Some Basic Interview Advice

Notes from a recent training session (rather a basic one – but fundamentals are easily forgotten in stressful situations) :

Advance Preparation

  • Keep a copy of the job advert and specification.
  • Keep a copy of your application form / CV
  • Research the department / organisation + make notes
    • Understand where the organisation is going
  • Prepare questions to ask the interviewers

On-the-Day Preparation

  • Re-read your key documents – your application form / CV etc.

General Tips

Be:

  • Punctual
  • Smart
  • Polite
  • Natural but not casual

During the Interview

  • Take your time
  • Ask for repetition / clarification of questions – either because you need them or to give you time to answer
  • Give brief answers – ask if more detail is required.
  • Answer questions

IT Security: Some Notes

A few notes on the basics of IT Security:

Introduction to Security

Security is concerned with preserving the value of resources.

Valuing Data

The value of data is determined by its contribution to the goals of the one who owns that data. This is the same as the costs to the enterprise of loosing that data
The cost of security must be weighed risk of that data being compromised.

risk = (likelihood of data loss) x (cost of loss of data)

Security and Value

Security consists of:

  1. Identifying a resource that has value.
  2. Maintaining that resource.
  3. Preventing misuse of that resource.

The identification of value is a business decision.

Maintaining Resources

Integrity of Data

Maintaining data integrity is the process of ensuring that data is in a state which is consistent with expectations, the domain modelled by the system (accuracy), other data and itself. Data integrity is primarily concerned with software measures and procedural measures.
Examples of measures:

  1. Data validation.
  2. Making sure that users know if changes to the data are permanent or temporary.
  3. Protecting data from concurrency issues.
  4. Atomic transactions.

Safety of Data

The main method for keeping data safe is reliable storage of that data. Reliability is enhanced by redundancy. A backup is a relatively cheap, easy way to ensure that data can be recovered to a specified state following loss or corruption of that data.
Backups can be full or incremental.
The rules of a worthwhile backup:

  1. Have a backup
  2. Be able to identify the backup
  3. Be able to restore the backup
  4. Keep the backup secure

Of course, a backup will not be used if users are unaware of data corruption or loss.

Safety of Systems

Disaster recovery is the restoration of a system (rather than just the data) following the system’s failure.
Requirements:

  1. A backup of data
  2. Duplicate hardware / software environment
  3. Defined and tested procedures for recreating the lost environment

Preventing Misuse of Data

Authentication

Actions on data are initiated by an agent. Validity of an action is often determined by the identity of an agent. The identification of an agent is often termed authentication.
In order to verify the identity of the agent, the system can request that the information provide information about:

  • Something the agent knows: e.g. a password.
  • Something the agent has: e.g. an identity card.
  • Something the agent is: biometrics.

Authorisation

Authorisation is the process of allowing / disallowing an authenticated agent (often a user) to perform a certain action.
The action may be as simple as allowing the agent to read the data:

  • Privacy: ensuring that only authorised agents can read the data.
  • Access: ensuring that all authorised  agents can read the data.

Enforcing Complicity

An often overlooked mechanism that could be used to ensure only appropriate actions are taken on data is to enforce rules that require two or more trusted individuals to authorise action on a resource.
For example, a safe that can only be opened if both key-holders are present.
One possibility rarely implemented is to have an operator initiate a request for change that must be approved by a business manager who has has no ability to initiate the request herself.

SQL: Top (Latest) Item Per Group

I spent far too long this morning on trying to find a solution to this SQL problem.
Consider the PERSON table:

Location Name Age
London Fred 45
London Mark 35
London Mike 25
Cardiff Jim 56
Cardiff Julia 46
Cardiff Murray 36
Edinburgh Sheila 61
Edinburgh Launa 51
Edinburgh Lin 41

Suppose you want the name of the oldest person at each location. How do you achieve this in SQL?

Like this:

The result should be:

Location Name Age
London Fred 45
Cardiff Jim 56
Edinburgh Sheila 61

Thanks to Findy Services and B. Jacobs for this solution.

Hello World

Remember how it all began?


Hello World
Hello World
Hello World
Hello World
Hello World
...

And the world’s reply?

...
...
...

Nothing. Null. Nada. Tumble-weed.

But I’m not worried. That’s how greatness starts!

  • Number 1 on Einstein‘s list of achievements was learning to count.
  • Once upon a time even Tolkien had to learn his ABCs.
  • The first step to success for Roger Bannister was learning to walk.

We all have to start somewhere.

As the wise have said:

  • Despise not the day of small beginnings
  • Every journey begins with a single step
  • Rome wasn’t built in a day

There are, then, just two things that make up greatness:

  • The courage to get started
  • The tenacity to keep getting better

So, here I go:

  • I’ll do something worthwhile today
  • I’ll aim to do it better than I did it yesterday
  • And in so doing I’ll learn something for tomorrow

In the mean time, I raise a glass to you, “Hello world”.

It may seem childish now, but it will grow up soon enough.