ICMP stands for internet control message protocol.

It is used to send messages

between devices to indicate the availability or error conditions. These packets are used
in a variety of network diagnostic tools, such as ping and traceroute.

SSH
SSH stands for secure shell. It is an encrypted protocol implemented in the application
layer that can be used to communicate with a remote server in a secure way. Many
additional technologies are built around this protocol because of its end-to-end
encryption and ubiquity.

There are many other protocols that we haven’t covered that are equally important.
However, this should give you a good overview of some of the fundamental
technologies that make the internet and networking possible.

Question 1. What Is An Aws Availability Zone?

Answer :
Availability zones (within a region) work together to make up a collection of your AWS
resources. Properly designed applications will utilize multiple availability zones for high
availability and fault tolerance. AZ’s have direct low latency connections between each
other, and each AZ is isolated from the others to ensure fault tolerance.

What Is The (generic) Definition Of Scalable?

The ability to easily grow in size, capacity, and/or scope when required (usually based
on demand).

How Does The Concept Of Elasticity Apply To Consumers/enterprise Users Of

Aws?
As demand (user base) on a web application increases and decreases – Elastic
systems allow for the quick addition and subtraction of servers. The removal of unused
servers can drastically reduce cost.

Containers are a form of operating system virtualization.

Email TO EMAIL COMMUNCIATION
First the sender needs to enter the email address of the recipient along with the
message using an email application. This should be done at the local computers. Once
it is finished and the “Send” button is clicked, the email will be going to the MTA (The
Mail Transfer Agent). This communication is done via the SMTP protocol.

The next step is DNS lookup. The system sends a request to find out the corresponding
MTA of the recipient. This will be done with the help of the MX record. In the DNS zone,
for the receiver address’ domain, there will be an MX record (stands for Mail Exchanger
record). This is a DNS resource record which specifies the mail server of a domain. So,
after the DNS lookup, a response is given to the requested mail server with the IP
address of the recipient’s mail server. This way the ‘to’ mail server is identified.

The next step is transferring the message between the mail servers. The SMTP protocol
is used for this communication. Now our message is with the recipient mail server
(MTA).

Now, this message is transferred to the Mail Delivery Agent and then it is transferred to
the recipient’s local computer. As we have seen earlier, two protocols can be used here.
If we use POP3, then the whole email will be downloaded to the local computer and the
copy at the server gets deleted. If the protocol used is IMAP, then the email message is
stored in the mail server itself, but the user can easily manipulate the emails on the mail
server as in the local computer. This is the difference when using both the protocols and
this is how your email gets delivered. If some error occurred to send the email, the
emails will be delayed. There is a mail queue in every mail server. These mails will be
pending in the mail queue. The mail server will keep trying to resend the email. Once
the email sending fails permanently, the mail server may send a bounce back email
message to the sender’s email address.

This explains why you maybe getting bounce back emails sometimes. The reason for
bouncing back will be explained in the message. There are many reasons for getting an
email to bounce back such as as incorrect email address in the ‘to’ field.

cloud computing means storing and accessing data and programs over the internet
instead of your computer's hard drive.

Both OSPF (Open Shortest Path First) and BGP (Border Gateway Protocol) are routing

protocols that make routing decisions across the Internet. They represent a set of rules
or algorithms that instruct network routers on how to communicate with each other, so
they can redirect traffic to the best path.
 WEB SERVER DOWN, TROUBLESHOOT
identify the Cause
The first step is to see if you can discover what happened. The most common cause of
a server failure is a power failure. Storms, natural disasters, and citywide power outages
can shut your server off if you don’t have a backup generator.
Server overload can cause sporadic or system-wide crashes. That’s basically when too
many users are accessing your server all at once. If this is a frequent occurrence you
may need to upgrade your server or consider external hosting in the cloud.
If the power is on but your server is down, determine whether access to the web server
is completely down or only affecting some IP addresses. You can usually tap your
network administrator to figure out who does and doesn’t have access.
Now, check the log. Are there any unusual entries? If there are, you and your server
may be the victims of cyberattack. Even if your server is already up and running again,
you’ll want to alert your systems administrator that something could be seriously wrong.

Fix the Problem

If you can determine the cause of the power outage, once you’re up and running, your
server will be too. If your issues only affect certain users, your administrator should be
able to troubleshoot the problem. But if you are under cyberattack, you’ll need to look
into exactly what might have happened at a high level and immediately set safety
measures in place. You’ll want to secure all data before you reboot the server or the
system.

