepts centered on the Internet protocol suite and how its layers map to practical network functions. Topics include comparison of layering models, link layer operation and address resolution, Internet layer addressing and routing including Internet Protocol version four and Internet Protocol version six, subnetting and classless interdomain routing, transport layer semantics such as the Transmission Control Protocol three way handshake, congestion control and reliability, User Datagram Protocol use cases, common control protocols such as the Internet Control Message Protocol and address resolution mechanisms, network address translation, sockets and port concepts, domain name resolution, dynamic host configuration approaches, fragmentation and maximum transmission unit considerations, packet encapsulation and decapsulation, and basic troubleshooting and diagnostic concepts. Interviews assess conceptual understanding and the ability to reason about packet flow, addressing, and protocol behavior under failure or attack conditions.
DNS and DHCP Fundamentals
Focused understanding of name resolution and automatic address assignment systems and how they affect connectivity and system configuration. Topics include Domain Name System concepts such as name resolution, resource records, zones, delegation, caching behavior, authoritative versus recursive resolution, and common resolution failure modes. It also covers Dynamic Host Configuration Protocol concepts such as lease lifecycle, scopes and pools, address assignment modes, lease renewal and release, and interactions with network boot and provisioning systems. Practical troubleshooting techniques are emphasized, including diagnosing failed resolution, inspecting caches, examining DHCP lease information, using diagnostic tools and commands such as nslookup and dig, and resolving client configuration issues that impact network connectivity. The description also covers how these services are deployed in small and large environments, security and operational considerations, and how name and address services integrate with other networking and application components.
Transport Layer Protocols
Comprehensive understanding of transport layer protocols, primarily Transmission Control Protocol (TCP) and User Datagram Protocol (UDP), and related protocols used for diagnostics such as Internet Control Message Protocol (ICMP). Candidates should be able to explain TCP as a connection oriented, reliable, ordered, and flow controlled protocol including the three way handshake for connection establishment, the four step connection teardown, retransmission and timeout behavior, and high level congestion control and flow control mechanisms. Describe TCP header structure and key fields used for reliability and ordering. Explain UDP as a connectionless, best effort, lower latency protocol, its datagram model, simple header structure, and trade offs for reliability and ordering. Give real world use cases and justify protocol choice, for example reliable file transfer and web traffic versus low latency streaming, real time voice, and many DNS queries. Discuss port numbers and common service ports such as HTTP port 80, HTTPS port 443, DNS port 53, SSH port 22, and SMTP port 25, and how sockets and ports map to endpoints. Cover practical topics such as when UDP may fall back to TCP, how fragmentation and packet loss affect each protocol, and the role of ICMP for network diagnostics and error reporting.
Network Diagnostic Tools and Commands
Practical knowledge of common network tools: ping (ICMP echo requests), traceroute (path tracing), ipconfig/ifconfig (IP configuration viewing), nslookup/dig (DNS queries), netstat (connection statistics), arp (address resolution protocol), and packet analysis tools like Wireshark. Know what each tool does, what output to expect, and how to interpret results.
Networking Protocols and Services
Comprehensive knowledge of common network protocols, services, and related architecture. Candidates should understand the purpose and operation of protocols such as Transmission Control Protocol, User Datagram Protocol, Domain Name System, Dynamic Host Configuration Protocol, Internet Control Message Protocol, Address Resolution Protocol, Hypertext Transfer Protocol and Secure Hypertext Transfer Protocol, File Transfer Protocol, Secure Shell, Simple Network Management Protocol, and Syslog. Expect familiarity with port numbers, protocol layering and suites, reliability versus best effort semantics, flow control and congestion control principles, and how protocols interact across layers. Candidates should be able to explain name resolution flow for the Domain Name System, address assignment flow for the Dynamic Host Configuration Protocol, and diagnostic roles of the Internet Control Message Protocol. Assessment may include load balancing concepts and algorithms, fundamentals of transport security such as Transport Layer Security, network security controls and network policies, service mesh and modern east west traffic patterns, and common troubleshooting and observability techniques for network issues at scale including packet tracing and latency analysis.
Cisco IOS Basics and Device Configuration
Basic Cisco Internetwork Operating System (IOS) commands for routers and switches: navigating command modes (user/enable/config), basic show commands (show interface, show ip route, show running-config), basic configuration commands (hostname, IP addressing, routing), and understanding command hierarchy.
Network Connectivity Troubleshooting
Techniques and systematic approaches for diagnosing and resolving network level connectivity problems across wired and wireless links and device interfaces. Topics include checking physical connections and link status, verifying internet protocol addressing and configuration, distinguishing between dynamic addressing and static addressing issues, resolving domain name system name resolution failures, examining routing tables and route reachability, inspecting address resolution protocol entries and switch tables, validating virtual local area network and trunk configurations, and interpreting interface statistics such as errors, drops, and collisions. Emphasis is placed on using diagnostic tools such as ping and traceroute, interpreting operating system network configuration commands and device show commands, testing from multiple endpoints, and recreating problems in lab topologies to isolate where traffic is breaking.
Routing Troubleshooting and Verification
Focuses on diagnosing network routing problems and verifying route configurations and packet forwarding behavior. Topics include examining routing tables, validating static routes, understanding routing protocol behavior and metrics, tracing path of packets using traceroute and similar tools, using show commands to inspect route propagation and interface state, identifying misconfigurations and route leaks, and reasoning about how routing decisions affect reachability. Candidates should be able to form hypotheses about why packets are not reaching destinations, apply systematic testing steps, and propose corrective actions or configuration changes.
Network Performance and Capacity Planning
Covers monitoring, testing, design, and capacity forecasting for network infrastructure. Candidates should know key network performance metrics such as bandwidth utilization, latency, jitter, packet loss, throughput, and error rates; how to establish a performance baseline and detect anomalies; common network monitoring techniques and tools for traffic analysis and device statistics; methods for network performance testing and validation including active throughput and latency tests; and basic capacity planning and upgrade strategies for small sites and departmental networks. Also includes considerations for quality of service, redundancy, modest growth forecasting, and tradeoffs when designing small scale network segments and link capacities.
Router and Switch Configuration
Practical knowledge and hands on skills to configure routers and switches using a command line interface on industry platforms. Core abilities include setting Internet Protocol addresses on interfaces, enabling and disabling interfaces, configuring hostnames and administrative access, saving and backing up configurations, and understanding configuration modes and command structure. Routing topics cover basic static routing, default routes, and introductory dynamic routing protocols and how to verify routing table entries. Switch topics cover virtual local area network creation and assignment, trunk configuration, port configuration and management. Security and policy configuration includes access control lists and basic interface security. Verification and troubleshooting skills include using platform show and status commands to inspect running configuration, routing table and interface state, using ping and traceroute to test connectivity, and interpreting logs and counters. Candidates should understand platform syntax differences such as those between Cisco and Juniper devices, configuration management and restoration processes, and common troubleshooting workflows. Familiarity with practicing these tasks in lab environments or simulators is expected.
Network Configuration and VLAN Management
Network Configuration and VLAN Management covers configuring and managing network devices and logical network segmentation. Key skills include creating and managing virtual local area networks, assigning access and trunk ports, configuring VLAN tagging and native VLANs, using switch command line interfaces to configure ports and features, understanding spanning tree and MAC address tables, testing and troubleshooting switch configurations, and applying Git style operations and automation to network configuration workflows. Candidates should also be familiar with network automation tooling and approaches for managing network configurations at scale.
Network Protocols and Encapsulation
Comprehensive knowledge of network protocol stacks and layering, including the Open Systems Interconnection model and the Transmission Control Protocol and Internet Protocol suite. Candidates should understand protocol purposes and behaviors at each layer, including connection oriented and connectionless transport, address resolution, discovery and multicast management, and control plane messages. Know common protocols such as the User Datagram Protocol, Internet Control Message Protocol, and Internet Group Management Protocol and how they differ in reliability, ordering, and use cases. Be familiar with tunneling and encapsulation technologies and their tradeoffs, including Virtual Private Network, Generic Routing Encapsulation, Multiprotocol Label Switching, overlay network technologies such as Virtual Extensible Local Area Network, Generic Network Virtualization Encapsulation, and Network Virtualization using Generic Routing Encapsulation. Understand encryption and integrity options at the network layer such as Internet Protocol Security and at the transport layer such as Transport Layer Security and Secure Sockets Layer, including tunnel versus transport modes. Be able to reason about encapsulation overhead, maximum transmission unit and fragmentation, latency and throughput implications, path characteristics, compatibility and interoperability, and typical deployment patterns for site to site tunnels, remote access, data center overlays, and network virtualization.
