I help maintain some 'bits and bobs'.

Joomla is horrible, but tends to be the staple school CMS. Have a look through the existing site and see if it has a decent theme or is it tired-looking. DO the colours reflect the school badge/uniform? Are there sufficient sections included such as a calendar, recent letters, e-safety and all that stuff. Does it have a hero gallery (rotating images with news stories)? How about 'awards' sections?, school records for sports events, etc etc. Department Pages?

Moodle, I would say is essential - especially if the school is already using it. Will they ask you to maintain that? Again Moodle is pretty horrible and poorly designed.

You may be asked to link network accounts with Moodle e.g. LDAP.

How about school e-mail?

Google Educational Account? Share documents - good for group work, etc.

Do you think they might ask me about active directory and exhange server?

You might be asked about IIS, but I strongly doubt that a webmaster would be expected to maintain the local network if it's not explicitly stated that you're interviewing for a dual webmaster/sysadmin position.

Joomla: have a look at a few themes. Grab the school badge and teak the colour scheme accordingly. You could even get a mockup done - although, school interviews (from my experience) aren't all that hot on portfolios. But, it could show initiative. RocketThemes has some nice ones - but may cost £50.

Supporting the staff payment scale makes no sense to me whatsoever.

If the role is more sysadmin that webdev/design - you'll be introduced to a number of different systems. In the UK, one of the main players is 'Capita' who produce 'SIMS'. This 'system' can deal with many aspects, often relying on modules: registration, personal data on staff and pupils, examination results, assessments, timetabling (e.g. NOVA-T module), setting up options for GCSE, A-level, maintaining class members. Ordering systems are also employed in addition to funding programs, often particular a local authority.

Unfortunately, a single school may have many disparate systems, many of which do not talk to each other, leading to duplication of data stores.

In addition, the school may rely additional bespoke or in-house solutions, e.g. I produced a staff portal for booking the school minibus and computer suites and for booking science equipment for lessons. This system also allowed staff to log work to be completed by the site manager/caretakers and the IT technician. We also use a bespoke solution for collating assessment results and for writing school reports.

It may sound daunting, but bespoke solutions are usually supported by that company if there is an on-going subscription.

As opposed to asking which questions may be asked, perhaps it would be better to ask for greater clarification of the job description and foreseeable duties that fall under the jurisdiction of said job.

Unfortunately, many Senior Leadership Teams (guys at the top, in other words) tend to be extremly computer illiterate - so it's feasible that they don't have much of an idea themselves, just that they need an 'IT guy' to 'make the website work' and to 'ensure that the network doesn't keep on going down'. :(

Is this a permanent post? If so, I can't imagine that any school would be looking to employ a web dev/designer full-time - must be more to it.

so if I land the job I'm pretty much going to be left to my own devices.

You think? If you land the job, insist on a job description which outlines your duites in full, and if possible where your duties end. Ideally, you will not be at the beck and call of every Tom, Dick and Harry that hasn't worked out how to turn his PC on, which will definitely stop you from completing the work for which you're being paid. Have a few questions of your own for the interview - it never hurts to know what you're letting yourself in for! Who knows, depending on the answers you get, it may be you that turns down the position.

Hope that helps.

I think it's reasonable to assume that you should be able to write HTML and CSS from memory, however remembering the older doctypes isn't easy, nor reasonable IMO.

You could have always used the HTML5 doctype: <!DOCTYPE html>. That's easy to remember. However, in that situation, if they wanted specifically XHTML, I would have simply added a HTML comment saying: <!-- doctype required --> and said that you couldn't recall it off hand. At least then they know that you know you need one.

Is salting passwords even necessary?

I consider it necessary and would question anyone who doesn't, given how easy it is to add a salt and the security boost of doing so.

Or am I just clutching at straws? Haha

You make valid points, but those points are akin to saying that it's simple enough to kick a door in so you may as well leave it unlocked. The harder you make it to break the system, the less inclined attackers will be to attempt it. Also, the harder it is to break into the system, the more time you have to identify an attack and attempt to stop it.

There are also ways to obfuscate the salt, by storing it outside the html/ftp root, and telling php where to look with includes. On top of that, the salt could be appended to the front or back of the password, making it a bit harder to rainbow hack the passwords, even if the salt is known.

Lastly, the way you salt the passwords, and how you salt/hash them is important. It's probably not enough to salt/hash the password once or twice. 10 times, using the right algorithm including the salt in each pass would be sufficient to piss off most hackers.

It sounds like a weird interview to me. Did the interviewer read some random stuff on web design/development before drawing up his questions? It could be argued that you should know the XHTML DTD from memory - but I don't - not even when I was using it full-time before html5. I really for the life of my can't see how this would be a valid question. <dt> is an obscure one that I can only remember using a handful of times - for terminology glossaries mainly - which have a totally different structure to other lists (ul/ol). That's really bizarre. Perhaps they fleeced a few questions for the lamentable W3Schools test?

My 2p - p/w should always be salted - I tend to double dip mine with mixed case and number substituions. I keep this info in a file above the document root along with db details / other security vars. If a malicious user gets above your docroot, you're buggered anyway. :)

Anyway.
If you're not successful this time but you still have an interest in working in a school:

Moodle admin is something I would encourage you to bone up on as more and more schools are 'investing' in it. And as I noted previously - implementation of LDAP (real pain with Moodle!). If you don't have any experience of setting up this system from the point of view of an institution, a course or a visit to a school may be very beneficial. The setup can be pretty confusing, especially when you look at how departments relate to umbrella faculties. Moodle 2 was a major upgrade and transition was fraught with problems with uploded files being orphaned and certain filetypes not being able to be viewed/downloaded. Courses had to be renamed. Security settings were changed (inexplicably) which led to a lot of head-scratching when features failed to work.

@iamthwee

Does it required a licenses for that position?

I'm from the states not familiar with UK requirement working at a school but when I did apply for a IT position at a school a few years back, they require a Network + certification and MCSE certification plus they do a extensive background check (history) before being employed.