Be Preventative
Many server crashes can be prevented if you follow some key safety guidelines. Make
sure that the server room is clean and temperature-controlled. Keep the doors to the
server room closed to keep out dust, that might cause overheating. Keep it locked to
keep out unauthorized people.
Use firewalls and cryptographic keys to authenticate users. Conduct regular audits so
you catch problems as soon as possible. And make sure to conduct routine backups.
The best way to do this is to have your server set up to back itself up automatically.

Remote Desktop Protocol: TCP/UDP port 3389

Active Directory, introduced with Windows Server 2000, is included with most versions
of Windows Server, but is also available as a service 1. Its primary function is to facilitate
authentication and authorization of users (members) and resources within an AD
domain.
HTTP Request Responses
 400 Bad Request. ...
 401 Unauthorized. ...
 403 Forbidden. ...
 404 Not Found. ...
 500 Internal Server Error. ...
 502 Bad Gateway. ...
 503 Service Unavailable. ...
 504 Gateway Timeout.

IPSec is an Internet Engineering Task Force (IETF) standard suite of protocols between
2 communication points across the IP network that provide data authentication, integrity,
and confidentiality. It also defines the encrypted, decrypted and authenticated packets.

MTU: Stands for "Maximum Transmission Unit." MTU is a networking term that defines
the largest packet size that can be sent over a network connection.
WHAT HAPPENS WHEN URL IS TYPED
This is how I would explain it:
1. You enter a URL into a web browser
2. The browser looks up the IP address for the domain name via DNS
3. The browser sends a HTTP request to the server
4. The server sends back a HTTP response
5. The browser begins rendering the HTML
6. The browser sends requests for additional objects embedded in HTML (images,
css, JavaScript) and repeats steps 3-5.
7. Once the page is loaded, the browser sends further async requests as needed.

The difference between hard links and soft (or symbolic) links comes down to what they
reference. Hard links point, or reference, to a specific space on the hard drive. You can
have multiple files hard linked to the same place in the hard drive, but if you change the
data on one of those files, the other files will also reflect that change.

Symbolic links work a bit differently. A symbolic link still points to a specific point on the
hard drive, but if you create a second file, this second file does not point to the harddrive,
but instead, to the first file.
Routing protocols, according to the OSI routing framework, are layer management
protocols for the network layer, regardless of their transport mechanism:

 IS-IS runs on the data link layer (Layer 2)

 Open Shortest Path First (OSPF) is encapsulated in IP, but runs only on
the IPv4 subnet, while the IPv6 version runs on the link using only link-local
addressing.
 IGRP, and EIGRP are directly encapsulated in IP. EIGRP uses its own reliable
transmission mechanism, while IGRP assumed an unreliable transport.
 Routing Information Protocol (RIP) runs over the User Datagram Protocol (UDP).
Version 1 operates in broadcast mode, while version 2 uses multicast addressing.
 BGP runs over the Transmission Control Protocol (TCP).
Network address translation (NAT) is a method of remapping an IP address space into another by
modifying network address information in the IP header of packets while they are in transit across a
traffic routing device

NsLookup queries the specified DNS server and retrieves the requested records that are
associated with the domain name you provided. These records contain information like the
domain name’s IP addresses.

The following types of DNS records are especially useful:

 A: the IPv4 address of the domain.

 AAAA: the domain’s IPv6 address.
  CNAME: the canonical name — allowing one domain name to map on to another. This
allows more than one website to refer to a single web server.
 MX: the server that handles email for the domain.
 NS: one or more authoritative name server records for the domain.
 TXT: a record containing information for use outside the DNS server. The content takes
the form name=value. This information is used for many
things including authentication schemes such as SPF and DKIM.

IP Address - a unique string of characters that identifies each computer using the Internet Protocol to
communicate over a network.

TCP/IP Model
The TCP/IP model, more commonly known as the Internet protocol suite, is another layering
model that is simpler and has been widely adopted. It defines the four separate layers, some
of which overlap with the OSI model:
Application: In this model, the application layer is responsible for creating and transmitting
user data between applications. The applications can be on remote systems, and should
appear to operate as if locally to the end user.

The communication is said to take place between peers.

 Transport: The transport layer is responsible for communication between processes.