Container Networking Fundamentals
Networking concepts specific to containerized environments and orchestration platforms. Topics include container network models such as bridge, host, and overlay networks, port mapping and network address translation for containers, and container network interface plugins and how they enable different connectivity models. Coverage includes service discovery and in cluster Domain Name System behavior, how networking differs between local single host containers and orchestrated clusters, load distribution mechanisms such as kube proxy and ingress concepts, network policies for traffic control and isolation, and common troubleshooting approaches for container networking issues. Practical skills include diagnosing container interface and route issues, interpreting container network namespaces, packet capture in container contexts, and understanding performance and security trade offs when designing container networking for production.
Switching and VLAN Fundamentals
Fundamentals of Ethernet switching and virtual local area network design and operation. Topics include media access control addresses and how switches learn and populate forwarding tables, switch forwarding behavior, spanning tree protocol basics for loop prevention, virtual local area network concepts including access ports, trunk ports, and tagging, and the distinction between second layer switching and third layer switching. Candidates should understand practical configuration and troubleshooting scenarios, common failure modes, and when to use virtual local area networks for segmentation and traffic isolation.
Network Scalability and Growth Planning
Designing network architectures that support organizational growth and higher traffic volumes. Topics include addressing and naming schemes, topology choices, equipment selection limits, bandwidth planning, strategies for adding users services or new sites, segmentation and isolation concerns, wide area network considerations, and the impact of network design on application scalability and resilience. Also covers planning for predictable increases in traffic and ensuring the network does not become the scaling bottleneck.
Static Routing and IP Configuration
Configure static routes on routers to direct traffic. Understand route syntax, routing table priorities, and how to verify traffic is taking the intended path. Configure IP addresses, subnet masks, and default gateways on devices to ensure Layer 3 connectivity.
Amazon Web Services Core Services
Comprehensive knowledge of the foundational Amazon Web Services that are commonly used to design, deploy, and operate cloud applications. This includes compute services such as Amazon Elastic Compute Cloud for virtual machines and instance families, Amazon Web Services Lambda for serverless functions, and Amazon Elastic Beanstalk for managed application platforms; storage services such as Amazon Simple Storage Service for object storage, Amazon Elastic Block Store for block volumes, and Amazon Elastic File System for shared file storage; database services such as Amazon Relational Database Service for managed relational databases, Amazon DynamoDB for NoSQL, and Amazon ElastiCache for in memory caching; networking and content delivery including Amazon Virtual Private Cloud networking concepts, subnets, security groups, load balancers, and Amazon CloudFront; container and orchestration options such as Amazon Elastic Container Service and Amazon Elastic Kubernetes Service; and management and security services including Identity and Access Management, Amazon CloudWatch monitoring and logging, Auto Scaling, and cost and service limit considerations. Candidates should understand core service characteristics, common configuration choices and trade offs, operational considerations such as high availability and fault tolerance, basic security and compliance approaches, performance and cost optimization, and guidance for selecting one service over another for typical application patterns.
Network Architecture and Topology
Design of network topologies and segmentation for scale and reliability. Covers data center and backbone topologies such as spine leaf, hub and spoke, full and partial mesh, WAN options including MPLS and SD WAN, redundancy and failover strategies, segmentation and micro segmentation for security, and design considerations for global and regional network growth and performance.
Network Protocol Internals and Edge Cases
Deep understanding of how protocols work internally (TCP congestion control, IP fragmentation, DNS resolution under failure, IPv6 transition), edge cases that cause problems, and protocol troubleshooting.
VPN, WAN Optimization, and Tunneling Protocols
Expertise in VPN technologies, tunneling protocols, WAN optimization techniques, SD-WAN approaches, and secure remote access. Understanding trade-offs between different approaches.
Cloud Infrastructure and Hybrid Architectures
Understanding cloud provider infrastructure (AWS, Azure, GCP), virtualization concepts (hypervisors, container orchestration), Infrastructure-as-a-Service (IaaS) considerations, hybrid cloud and on-premise integration, cloud cost optimization, and vendor-specific architecture patterns.
Enterprise Scale Project Experience
Prepare 2-3 concrete examples of medium-to-large-scale cloud projects you've worked on, focusing on projects involving architecture decisions, multi-region deployments, or enterprise considerations (scalability, security, cost).
Network Resilience and Redundancy
Designing network layer resilience to avoid single points of failure and to ensure connectivity during outages. Topics include redundant links and devices, routing and path diversity, active active and active passive configurations, failover protocols such as Hot Standby Routing Protocol and Virtual Router Redundancy Protocol, border gateway and routing strategies, network segmentation, and monitoring and documentation for recovery. Candidates should be able to explain how network failures propagate and how to design networks that support application level high availability and disaster recovery plans.
Virtual Private Network Technologies
Fundamentals of virtual private network technologies, deployment models, and the encryption mechanisms that underlie secure tunneling. Candidates should understand common VPN types and use cases including site to site connections, remote access for individual users, and client to site configurations. Review major protocol families by full name such as Internet Protocol Security, Secure Sockets Layer and Transport Layer Security VPNs, and Layer Two Tunneling Protocol, including tunnel versus transport modes, encapsulation, and considerations for network address translation traversal. Cover authentication methods including passwords, certificate based authentication, and multi factor approaches, as well as how key exchange and Public Key Infrastructure support secure sessions. Be ready to discuss performance and operational trade offs such as CPU overhead from encryption, split tunneling, routing implications, and deployment considerations for enterprise and cloud environments.
Operations and Capacity Management
Designing for operability and sustainable capacity across infrastructure and services. Candidates should be able to identify key operational metrics such as throughput, latency, error rates, packet loss, device health, and link utilization, and explain how to instrument systems to collect those metrics. Expect discussion of monitoring architecture including device level agents, centralized collection and storage, dashboarding, alerting and escalation, and runbook driven incident response. Capacity planning topics include tracking utilization trends, forecasting growth, planning upgrades or scaling strategies, load testing and stress testing, autoscaling triggers and thresholds, capacity buffers, and cost versus performance trade offs. Also include change management and configuration tracking practices to aid troubleshooting, oncall and incident management processes, documentation requirements such as diagrams and runbooks, and how design choices affect long term operability and maintainability.
Data Center Networking and Cloud Integration
Design networks within data centers: data center interconnect (how multiple data centers connect), pod architecture (groups of servers sharing network), spine-leaf topology (standard modern data center design with high capacity). Hybrid cloud networks: designing connectivity between on-premises data centers and cloud providers (AWS, Azure, GCP). Interconnection options: AWS Direct Connect (dedicated connection), Azure ExpressRoute, cloud native peering. Edge networking: content delivery networks (CDNs) for caching, edge compute locations. Software-defined networking (SDN) concepts: separating control plane from data plane, enabling programmatic network management.
VLAN Configuration and Network Segmentation
Create VLANs on switches (assign VLAN IDs, name VLANs). Assign ports to VLANs (access ports for end devices, trunk ports for switch-to-switch connections). Configure 802.1Q tagging for trunk ports. Configure inter-VLAN routing on L3 switch or router: create SVI (Switch Virtual Interface) for each VLAN, enable routing between SVIs. Test connectivity: ensure devices in same VLAN can communicate, devices in different VLANs can communicate through router, unauthorized traffic is blocked. Understand VLAN concepts: broadcasts are isolated to VLAN, unicast traffic must be routed between VLANs.
Multi Region and Multi Cloud Resilience
Designing systems that work across multiple geographic regions or cloud providers. This addresses the highest reliability requirements and provides protection against provider-level failures. At senior level, understand data replication across regions, latency implications, consistency trade-offs, and cost of multi-region deployments. Design routing policies that direct traffic to healthy regions. Address compliance requirements that may mandate geographic distribution.