This level of networking utilizes ports to address different services. It can build up
unreliable or reliable connections depending on the type of protocol used.
 Internet: The internet layer is used to transport data from node to node in a network.
This layer is aware of the endpoints of the connections, but does not worry about the
actual connection needed to get from one place to another. IP addresses are defined in
this layer as a way of reaching remote systems in an addressable manner.
 Link: The link layer implements the actual topology of the local network that allows the
internet layer to present an addressable interface. It establishes connections between
neighboring nodes to send data.

dive deep -Leaders operate at all levels, stay connected to the details, audit frequently, and are skeptical
when metrics and anecdote differ. No task is beneath them.

customer obsession - Leaders start with the customer and work backwards. They work vigorously to
earn and keep customer trust. Although leaders pay attention to competitors, they obsess over customers.

be curious -Leaders are never done learning and always seek to improve themselves. They are curious
about new possibilities and act to explore them.

Why do you want to work for amazon?

I want to work at Amazon because I admire how customer-obsessed Amazon is. This is
something I've experienced first-hand when dealing with the clients as a consultant. And it's also
a principle I've been pushing throughout my entire professional career.

Amazon Web Services (AWS) is a secure cloud services platform, offering compute power, database
storage, content delivery and other functionality to help businesses scale and grow. Running web and
application servers in the cloud to host dynamic websites.

1. Do you know our CEO? How do you pronounce his name? Jeff Bezos
2. How would you solve problems if you were from Mars?
3. Tell the story of the last time you had to apologize to someone.
4. What is the most difficult situation you have ever faced in your life? How did you handle
it?
5. Walk me through how Amazon Kindle books would be priced.
6. Who was your most difficult customer?
7. What would you do if you found out that your closest friend at work was stealing?
8. If your direct manager was instructing you to do something you disagreed with, how
would you handle it?
9. What would you do if you saw someone being unsafe at work?
10. Do you think you'll reach a point where you storm off the floor and never return?

1. Can you describe your most difficult customer and how you were able to handle
their needs?

“In my previous role as a consultant, a customer was upset that a product they ordered was put
on backorder unexpectedly after they made their purchase. They needed a functional version of
the item as quickly as possible, and the possibility that that wouldn’t happen increased their
stress levels, leaving them somewhat hostile. To resolve their issue, I began by listening to their
concern, rephrasing what was being shared, and asking clarifying questions to ensure my full
understanding. I then reassured them that I’d work with them to find a solution. I discussed
alternative products that were in stock that could meet their needs. As soon as a substitute was
identified, we canceled the old order and initiated the new one. I applied a free shipping upgrade
to expedite delivery, ensuring it would arrive before the customer’s deadline. In the end, they
were fully satisfied with the solution.”

2. Can you tell me about a time when you were more than halfway through a project
and had to pivot quickly due to an unexpected change? How did you handle it?

“While setting up a network for a client, a requirement came in late. Since the project was
rapidly nearing completion, integrating the feature became a challenge. The point in
development where it would have been addressed typically had already passed. To address the
new requirement, I first took a step back and reexamined all the existing work. The goal was to
minimize disruption to segments that were complete, and a bit of planning ensured I didn’t use a
less-than-ideal approach simply because I was under pressure. After identifying a course of
action, I implemented the changes methodically. I relied heavily on testing to ensure there were
no unexpected ramifications or that issues could be addressed quickly. By using a strategic
approach, I was able to minimize the negative implications of a last-minute change, expediting
the remainder of the process while ensuring the result met every need.”
3. If one of your close work colleagues stole a $1 item, what would you do?

“Theft, in any amount, is against policy and is illegal, so it needs to be addressed. If I witnessed a
colleague stealing, I would report the activity per Amazon corporate procedures.”

ENCODING VS ENCRYPTION VS HASHING VS OBFUSCATION

 Encoding is for maintaining data usability and can be reversed by employing the same

algorithm that encoded the content, i.e. no key is used.
 Encryption is for maintaining data confidentiality and requires the use of a key (kept
secret) in order to return to plaintext.
 Hashing is for validating the integrity of content by detecting all modification thereof via
obvious changes to the hash output.
 Obfuscation is used to prevent people from understanding the meaning of something,
and is often used with computer code to help prevent successful reverse engineering and/or
theft of a product’s functionality.
 Domain Name System (DNS) is the phonebook of the Internet. Humans access
information online through domain names, like nytimes.com or espn.com. Web browsers
interact through Internet Protocol (IP) addresses. DNS translates domain names to IP
addresses so browsers can load Internet resources.