Network Equipment Selection and Justification
Choose appropriate network equipment for different design scenarios. Understand roles of different device types (access switches, distribution switches, core routers, firewalls). Consider performance requirements (throughput, latency), available ports, PoE capabilities, management features, and cost. Be able to justify why a device is appropriate for its role.
Kubernetes Troubleshooting
Covers diagnosing and resolving failures in container orchestration with an emphasis on Kubernetes pod and deployment issues. Topics include Kubernetes architecture and components, pod lifecycle and states, common failure modes such as CrashLoopBackOff, ImagePullBackOff, out of memory conditions, resource limit and quota problems, and node or scheduling issues. Practical debugging skills include using command line inspection and control tools, reading and correlating logs and events, using exec into containers, describing resources, checking node and cluster health, and interpreting health checks, liveness and readiness probes. Also includes distinguishing platform or cluster issues from application level faults, analyzing networking and service discovery problems, using monitoring and observability data, understanding rolling updates and deployment strategies, and applying remediation and rollback techniques for reliable recovery.
Cloud Infrastructure Knowledge (AWS/GCP/Azure)
Have working knowledge of at least one major cloud platform: common services (EC2/Compute Engine, RDS/Cloud SQL, S3/Cloud Storage, Load Balancers, VPCs, networking), typical failure modes, and how to troubleshoot within that platform. Understand concepts like availability zones, regions, and cross-region failover.
GCP Compute and Networking
Covers Google Cloud Platform compute and network services and design patterns. Candidates should know Compute Engine virtual machine types and sizing including custom machine types, persistent disk options and storage classes, and object storage concepts. Expect understanding of Virtual Private Cloud networking, subnet design, Cloud NAT, route configuration, and network security controls. Candidates should be familiar with Google Cloud load balancing options and when to choose each, autoscaling for instance groups, hybrid connectivity patterns such as VPN and Interconnect, and the practical use of the gcloud command line and infrastructure as code tools such as Deployment Manager or Terraform to provision resources. The topic also includes architecting multi tier applications on GCP and reasoning about managed services trade offs versus self managed compute.
Connectivity and User Access Troubleshooting
A combined diagnostic approach for incidents where users cannot reach resources because of either connectivity issues or account and permission problems. This includes triage steps to determine whether a failure is network related, system or service related, or related to authentication and authorization; using network and system diagnostic tools such as ping, traceroute, and domain name system lookups; checking firewall and access control lists; reviewing system and application logs; verifying user account status, group membership, and permissions; and testing access from different systems and network locations to isolate variables. Candidates should demonstrate logical fault isolation, escalation reasoning, and safe verification of account and permission state.
Your SRE Background and Experience
Articulate your hands-on experience with systems administration, monitoring tools, automation scripts, and any incident response involvement. Be specific about technologies (e.g., Prometheus, Grafana, Kubernetes, Docker, Terraform) and concrete examples of what you've built or fixed.
Hardware Troubleshooting and Diagnostics
Skills and processes for detecting, diagnosing, and remediating hardware faults across servers, storage, network interface cards, and peripherals. Topics include recognizing common failure modes for CPU, memory, disk, and NICs; using firmware and BIOS UEFI settings and diagnostics; interpreting hardware monitoring outputs and sensor data; running vendor diagnostic utilities and benchmarks; using SMART and storage diagnostics; distinguishing hardware from software issues; safe escalation and vendor engagement procedures; and planning replacements and mitigations to avoid data loss or downtime. Emphasis is on methodical data collection, reproducible tests, and appropriate escalation.
Networking, VPC, and Connectivity
Deep understanding of AWS VPC architecture including subnets (public and private), route tables, Network Address Translation (NAT), internet gateways, and VPC endpoints. Knowledge of security groups and network ACLs. Understanding of VPN and AWS Direct Connect for hybrid connectivity. DNS and Route 53 routing policies.
Linux Networking Configuration and Troubleshooting
Network interfaces and configuration files. IP addressing and routing configuration. Using netstat, ss, ip, ifconfig commands. DNS configuration and troubleshooting. Network connectivity testing (ping, traceroute, telnet, curl). Network statistics and monitoring. Firewall basics (iptables/firewalld). Understanding network namespaces.
Network Monitoring and Observability
Covers strategies and tooling for observing network health and performance. Topics include active health checks versus passive telemetry, what to measure at interface and flow level, flow based telemetry such as NetFlow and sFlow and export formats such as Internet Protocol Flow Information Export, Simple Network Management Protocol based metrics, metrics hierarchy and granularity, retention and aggregation considerations, alerting strategy to manage signal to noise and avoid alert fatigue, dashboards and status pages, runbook and incident playbooks, topology and capacity planning, and common observability platforms and integrations such as Prometheus the Elastic stack and Splunk or cloud native alternatives. Interviews evaluate ability to design what to monitor how to collect it and how to turn telemetry into reliable operational signals.
GCP Core Services and Architecture Basics
Core Google Cloud Platform services and architecture concepts, including Compute Engine, Kubernetes Engine (GKE), App Engine, Cloud Functions, Cloud Run, Cloud Storage, BigQuery, Pub/Sub, Cloud SQL/Spanner, and IAM. Covers foundational cloud architecture topics such as projects and resource organization, VPC networking (regions, zones, subnets), identity and access management, security considerations, and scalable design patterns for cloud-native applications on GCP.
Microsoft Product and Azure Fundamentals
Practical knowledge of Microsoft enterprise offerings and core Azure services, and the ability to map those products to customer scenarios. Candidates should understand when to recommend Azure compute database and networking services versus platform services when Microsoft 365 Dynamics 365 or Power Platform are more appropriate and how to articulate trade offs for scalability security compliance and cost. Topics include Azure infrastructure and platform services virtual machines app services managed databases storage networking identity and governance considerations migration patterns and common integration approaches with on premise systems.
Microsoft Products and Ecosystem
Knowledge of Microsoft's enterprise product suite and how the pieces fit together as part of a broader technology stack. Covers Office 365 and Microsoft 365 (Teams, SharePoint, Exchange), Dynamics 365, the Power Platform (Power Apps, Power Automate, Power BI), and core Azure services, along with common integration patterns between them: identity and access management (Azure AD / Entra ID, single sign-on), data flows across products, typical enterprise deployment topologies, licensing and bundling models, and security and compliance considerations. Candidates should be able to explain how these products interoperate, when a Microsoft-native service is the right fit versus a third-party alternative, and the practical tradeoffs involved in enterprise adoption, rollout, and migration.
Cloud Migration Strategies
Know common cloud migration approaches commonly summarized as the six R strategies: Rehost, Replatform, Refactor or Rearchitect, Repurchase or move to a software as a service offering, Retire, and Retain. For each approach explain the rationale, expected cost and effort, risks, and example scenarios. Be ready to describe basic migration planning steps including discovery and assessment, cost and risk evaluation, data migration techniques, cutover and rollback planning, validation testing, and post migration optimization. For entry level discussions emphasize practical examples of rehosting and replatforming and the trade offs between operational simplicity and long term modernization.
Cloud Migration Strategy and Cutover
Plan end to end migration using common patterns such as rehost replatform refactor and repurchase and map those choices to workload characteristics. Define sequencing and phase gates plan pilot migrations and develop detailed cutover playbooks that include data replication validation reconciliation and rollback triggers. Address zero downtime techniques such as parallel running incremental synchronization canary deployments and feature gates plus testing strategies metrics to detect regressions and run books for rollback and post cutover verification.
Network Design and Security Architecture
Design secure and reliable network and security architectures for cloud environments. Topics include virtual network and subnet design, segmentation and firewall policies, private connectivity patterns, load balancing and failover, encryption in transit and at rest, key management fundamentals and integration with key vaults, identity and access management boundaries, denial of service protections, network monitoring and logging, and compliance and regulatory controls such as data residency and auditability. Interviewers look for practical trade offs between usability security and operational complexity.