o A recursive DNS server is a domain name system server that takes website name
or URL (uniform resource locator) requests from users and checks the records
attained from authoritative DNS servers for the associated IP address.
o Authoritative DNS has the final authority over a domain and is responsible for
providing answers to recursive DNS servers with the IP address information
Dynamic Host Configuration Protocol (DHCP) is a network management protocol used
to automate the process of configuring devices on IP networks, thus allowing them
to use network services such as DNS, NTP, and any communication protocol based on UDP or
TCP.
User Datagram Protocol (UDP) – a communications protocol that facilitates the exchange of
messages between computing devices in a network. It's an alternative to the transmission
control protocol (TCP).
TCP (Transmission Control Protocol) is a standard that defines how to establish and
maintain a network conversation through which application programs can exchange data.
 TCP/IP is the underlying communication language of the Internet. In base terms, TCP/IP allows
one computer to talk to another computer via the Internet through compiling packets of data and
sending them to right location

DDOS - the intentional paralyzing of a computer network by flooding it with data sent
simultaneously from many individual computers.
 The key difference between DoS and DDoS attacks is that the DDoS uses multiple
internet connections to put the victim’s computer network offline whereas the former
uses a single connection. 
tcpdump is a data-network packet analyzer computer program that runs under a command line
interface.
SSL secure sockets layer. Protocol for web browsers and servers that allows for the
authentication, encryption and decryption of data sent over the Internet.
Load balancing is defined as the methodical and efficient distribution of network or application
traffic across multiple servers in a server farm. 
IDS/IPS
 Intrusion Detection Systems (IDS): analyze and monitor network traffic for signs that
indicate attackers are using a known cyberthreat to infiltrate or steal data from your
network. IDS systems compare the current network activity to a known threat database to
detect several kinds of behaviors like security policy violations, malware, and port
scanners.
 Intrusion Prevention Systems (IPS): live in the same area of the network as a firewall,
between the outside world and the internal network. IPS proactively deny network traffic
based on a security profile if that packet represents a known security threat.

Packet-Filtering Firewalls - When it comes to types of firewalls based on their method of

operation, the most basic type is the packet-filtering firewall. It serves as an inline security
checkpoint attached to a router or switch. As the name suggests, it monitors network traffic by
filtering incoming packets according to the information they carry.

Stateful inspection firewall keeps track of the state of a connection by monitoring the TCP 3-
way handshake. This allows it to keep track of the entire connection – from start to end –
permitting only expected return traffic inbound.
Proxy firewall serves as an intermediate device between internal and external systems
communicating over the Internet. It protects a network by forwarding requests from the original
client and masking it as its own. Proxy means to serve as a substitute and, accordingly, that is the
role it plays. It substitutes for the client that is sending the request.
Proxy is the intermediary that the client puts forward between itself and any server. The reverse
proxy is at the other end – something the server puts forward between itself and any client. In
short, a reverse proxy is an intermediary on the side of the server you are connecting to.

#3) Layer 3 – Network Layer

The network layer is the third layer from the bottom. This layer has the accountability to accomplish
the routing of data packets from the source to destination host between the inter and intra networks
operating on the same or different protocols.

 It performs the above task by using a logical network addressing and subnetting designs of
the network. Irrespective of the two different networks working on the same or different
protocol or different topologies the function of this layer is to route the packets from the
source to destination by using the logical IP addressing and routers for communication.

#4) Layer 4 – Transport Layer

(i) This layer guarantees an end to end error-free connection between the two different hosts or
devices of networks. This is the first one which takes the data from the upper layer i.e. the application
layer, and then splits it into smaller packets called the segments and dispenses it to the network layer
for further delivery to the destination host.
It ensures that the data received at host end will be in the same order in which it was transmitted. It
provides an end to end supply of the data segments of both inter and intra sub-networks. For an end
to end communication over the networks, all devices are equipped with a Transport service access
point (TSAP) and are also branded as port numbers. A host will recognize its peer host at the remote
network by its port number.

(ii) The two transport layer protocols include:

 Transmission control protocol (TCP)
 User Datagram Protocol (UDP)

#5) Layer 5 – Session Layer

This layer permits the users of different platforms to set up an active communication session between
themselves.

The main function of this layer is to provide sync in the dialogue between the two distinctive
applications. The synchronization is necessary for efficient delivery of data without any loss at the
receiver end.

#6) Layer 6 – Presentation Layer

As suggested by the name itself, the presentation layer will present the data to its end users in the
form in which it can easily be understood. Hence, this layer takes care of the syntax, as the mode of
communication used by the sender and receiver may be different.

It plays the role of a translator so that the two systems come on the same platform for communication
and will easily understand each other.