Azure Core Services Overview
Demonstrate familiarity with the primary categories of Azure services and the common offerings within each category. Explain compute options such as virtual machines, App Service, and Azure Functions; storage options such as blob storage, file shares, queue and table storage; networking constructs such as virtual networks and load balancers; and database offerings such as Azure SQL Database, Azure Database for PostgreSQL, and Cosmos DB. Also be familiar with security and identity tools like Azure Key Vault and role based access control, and with monitoring solutions such as Azure Monitor and Application Insights. For each category explain typical use cases, operational trade offs, and basic selection criteria based on control, scalability, cost, and maintenance burden.
Kubernetes and Container Orchestration Fundamentals
Core knowledge of container orchestration with a focus on Kubernetes fundamentals and everyday operations. Candidates should understand the role of orchestration and why it is used at scale, and be familiar with core Kubernetes objects including pods as the smallest deployable unit, deployments and replica management, replica sets, services for inter pod communication and service discovery, config maps and secrets for configuration and secret management, and the basic lifecycle of containerized applications. Coverage includes deployment and scaling workflows, rolling update and rollout strategies including rollbacks, common deployment patterns such as blue green and canary, and basic health checks and probe concepts. Practical operational skills include common kubectl commands for deploying, inspecting, scaling and debugging applications, reading pod logs and events, describing resources, port forwarding, and diagnosing common failure modes. Candidates should also understand high level trade offs between using managed cloud provider Kubernetes services and operating self managed clusters including operational overhead, upgrades, cost, and reliability considerations. The scope focuses on fundamentals and day to day operations and excludes advanced cluster administration topics such as custom operators, admission controllers, control plane internals, and deep platform level configuration.
Link Layer Troubleshooting
Troubleshooting at the link layer and local network segment. Topics include Address Resolution Protocol operation and neighbor tables, Media Access Control addressing and switch forwarding behavior, duplicate address detection and gratuitous neighbor announcements, spanning tree protocol related issues, duplex and speed negotiation failures, interface flapping, broadcast storms, and physical media faults. Candidates should know how to inspect neighbor and media access control tables, use link diagnostics such as ethtool, and capture link layer traffic to identify root causes.
Packet Level Diagnostics and Protocol Analysis
Using packet capture and analysis to diagnose protocol level behavior and network faults. Skills include capturing traffic with tcpdump, analyzing capture files with Wireshark or tshark, applying capture and display filters, following protocol streams, and reconstructing exchanges. Candidates should understand Transmission Control Protocol handshake and sequence semantics, retransmissions and duplicate acknowledgement patterns, congestion and flow control signals, User Datagram Protocol characteristics, fragmentation and maximum transmission unit issues, checksum and format anomalies, and how to correlate packet level traces with application logs and metrics to attribute latency or failures. Also cover techniques for capturing at multiple points, interpreting timestamps, and using packet analysis to validate fixes.
Large-Scale Consumer Device Infrastructure and Operations
Assess a candidate's understanding of the scale, constraints, and distinctive operational challenges of running infrastructure for a company that manufactures and ships large volumes of consumer hardware devices, from managing hundreds of millions to billions of device identities to building a global data center and edge footprint that keeps those devices online and updated. Areas to address include privacy first architecture and telemetry minimization, staged device update and distribution rollouts, secure device attestation and key management, zero trust segmentation and defense in depth, and capacity planning for product launch spikes and other sudden demand surges. Interviewers expect references to concrete infrastructure trade offs and design patterns such as regional edge caching, multi region replication and consistency choices, canary and staged rollout strategies for firmware or software updates, and operational practices for safe change rollout and incident response when a defect or outage can affect millions of devices simultaneously. The assessment evaluates systems thinking across hardware and software boundaries, cross functional collaboration, and the ability to propose scalable, privacy aware, resilient designs that hold up at consumer device scale.
Wide Area Network Design and Optimization
Focuses on designing and tuning intersite connectivity for multi site architectures. Candidates should cover connectivity options and tradeoffs including internet based virtual private networks, dedicated circuits and multiprotocol label switching, software defined wide area networking overlays, and direct cloud connectivity. Expect discussion of route distribution and interaction with interior and exterior routing, path selection, traffic engineering, quality of service end to end across the wide area, latency and jitter mitigation, bandwidth and capacity planning, failover and site reachability strategies, and techniques for accelerating or caching traffic. Candidates should explain operational concerns such as monitoring, health checks, failover testing, and cost versus performance tradeoffs when choosing designs.
Network Troubleshooting and Root Cause Analysis
Covers structured, multi layer approaches to diagnosing complex network and cross component failures. Candidates should demonstrate how they characterize incidents, assess scope and impact, reproduce problems when safe, form testable hypotheses, and apply systematic elimination to isolate the root cause. Expect discussion of packet capture analysis, path and flow troubleshooting, interpreting router and switch show commands, checking forwarding information and ARP tables, correlating syslog and application logs, verifying Domain Name System and name resolution, and identifying configuration errors, access control or firewall blocks, routing and forwarding anomalies, MTU and performance issues, and intermittent faults. Candidates should describe tooling and telemetry patterns they use to validate hypotheses, how they collaborate with application and infrastructure teams to eliminate components, how they document findings, and how they drive remediation and post incident reviews to prevent recurrence.
Software Defined Networking and Programmability
Covers architecture, operational models, and trade offs for software defined networking and programmatic control of network infrastructure. Candidates should demonstrate understanding of separation of control plane and data plane, controller placement and clustering for availability and scale, northbound and southbound application programming interface design, flow based forwarding concepts and flow table limitations, common southbound protocols such as OpenFlow, and policy driven intent models. Evaluators will probe experience with network automation and orchestration using programmatic tooling and infrastructure as code, integration with orchestration systems and network function virtualization, telemetry and streaming observability, debugging and failure modes introduced by centralized control, testing and rollback strategies, and practical constraints when deploying programmable networks at scale.
Network Virtualization and Overlay Networks
Focuses on design, implementation, and operational management of virtual networks and overlay architectures used to support multitenancy and flexible topology. Candidates should be able to explain encapsulation based overlay designs such as virtual extensible local area networks and how overlays interact with the physical underlay, tunnel termination points and identifier mapping, overlay control plane options for reachability, addressing and tenant isolation strategies, integration with container networking and virtual machine networking, and the relationship with network function virtualization and virtual appliances. Interviewers will probe understanding of operational concerns including encapsulation overhead and maximum transmission unit impacts, approaches to troubleshooting visibility and packet capture in overlay environments, scaling patterns and control plane sizing, and security and segmentation techniques appropriate for multi tenant environments.
Multicast Networking
Knowledge of one to many distribution in IP networks including Internet Group Management Protocol for host membership and Protocol Independent Multicast in sparse and dense modes. Candidates should understand rendezvous point and source specific multicast models, multicast routing and forwarding state, multicast virtual private network patterns for isolation, layer two multicast handling such as snooping and upstream replication, scaling and operational challenges for large deployments, multicast for use cases like live video or market data distribution, and debugging approaches including multicast traceroute and route inspection.
TCP Behavior and Congestion Control
Deep understanding of Transmission Control Protocol dynamics, reliability, and congestion control and how they affect application performance. Topics include slow start, congestion avoidance, fast retransmit and fast recovery, window scaling and maximum segment size interactions, retransmission timer behavior, selective acknowledgements, and the effects of different congestion control algorithms such as cubic and bottleneck bandwidth and round trip propagation time. Candidates should be able to explain interactions with buffer sizing and bufferbloat, middleboxes and encryption, measurement techniques using packet traces and flow telemetry, and mitigations for tail loss and high latency scenarios.
Cost Optimization and Resource Efficiency
Approaches for balancing performance, reliability, and cost when designing and operating networks and cloud connectivity. Topics include modeling total cost of ownership, rightsizing bandwidth and equipment to avoid over provisioning, using caching and content delivery networks to reduce transit costs, traffic engineering to lower expensive links, evaluating capex versus opex tradeoffs, vendor and hardware selection for cost effective capacity, cloud specific cost controls such as reservation and committed use models, tagging and cost allocation, and monitoring cost drivers to drive continuous optimization. Candidates should be able to explain tradeoffs, justify cost conscious design decisions, and demonstrate how to achieve required service levels with efficient resource usage.