The data which is in the form of characters and numbers are split into bits before transmission by the
layer. It translates the data for networks in the form in which they require it and for devices like
phones, PC, etc in the format they require it.

The layer also performs data encryption at the sender’s end and data decryption at the receiver’s end.

It also performs data compression for multimedia data before transmitting, as the length of
multimedia data is very big and much bandwidth will be required to transmit it over media, this data
is compressed into small packets and at the receiver’s end, it will be decompressed to get the original
length of data in its own format.

#7) Top Layer – Application Layer

This is the topmost and seventh layer of the OSI reference model. This layer will communicate with
the end users & user applications.

This layer grants a direct interface and access to the users with the network. The users can directly
access the network at this layer. Few Examples of services provided by this layer include e-mail,
sharing data files, FTP GUI based software like Netnumen, Filezilla (used for file sharing), telnet
network devices etc.

There is vagueness in this layer as is not all user-based information and the software can be planted
into this layer.

How to help prevent DoS attacks

If you rely on a website to do business, you probably want to know about DoS attack prevention.
A general rule: The earlier you can identify an attack-in-progress, the quicker you can contain
the damage. Here are some things you can do.
Method 1: Get help recognizing attacks
Companies often use technology or anti-DDoS services to help defend themselves. These can
help you recognize between legitimate spikes in network traffic and a DDoS attack.
Method 2: Contact your Internet Service provider
If you find your company is under attack, you should notify your Internet Service Provider as
soon as possible to determine if your traffic can be rerouted. Having a backup ISP is a good idea,
too. Also, consider services that can disperse the massive DDoS traffic among a network of
servers. That can help render an attack ineffective.
Method 3: Investigate black hole routing
Internet service providers can use “black hole routing.” It directs excessive traffic into a null
route, sometimes referred to as a black hole. This can help prevent the targeted website or
network from crashing. The drawback is that both legitimate and illegitimate traffic is rerouted in
the same way.
Method 4: Configure firewalls and routers
Firewalls and routers should be configured to reject bogus traffic. Remember to keep your
routers and firewalls updated with the latest security patches.
Method 5: Consider front-end hardware
Application front-end hardware that’s integrated into the network before traffic reaches a server
can help analyze and screen data packets. The hardware classifies the data as priority, regular, or
dangerous as they enter a system. It can also help block threatening data.

FIPS (Federal Information Processing Standards) are a set of standards that describe document
processing, encryption algorithms and other information technology standards for use within non-military
government agencies and by government contractors and vendors who work with the agencies.
Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID and password to
any of several related, yet independent, software systems.

Security Assertion Markup Language (SAML) is an open standard that allows identity providers (IdP)
to pass authorization credentials to service providers (SP). What that jargon means is that you can use one
set of credentials to log into many different websites
A federated identity in information technology is the means of linking a person's electronic identity and
attributes, stored across multiple distinct identity management systems.
If You Suffer A Ransomware Attack
Realizing your business is a victim to a ransomware attack is stressful. Nevertheless, the first
thing to do is try to react calmly. These additional strategies can help you prevent a wider
infection and regain access to computers and files.
Disconnect. This is a little like amputating a limb to avoid the spread of the infection to the rest
of the body. Disconnecting the infected device from the Internet and any other devices is
necessary to the safety of the larger network.
Determine what you’re dealing with. Use the information in the ransom note to help you
research the situation. Enter the email address, the name of the ransomware, or even the text of
the note into a search engine to learn more. You may find the cybercriminal is bluffing, or you
might be able to access an available decryptor.
Remove the ransomware. Simple ransomware viruses can be cleaned up with malware removal
in a system safe mode. However, aggressive ransomware disables system restore options and you
may need to run a virus scanner from a bootable disc or USB drive.
Report the crime. Contact law enforcement, typically the closest FBI office, to report that you
have been the victim of a ransomware attack. This can feel frustrating, as they may not be able to
help much, yet making them aware might help others avoid a similar fate.
Revert to backups. Seriously, did we mention yet how smart it is to backup often? By
reinstalling the operating system and restoration of files from your backups, you’ll be back in
business with your most important files at the ready once again.

Questions to ask at the end

1. Can you walk me through a typical day here at as cloud support engineer?
2. How will I be trained, one on one, in a virtual classroom setting?
3. Where do you see the company in 5 years? 10?
4. Can you tell me what the career paths are for this department and what
sort of advancements I could work towards?
5. Can you tell me what you love the most about working here?
6. How would you describe the working environment here? Is work done in a
collaborative style or are employees more independent?