Firewalls NAT and Port Forwarding
Fundamental knowledge of how firewalls control traffic and how network address translation transforms addresses and ports to enable connectivity. Coverage includes packet filtering logic, stateful versus stateless behavior, rule ordering and access control lists, source and destination translation patterns, port address translation and port forwarding scenarios, hairpin and one to many translation considerations, cloud equivalents such as security groups and network access control lists, and how firewall rules interact with routing and address translation. The topic also covers practical troubleshooting techniques such as targeted connection tests, packet captures to verify translation and rule hits, common misconfiguration patterns that cause connectivity failures, and guidance for validating secure yet functional rule sets.
Quality of Service Implementation
Design and implementation of quality of service policies to prioritize critical traffic and provide predictable performance under congestion. Core areas include traffic classification and marking, Differentiated Services code point usage, queuing disciplines such as priority queuing and class based weighted fair queuing, token bucket shaping and policing, ingress and egress policy placement, designing end to end quality of service across administrative domains and tunnels, interactions with encryption and overlay encapsulation, measuring effectiveness with latency jitter and packet loss metrics, and trade offs between strict priority and fair sharing. Candidates should demonstrate how to create practical, testable policies and graceful degradation plans for overloaded conditions.
Network Protocols and Diagnostics
Comprehensive coverage of core network protocols and the diagnostic techniques used to verify and resolve issues across the data link, network, and transport layers. Topics include how Ethernet frames are constructed, how media access control addresses are used, the operation of the address resolution protocol for neighbor discovery, virtual local area network basics, and data link layer switching behavior. It covers the Dynamic Host Configuration Protocol flow for automated address assignment, common DHCP options and failure modes, and methods to validate address assignment. It explains the Domain Name System operation, common record types such as address and canonical name records, the resolution process, and tools for diagnosing name resolution problems. It details the differences between the Transmission Control Protocol and the User Datagram Protocol including connection establishment, reliability, flow control, ordering, typical use cases, and port concepts. It also covers the Internet Control Message Protocol and how reachability and path diagnostics use it, explains what ping and traceroute actually test, and how to interpret traceroute output. Practical diagnostic techniques are included such as packet capture and analysis, tcpdump and Wireshark usage, common symptoms like maximum transmission unit mismatches and fragmentation, and structured approaches to isolate protocol level failures.
MPLS and Traffic Engineering
Fundamentals and operational practices for multiprotocol label switching based networks and traffic engineering. Coverage includes the label forwarding paradigm, label distribution mechanisms such as label distribution protocol and resource reservation protocol for traffic engineered paths, segment routing options as a modern alternative, fast reroute and resilience patterns, virtual private network applications including layer three and layer two virtual private networks, operational provisioning and troubleshooting of label switched paths, and the interaction between label switching and interior gateway protocols. Candidates should understand typical service provider use cases, scaling considerations, and how to validate and debug label based forwarding.
Small and Branch Office Network Design
Design principles and pragmatic choices for small to medium sized networks and branch office scenarios. Covers address planning and subnetting strategies, appropriate virtual local area network segmentation, selecting between static and lightweight dynamic routing, basic redundancy options such as dual wide area network connections, secure remote access and virtual private network considerations, wireless integration, simple quality of service strategies for latency sensitive traffic, and practical operation concerns such as documentation, remote management and cost effective equipment selection. Emphasis is on designs that balance manageability, security, and cost for environments with limited hardware and operational staff.
Interior Routing Protocols OSPF and IS-IS
In depth knowledge of link state interior gateway protocols such as Open Shortest Path First and Intermediate System to Intermediate System. Topics include adjacency formation and neighbor discovery, link state advertisement exchange, the link state database and shortest path first computation, area and level design, types of area boundaries, route summarization and redistributing routes, fast convergence techniques, traffic engineering implications, and troubleshooting approaches for adjacency and area related failures. The description also covers scaling considerations, metrics and cost tuning, and tradeoffs when choosing between protocol designs for large networks.
Emerging Network Technologies
Candidates should be able to discuss recent and emerging networking technologies and evaluate their architectural and operational implications. Topics include segment routing, software defined wide area networks, intent based networking, network telemetry and analytics, artificial intelligence and machine learning applications for traffic classification and anomaly detection, zero trust security evolution, and edge computing impacts on topology and latency. Interviewers expect candidates to explain deployment models, interoperability with legacy protocols, standards and vendor considerations, measurement and validation approaches, and trade offs in performance, cost, security, and operational complexity when adopting new technologies.
Managed Services and Self Managed Tradeoffs
Compare managed cloud services with self managed alternatives and explain when to choose each based on scale cost operational burden and required control. Cover operational ownership upgrade and patch cadences security responsibilities portability and vendor lock in risk performance characteristics and debugging and observability differences. Use concrete workload examples such as managed databases managed event services serverless compute and self hosted containers or virtual machines to justify decisions and to surface long term operational and migration implications.
Cloud Migration and Implementation Roadmap
Designing realistic, phased migration strategies and implementation plans that move customer workloads to the cloud while minimizing downtime, cost, and operational risk. Candidates should cover migration patterns such as lift and shift, replatforming, and refactoring, data migration and synchronization approaches, cutover and rollback plans, validation and testing strategies, pilot and proof of concept design, integration with existing systems, automation and runbook creation, operational readiness, and measurable success criteria. Answers should show how to sequence work, mitigate risks, and reduce business disruption across people process and technology dimensions.
Cloud Architecture Trade-Offs and Design Thinking
Reason about architectural trade offs and design choices for cloud native systems. Candidates should articulate frameworks for comparing managed services with self hosted solutions, weigh consistency versus availability requirements, evaluate cost versus performance trade offs, select appropriate region and replication strategies, and consider operational complexity and failure modes. Interviewers expect clear articulation of constraints, metrics used to make decisions, estimation of costs and latencies, and demonstration of iterative design thinking that balances product needs, delivery speed, and long term maintenance.
Cloud Service Selection and Tradeoffs
Frameworks and criteria for evaluating cloud platform services and making pragmatic architecture decisions. Coverage includes managed versus self managed offerings, choice of compute such as serverless functions versus containers versus virtual machines, storage class and database type selection, networking and regional availability, security and compliance considerations, operational burden and run book requirements, vendor lock in and portability risks, performance and latency trade offs, and cost modeling and total cost of ownership. Candidates should be able to articulate trade offs, provide examples of making service choices for real world constraints, and explain how selection affects operability and future evolution.
Cloud Integration and Hybrid Network Architecture
Designing connectivity and integration between on premise infrastructure and public cloud environments, including hybrid and multi cloud topologies. Topics include dedicated interconnect options and internet based connectivity, routing and network topology trade offs, virtual private networks and software defined wide area networks, network virtualization, security boundary and identity considerations across environments, latency and throughput implications, cost trade offs for interconnects, and operational practices for managing hybrid infrastructure and multi cloud complexity.
Infrastructure as Code Design and Modularity
Deep expertise with Terraform, CloudFormation, or Pulumi at scale. Module design patterns, code organization across monorepos vs polyrepos, state management strategies, remote backends, workspaces, and dependency management. Version control strategies for infrastructure, handling breaking changes, and managing IaC across teams. DRY principles and reducing repetition across infrastructure definitions.
Infrastructure Scaling and Capacity Planning
Operational and infrastructure level planning to ensure systems meet current demand and projected growth. Topics include forecasting demand headroom planning and three to five year capacity roadmaps; autoscaling policies and metrics driven scaling using central processing unit memory and custom application metrics; load testing benchmarking and performance validation methodologies; cost modeling and right sizing in cloud environments and trade offs between managed services and self hosted solutions; designing non disruptive upgrade and migration strategies; multi region and availability zone deployment strategies and implications for data placement and latency; instrumentation and observability for capacity metrics; and mapping business growth projections into infrastructure acquisition and scaling decisions. Candidates should demonstrate how to translate requirements into capacity plans and how to validate assumptions with experiments and measurements.
Cost Optimization at Scale
Addresses cost conscious design and operational practices for systems operating at large scale and high volume. Candidates should discuss measuring and improving unit economics such as cost per request or cost per customer, multi tier storage strategies and lifecycle management, caching, batching and request consolidation to reduce resource use, data and model compression, optimizing network and input output patterns, and minimizing egress and transfer charges. Senior discussions include product level trade offs, prioritization of cost reductions versus feature velocity, instrumentation and observability for ongoing cost measurement, automation and runbook approaches to enforce cost controls, and organizational practices to continuously identify, quantify, and implement savings without compromising critical service level objectives. The topic emphasizes measurement, benchmarking, risk assessment, and communicating expected savings and operational impacts to stakeholders.
Infrastructure Automation and Provisioning
Covers designing, implementing, and operating automated infrastructure provisioning and configuration using Infrastructure as Code practices and complementary automation patterns. Candidates should be able to select and author declarative infrastructure definitions with tools such as Terraform, CloudFormation, and Azure Resource Manager templates, and discuss configuration management tools such as Ansible, Puppet, or Chef. Core skills include modular and reusable code organization for multiple environments, variable and output management, remote state management and locking, idempotency and atomicity of operations, and version control integration for infrastructure artifacts. Candidates should understand testing and validation practices including linting, plan or dry run validation, unit and integration testing of infrastructure changes, and drift detection and remediation. The topic includes strategies for safe changes and rollbacks, change coordination, error handling and recovery, and deployment patterns such as canary and blue green where applicable. It also encompasses automation and orchestration patterns, immutable infrastructure and self healing practices, autoscaling and scaling policies, automated patching and updates, secrets handling patterns using secret managers, and integrating observability and monitoring into automated workflows. Finally, candidates should be able to reason about trade offs between imperative and declarative approaches, scaling Infrastructure as Code across large projects and teams, and security and compliance considerations for automated provisioning.
Technology and Platform Selection
Evaluation and justification of technologies services and platforms used to implement systems across the stack. Candidates should be able to select compute options including virtual machines containers and serverless platforms as well as orchestration and workflow engines messaging systems batch and streaming processing engines object and block storage data warehouses and other data platforms. The topic encompasses comparing managed services and self managed deployments cloud versus on premise hosting and choosing frameworks runtimes and overall stacks based on workload characteristics. Assessment focuses on weighing trade offs across cost operational overhead reliability latency and throughput scaling characteristics vendor lock in development velocity team familiarity and learning curve maturity and community support security and compliance and monitoring and debugging complexity. Candidates should demonstrate how system requirements map to service capabilities justify build versus buy decisions and managed service choices design proof of concept experiments and outline migration and rollout planning while making pragmatic choices that balance performance cost and operational risk.
Azure Services Deep Dive
In depth knowledge of Microsoft Azure platform services, architecture trade offs, operational considerations, and best practices. Candidates should be able to discuss compute options such as Azure Virtual Machines sizing, availability sets and zones, maintenance windows, and scale sets; storage options including Azure Storage account types, redundancy and replication choices, and backup strategies; database offerings such as Azure SQL Database, managed instances, high availability and replication patterns; networking fundamentals including Azure Virtual Network design, subnetting, network security groups, peering, service endpoints and private links, and load balancing with Application Gateway and Azure Load Balancer; container orchestration and related considerations such as Azure Kubernetes Service concepts, cluster sizing, upgrades, and networking models; serverless and platform services such as Azure Functions and event driven architectures; infrastructure as code and deployment pipelines using Azure DevOps and templates; identity and secrets management with Azure Active Directory and Azure Key Vault including secret rotation; monitoring, logging, and cost optimization strategies; and security, compliance, and disaster recovery planning across these services. Interview evaluation focuses on architectural reasoning, trade off analysis, operational runbook concerns, scaling and performance tuning, failure modes and recovery, and automation using provider native tooling.
Cloud Platform Experience
Personal account of hands on experience using public cloud providers and the concrete results delivered. Candidates should describe specific services and patterns they used for compute, storage, networking, managed databases, serverless and eventing, and explain their role in architecture decisions, deployments, automation and infrastructure as code practices, continuous integration and continuous delivery pipelines, container orchestration, scaling and performance tuning, monitoring and incident response, and cost management. Interviewees should quantify outcomes when possible with metrics such as latency reduction, cost savings, availability improvements or deployment frequency and note any formal training or certifications. This topic evaluates depth of practical experience, ownership, and the ability to operate and improve cloud systems in production.
Amazon Web Services Architecture and Operations
Advanced knowledge of Amazon Web Services platform services, architectural patterns, operational best practices, and trade offs. Candidates should be able to justify compute choices such as Amazon Elastic Compute Cloud instance types, instance sizing and performance tuning, and Auto Scaling strategies; storage and durability decisions including Amazon Simple Storage Service storage classes, versioning, lifecycle management, replication and archival strategies; database patterns such as Amazon Relational Database Service with multi availability zone deployments, read replicas and failover behavior, and Amazon DynamoDB capacity modes and throughput trade offs; networking design including Amazon Virtual Private Cloud topology, subnet and routing strategies, peering, gateway and interface endpoints, and network security controls; infrastructure as code and deployment patterns using Amazon CloudFormation including stack management and automated rollbacks; serverless and event driven design such as Amazon Web Services Lambda concurrency and cold start considerations and integration with Amazon API Gateway; content delivery and caching with Amazon CloudFront and Amazon ElastiCache including cache invalidation and expiry strategies; service specific operational concerns such as rate limiting, backup and restore, monitoring, logging, alerting and incident response; and cross cutting concerns including identity and access governance, cost optimization, disaster recovery planning and testing, and automation. Interview focus is on design reasoning, anticipating failure modes, scaling strategies, performance tuning, observability and automation, and provider specific operational practices.
Infrastructure as Code and Configuration Management
Infrastructure as Code and Configuration Management covers designing, implementing, and operating infrastructure defined as code and the practices that keep that infrastructure consistent and auditable. Topics include Infrastructure as Code principles and patterns, declarative versus imperative approaches, idempotency, state management, module and template design for reusable infrastructure, version control integration, testing and validation of infrastructure code, drift detection and remediation, safe rollout and rollback strategies, policy as code and Git operations for infrastructure, and how to scan and remediate infrastructure misconfigurations. This topic also encompasses integration points with system configuration tools and considerations for managing secrets and secure defaults within infrastructure definitions.
Cloud Architecture Fundamentals
Fundamental concepts and design patterns for cloud based systems and services. Topics include core service categories such as compute, storage, networking and databases, virtual machines and containers, serverless computing, managed services, and infrastructure as code. Understand deployment and service models including infrastructure as a service, platform as a service, and software as a service. Evaluate architectural patterns including monolithic, microservices, and serverless approaches, and how they influence scalability, availability, reliability, performance, security, and cost. For more senior roles include distributed systems concepts, consistency and partitioning models, trade off analysis, fault isolation, observability and operational practices in cloud native design.
Understanding the Company's Infrastructure Context
Research the company's public infrastructure information (engineering blog, tech talks, published case studies, job description). Understand what systems they operate at scale, what problems they likely face, and what your role would contribute to.
Technical Vision and Infrastructure Roadmap
This topic assesses a candidate's ability to define a multi year technical vision for infrastructure, platform, and systems and to translate that vision into a practical execution roadmap. Core skills include evaluating technology choices and architecture evolution, planning migration and modernization paths, anticipating scalability and capacity needs, and balancing cost performance with resilience and operational reliability. Candidates should demonstrate approaches to managing technical debt, sequencing investments across quarters and releases, estimating resources and timelines, establishing measurable infrastructure goals and key performance indicators, and implementing governance and standards. Discussion may also cover reliability and observability, security and compliance considerations, trade offs between short term stability and long term rearchitecture, prioritization to enable business outcomes, and communicating technical trade offs to both technical and non technical stakeholders.
Networking Fundamentals and Troubleshooting
Comprehensive coverage of core computer networking principles and the practical diagnostic and operational skills required to design, operate, and troubleshoot production systems. Fundamental concepts include the Open Systems Interconnection model layers, the Transmission Control Protocol and the Internet Protocol stack, the User Datagram Protocol, socket and port semantics, address notation and subnetting, Network Address Translation, Dynamic Host Configuration Protocol, and the Domain Name System resolution process. Infrastructure and architectural topics include switching and virtual local area networks, routing concepts and routing table behavior including Border Gateway Protocol basics, load balancing strategies and failure modes, firewall and access control, virtual private network technologies, and container and service network communication patterns. Diagnostic and tooling skills cover connectivity testing and path analysis, process and socket inspection, packet capture and analysis, and common command line tools and utilities used for network investigation. Performance and reliability topics include latency, bandwidth and throughput, packet loss, congestion and congestion control, connection pooling, timeout and retry strategies, and approaches to optimization. Observability, monitoring, and security practices include collecting and interpreting network metrics, logs, and traces, using packet capture tools for root cause analysis, and understanding how network issues surface in distributed applications. At senior levels expect discussion of network performance tuning, capacity planning, load balancer behavior at scale, and design decisions that affect system reliability and security.
Cost Optimization for Mobile Services
Strategies to reduce both operational and user facing costs while maintaining acceptable user experience. Topics include minimizing network payloads and request frequency, efficient caching and cache invalidation, content delivery network strategies, client side compression and bundling, trade offs between offline support and server calls, right sizing backend compute and storage, pricing and quota considerations, telemetry for cost monitoring, and approaches to detect and mitigate cost anomalies.
Infrastructure Implementation and Operations
Hands on design, deployment, and operational management of infrastructure components and services. This includes setting up and configuring load balancers, database replication and high availability, caching layers, networking and network security, service discovery and routing, container deployment and orchestration, monitoring and observability, logging and alerting, backup and disaster recovery strategies, and secrets management in runtime. Candidates should be able to walk through concrete implementations, explain trade offs, demonstrate troubleshooting and performance tuning, and show how infrastructure components integrate to meet availability, scalability, and security requirements.
Systems and Infrastructure Experience
Describe and analyze your hands on experience designing, operating, and maintaining infrastructure and systems. Candidates should be prepared with three to four concrete examples of systems or infrastructure projects they directly contributed to, including quantitative scale metrics such as user counts, requests per second, data volumes, throughput, and geographic distribution. Discuss architecture decisions and trade offs, component choices, platform boundaries, and how the design met requirements for scalability, reliability, performance, and security. Cover operational aspects such as deployments, configuration management, automation and infrastructure as code, monitoring and observability, incident response and remediation, capacity planning, and disaster recovery and business continuity. Include experience with large scale and multi region deployments, data center operations, networking at scale, and integration points. Also cover enterprise information technology topics where relevant, for example servers and endpoints, storage systems, networking hardware, identity and access infrastructure such as Active Directory, firewalls, routers and switches, and the differences and migration considerations between on premise and cloud infrastructure. Be ready to explain specific challenges faced, how issues were diagnosed and resolved, trade offs made, and the candidate's exact role and contributions.
Cloud Monitoring and Troubleshooting
Monitoring, logging, and troubleshooting in cloud environments. Covers cloud provider monitoring services and patterns such as CloudWatch, Azure Monitor, and Google Cloud Monitoring; setting up metrics and alarms; centralized logging and log analysis in cloud contexts; health checks and auto recovery; diagnosing common cloud issues like performance degradation, networking and permissions problems, and resource exhaustion; and best practices for instrumenting cloud native services.
Domain Name System Resolution and Troubleshooting
Deep understanding of the Domain Name System resolution process and the related operational concerns. Topics include the roles of recursive resolvers and authoritative name servers, zone delegation and glue records, common record types such as address records, canonical name records, mail exchange records, name server records, text records, and service records, and how time to live values affect caching and propagation. Candidates should be able to explain frequent failure modes such as misconfigured records, propagation delays, delegation mistakes, name server outages, and secure configuration problems, and demonstrate troubleshooting techniques using query tools and packet capture to trace queries and determine whether issues stem from authoritative sources, caches, transport, or configuration.
Routing Fundamentals and Diagnostics
Core routing concepts and practical diagnostics for both control plane and data plane issues. Coverage includes static versus dynamic routing, prefix notation and classless interdomain routing, routing tables, default routes, longest prefix selection, route summarization and redistribution, and policy based routing. Candidates should understand convergence and failover behavior and be familiar with routing protocols such as Border Gateway Protocol for interdomain routing and Open Shortest Path First for intradomain routing, including path selection attributes and techniques such as local preference, autonomous system path preference, multi exit discriminator, and equal cost multipath. Diagnostic topics include traceroute analysis, route advertisement inspection, route table validation, and troubleshooting common faults like route leaks, blackholes, incorrect next hops, and aggregation errors.
Cloud Platforms and Infrastructure
Comprehensive understanding of cloud computing platforms and core infrastructure concepts. Candidates should know service models including Infrastructure as a Service, Platform as a Service, and Software as a Service, and be familiar with major providers such as Amazon Web Services, Google Cloud Platform, and Microsoft Azure. Core technical knowledge includes compute models, storage systems, networking fundamentals such as domain name system and load balancing, virtual private networks and network segmentation, virtualization, containerization for example Docker, orchestration with Kubernetes, serverless architectures, and microservices. Candidates should be able to evaluate trade offs between managed services and self managed solutions with respect to cost, reliability, operational burden, scalability, performance, security, and vendor lock in, and reason about when to choose platform managed services versus building custom infrastructure. The topic also covers system design considerations for high availability and fault tolerance, capacity planning and autoscaling, monitoring and observability, deployment strategies, and operational practices such as infrastructure as code and continuous integration and continuous delivery. This knowledge is critical for backend engineers, site reliability engineers, and DevOps roles and is increasingly relevant across many engineering positions.
Cloud and Infrastructure Architecture
Design of cloud and infrastructure solutions from simple cloud applications to end to end cloud systems and large scale infrastructure. Topics include stateless versus stateful design, VPC and networking basics, security groups and firewalls, multi environment management, deployment topology, capacity planning, global distribution, cloud native services, infrastructure as code, and operational concerns for sustaining large scale cloud environments.
Vendor Selection and Technology Evaluation
Approach for evaluating vendors, tools, and technology options before committing to them. Topics include defining requirements and success criteria, creating structured evaluation and scoring criteria, running proof of concept or pilot exercises, benchmarking performance and scalability, assessing total cost of ownership and ongoing operational burden, reviewing service level agreements and support/contract terms, examining vendor roadmaps and interoperability with existing systems, and planning for migration paths and vendor lock in mitigation. Applies to any technology or service selection decision (infrastructure and network hardware, cloud platforms, data and software tooling, security products, SaaS vendors, and similar), not just one domain.
Cloud Migration and Modernization
Covers approaches and planning for moving workloads and data to the cloud and modernizing legacy systems. Candidates should be able to explain migration patterns such as lift and shift, replatforming, and refactoring; how to conduct discovery and assessment; strategies for database and data transfer including bulk migration and change data capture; application modernization options including containerization and managed platform services; cutover planning, rollback and validation techniques; tooling and automation to reduce risk; and how to evaluate cost, risk, governance, security, and return on investment for a phased modernization program.
Infrastructure Fundamentals
Foundational infrastructure and system components that underpin modern application architectures. Topics include relational and non relational database trade offs, application programming interfaces such as representational state transfer and remote procedure call frameworks, caching layers including Redis and Memcached, load balancers and their layer four and layer seven behaviors, message queues and asynchronous processing patterns, and containerization and orchestration technologies such as Docker and Kubernetes. Candidates should understand each component's purpose, how components interact in an end to end data flow, common failure modes and mitigation strategies, and operational concerns including deployment and rollback strategies, health checks, monitoring, logging, metrics and alerting. Important technical trade offs to reason about include latency and throughput implications, scalability patterns, consistency and durability properties, delivery semantics and idempotency, backpressure and retry strategies, dead letter queues, caching patterns and invalidation, and capacity planning and cost considerations. Interview questions typically probe component selection for given requirements, design choices to improve reliability and maintainability, and how these components fit together in real architectures.
Azure and Google Cloud Platforms
Knowledge of core cloud platform concepts and the managed services offered by Microsoft Azure and Google Cloud Platform. Candidates should understand compute options including virtual machines, managed container services, and serverless functions; platform as a service offerings; managed relational and non relational databases; object, block, and file storage; and messaging and eventing services. They should know networking fundamentals such as virtual private cloud or virtual networks, subnets, load balancing, peering, routing, and firewall rules, as well as identity and security topics including identity and access management, role based access control, key management, and encryption. Candidates must be able to map and compare common service equivalents across providers, for example Azure Virtual Machines to Google Compute Engine, Azure App Service to Google App Engine, Azure SQL to Cloud SQL, Azure Blob Storage to Cloud Storage, Azure Service Bus to Cloud Pub Sub, Azure Cosmos DB to Cloud Firestore or Bigtable, and Azure Kubernetes Service to Google Kubernetes Engine. The description also covers operational considerations such as region and zone architecture, high availability and fault tolerance, autoscaling, monitoring and logging, cost and billing differences, service limits and quotas, infrastructure as code and deployment tooling, and multi cloud trade offs including latency, data egress costs, compliance, and vendor lock in. Interview questions typically ask candidates to translate architectures and patterns between platforms, justify service choices, and explain migration or interoperability strategies.
Software Defined Networking Concepts
Explain the principles of software defined networking and the operational and architectural implications of separating control functions from forwarding functions. Topics include centralized and distributed controller models, network virtualization and overlay networks such as virtual extensible local area network, programmability and northbound and southbound interfaces, network function virtualization, orchestration and automation, and the security and reliability trade offs introduced by moving intelligence into software layers. Interviewers assess when software defined networking improves agility and scale and where traditional hardware approaches are preferable.
Kubernetes Architecture and Core Components
Fundamental architecture of Kubernetes and its core components: control plane design including API server, etcd distributed state store, scheduler, controller manager, and cloud controller manager; worker node components including kubelet, kube proxy, and the container runtime; core objects and abstractions such as pods, services, deployments, stateful sets, daemon sets, jobs, config maps, and secrets; cluster state management, service discovery, health checks, and self healing. Candidates should understand how components interact, data flow, failure modes, and how to design for availability and scalability at the component level.
Cloud Architecture and Design Patterns
Designing and evaluating cloud native architectures and common architecture patterns, with attention to service capabilities, limits, and operational and security implications. Topics include compute scaling models for virtual instances, managed compute, serverless functions and container orchestration; storage choice, object storage classes, lifecycle policies and caching strategies; managed relational database architectures with high availability patterns such as multiple availability zone deployments and read replicas; trade offs of serverless approaches including cold start and invocation limits; different load balancing approaches for application level and network level traffic; networking and identity boundary design including virtual networks, subnetting, routing, security groups and access control patterns; backup, recovery and disaster recovery planning; deployment patterns such as blue green and canary releases; scalability strategies, performance and latency considerations; vendor lock in, portability and total cost of ownership trade offs; and operational practices for monitoring, limits management and incident response. Candidates should be able to translate requirements into architecture decisions, justify trade offs, and design for resilience, scalability, performance, security and cost.
Network Engineer Role Responsibilities
Explain the typical scope and responsibilities of a network engineer role including infrastructure design and deployment, equipment and configuration management, daily operations and monitoring, incident response and post incident learning, security and access control enforcement, and capacity planning. Candidates should also discuss collaboration with other engineering and product teams, documentation and standards, and where automation and tooling fit into the role. This topic evaluates whether the candidate understands role expectations and can align their experience to the position.
Network Architecture and Design
Comprehensive principles and practical patterns for designing reliable, scalable, and secure networks across enterprise, data center, and wide area environments. Covers topology choices such as spine and leaf, hub and spoke, star, mesh, ring, and hybrid topologies, and how those choices affect resilience, latency, and scalability. Includes hierarchical design patterns for access distribution and core layers, device roles such as switches, routers, and load balancers, and cloud and data center specific patterns. Details redundancy and high availability strategies including active active and active passive failover, redundancy sizing such as N plus one, failure modes, convergence behavior, and operational implications for service level agreements. Addresses capacity planning, performance trade offs, quality of service and traffic engineering, routing and switching fundamentals and routing protocol behavior, segmentation for performance and security including virtual local area networks and subnets, and placement of security controls. Emphasizes trade offs between bandwidth, latency, cost, complexity, manageability, and operational burden, and how to select topology and design patterns for different application, performance, and operational requirements.
IP Addressing and Subnetting
Covers designing and calculating Internet Protocol addressing for networks, including both strategic planning and low level subnetting math. Candidates should be able to design addressing schemes that account for number of hosts, growth, scalability, and segmentation such as virtual local area network addressing, reserve addresses for gateways and infrastructure, and document address plans. Must understand Internet Protocol version 4 and Internet Protocol version 6 addressing models, classful versus classless allocation, subnet masks, classless inter domain routing notation, and how to compute network addresses, broadcast addresses, and usable host ranges. Includes public versus private addressing, address conservation techniques, address aggregation and summarization, considerations for routing and summarization, and operational topics such as static versus dynamic assignment and how addressing choices interact with network services and translation mechanisms.
Cloud Service and Deployment Models
Comprehensive coverage of the primary cloud service and deployment choices and the decision criteria behind them. Explain Infrastructure as a Service, Platform as a Service, and Software as a Service, including responsibility boundaries, operational implications for security, patching, and management. Explain public cloud, private cloud, and hybrid cloud deployment types and the trade offs in control, isolation, scalability, cost, and compliance. Describe decision factors and example scenarios for selecting a service model or deployment type based on application characteristics such as multi tenancy, latency requirements, data sensitivity, regulatory constraints, integration with on premise systems, and team skills. Discuss vendor lock in, portability and migration implications, and how these choices affect cost, operational burden, resilience, and monitoring.
Network Troubleshooting and Diagnostics
Assess the candidate s ability to diagnose and resolve network problems with a systematic, layer by layer approach. Expect demonstration of methods for isolating faults at the physical layer, the data link layer, the network layer, the transport layer, and the application layer. Core skills include verifying physical connectivity and interface status and counters, examining media access control tables and address resolution protocol entries, checking routing tables and next hop reachability, validating access control lists and firewall behavior, inspecting service binding and listening ports, and analyzing packet captures. Candidates should be familiar with tools and techniques such as ping and traceroute, packet capture with Wireshark and tcpdump, socket inspection with ss and netstat, interface diagnostics with ethtool and ip link, and telemetry such as NetFlow and sFlow. Common scenarios to practice include a host that can reach external Internet Protocol addresses but not a particular subnet, domain name resolution that succeeds while an application fails to connect, application services reachable internally but not from outside, maximum transmission unit mismatch on tunnels and virtual private network links, duplicate address or address resolution protocol conflicts, virtual local area network misconfiguration and inter virtual local area network routing issues. Interviewers will look for clear stepwise narrowing of scope, reproducible tests and evidence collection, and reasonable mitigations or next steps.
Network Monitoring and Performance
What to monitor in production networks, how to collect telemetry, and how to interpret performance signals to detect and resolve problems. Topics include key metrics such as bandwidth utilization, interface saturation, latency, jitter, packet loss, packet discard and error counters, device resource utilization, and application layer performance indicators. It covers telemetry collection mechanisms such as the Simple Network Management Protocol, flow telemetry such as NetFlow and sFlow, packet capture pipelines, and how to integrate logs and tracing with metric streams. The topic also includes tooling for monitoring and analysis, dashboard and alert design, baseline and anomaly detection strategies, how to correlate monitoring signals with incidents, and how monitoring data feeds capacity planning and performance tuning decisions.
Observability and Monitoring Architecture
Designing and architecting end to end observability and monitoring systems that scale, remain reliable under load, and do not become single points of failure. Topics include deciding which telemetry to collect and why including metrics logs traces and events, instrumentation strategies, collection models such as push versus pull, high throughput telemetry ingestion and pipeline design, time series storage and compression, aggregation and partitioning strategies, metric cardinality and retention tradeoffs, distributed tracing propagation and sampling strategies, log aggregation and secure storage, selection of storage backends and time series databases, storage tiering and cost optimization, query and dashboard performance considerations, access control and multi tenancy, integration with deployment pipelines and tooling, and design patterns for self healing telemetry pipelines. Senior level assessments include designing scalable ingestion and aggregation architectures, storage tiering and query performance optimization, cost and operational tradeoffs, and organizational impacts of observability data.