Networking

Protocols
OSI Reference
Model

Questions
What are the different network stack models and list all the layers of each model?
What are the functions of Trasport, Network and Datalink layers?
What are the different protocols works at each of the layers?
What is end to end communication and Hop to Hop communication?
What is a port number and give some examples.
Explain IP layer ( L3) and IP protocol header
What is fragmentation and explain how IP will handle the fragmentation.
What is the difference between Half-duplex and Full-duplex?
Define Unicast, Multicast and Broadcast. What is the use of Multicast?
What are the functions of Data link layer, what is the MAC format?
What is a Frame, explain the frame header.
A scenario to explain the packet flow layer wise.

IP Addressing
(32 bit & 128
bit)

What is IP address and it's format

What are the different Classes of IP address and give the range of each class
What is network id , broadcast id and subnet mask?
How to find the netsork id of a given IP address?
What is subnetting and give us a scenario for implementing IP subnetting, a task
on subnetting.
What is the difference between FLSM and VLSM?
What is the subnetwork address if the destination address is 200.45.34.56 and
the subnet mask is 255.255.240.0?
What is the subnetwork address if the destination address is 19.30.84.5 and the
mask is 255.255.192.0?
A company is granted the site address 201.70.64.0 (class C).
The company needs six subnets. Design the subnets.
A company is granted the site address 181.56.0.0 (class B). The company needs
1000 subnets. Design the subnets

Subnetting &
VLSM
ARP

GARP

ICMP (Types &

Codes)

You want to implement class c IP addresses in your network.so, what subnet

mask you should implement in your network so that number of subnets will be
equal to the number of hosts per subnet?
ARP works at which layer and Why?
Is ARP part of the Ethernet frame?
What is the target IP address in ARP request and ARP reply packet?
What is GARP and how it will be useful?
Difference between ARP and GARP?
What is the target IP address in GARP request and GARP reply packet?
Packet structure of ARP and GARP?
Explain various ICMP messages?
Which ICMP message confirms the traceroute is completed?

IP

TCP (3 way
handshake,
Windowing,
Flow control,
Flags,
Retranmission,
SACK)

Which is the importance of identification field in the IP packet?

Why fragmentation is required?
Which device can reassemble the packet?
How the packet is reassembled?
What is the importance of DF, MF flag?
What is the purpose of fragment offset?
What is the importance of TTL value?
What does the protocol field determines in the IP packet?
Explain 3 way handshake process?
What is the importance of sequence number?
How sequence number is calculated?
What is the purpose of acknowledgement number?
What is the difference between Total length and header length?
What does window size indicate?
When the MSS value is getting negotiated?
Explain the control flag?
What is the difference between PUSH and URG flag?
What is the purpose of RST bit?
What is SACK?
Who is responsible for the reliability of UDP packet.
Difference between TCP and UDP.

UDP

FTP ( Active &

In a serialized connected network including Router, Switches and Firewall with

varied MTU sizes Which device will fragment the packet and what are the sizes
of each fragment?
Why Firewall reassembles the packet?
What Firewall verifies after reassembling the packet?
Can reassembly done by intermediate device?
Is fragmentation applicable only for TCP?
Can we fragment packet containing UDP data?
What is the difference between Active and Passive FTP?

Passive)

TFTP
SNMP (Query &
Response, MIB,
Communities)

What is the important of port command?

Which FTP type is preferred if firewall is blocking the connection?
How active FTP works?
How passive FTP works?
How TFTP works? Explain the protocols involved.
What is SNMP?
SNMP versions.
Components of SNMP?
Ports used in SNMP?
Explain MIB?
Explain how to implement SNMP on a network?
Explain difference between SNMP Query response & SNMP trap?

Ping

Traceroute

HTTP/S
DHCP

DNS

Auto
Negotiation

What are the various instances of getting Request timed out?

Difference between destination host unreachable and destination network
unreachable?
Explain various ICMP messages?
How traceroute works?
What is the difference between traceroute and tracert?
Is traceroute a reliable tool to identify network issues?
Why there are three columns in traceroute results?
Which ICMP message confirms the traceroute is completed?
What does * indicate in traceroute result?
Difference between HTTP & HTTP/S?
How DHCP works?
What is the reason for getting APIPA address?
How to troubleshoot APIPA issue?
What is the purpose of relay agent?
Is DHCP decline message is sent by Client or Server?
Is DHCPNACK message is sent by Client or server?
How DHCP discover message is being forwarded by router when it is a broadcast
message?
Explain zone transfer?
What are the types of records?
What is forward lookup & Reverse lookup?
When will DNS use TCP?
When will DNS use UDP?
Explain DNS quesr process.
Explain Auto negotiation.
What is MDI & MDIX ports?
Explain Straight Through & Cross Over cabling. Where will it be used.

Switching Protocols
Layer 2 Ethernet Frames Details
Mac Address table
Blocking,Listening, Learning, Forward, Filter, Aging
VLAN
ARP Vs Mac Table
Spanning Tree Protocol (RSTP, MSTP)
802.1Q

Questions
What is inter vlan routing?
What is sub interface?
What is a broadcast domain and a collision domain
Compare HUB and Switch WRT broadcast and collision domain
What is a MAC address table and how a Switch will build a MAC
table, single switch scenario and multiple switch scenario
What is a VLAN and how it will reduce the broadcast traffic
What is the difference between an access port and a trunk port
and what are different types of tagging
What is a native VLAN what type of traffic will go through native
VLAN
What is STP and why do we need redundant links between
switches,
What are the different port states and timers and BPDU
What is bridge id and its format and the Root bridge election
criteria
STP convergency with 4 switches, what is the Root port election
criteria
What is TCN and TC BPDU and STP reconvergency
Can you explain the ARP Header with the fields?
What are the changes a frame undergoes in a switch

Questions

Routing Concepts
What is a routing table?
Define static routing & dynamic routing?
What is a default route?
What is a route metric?
What is the difference between routing and routed protocol? Give examples.
What is route lookup process, parent and child route
What is the effect of IP classless and classfull on routing
What are the different type of routing table entries and Admin distance
What are the different types of routing protocols and list for each type
OSPF
What do you understand by backbone area?
What is the need for dividing the autonomous system into various areas?
What is the benefit of dividing the entire network into areas?
What changes it would make if the network is divided or not divided into areas?
What is the purpose of Stub area?
What is the purpose of NSSA area?
How Stub and NSSA works?
What are the criteria to form neighbour ship?
Why master slave needs to be elected between two neighbour interface?
What is virtual link?
Virtual link updates are multicast or unicast?
Explain the various states of OSPF?
What are various LSA and message Types?
What is the difference between E1 an E2 metrics?
Explain router redistribution?
How DR and BDR is elected?
BGP
Difference between eBGP and iBGP?
What is the TCP port number for BGP communication?
Explain various states of BGP?
What is the reason for an interface stuck on active state?
Do we need to follow 3 way handshake process to establish BGP communication?
What are various path attributes?
What is difference between Local preference and MED attributes?
Explain the sequence of selecting the best route through the attributes?

Questions

Firewall
What is a firewall?
If Firewall is the intermediate device between two OSPF neighbour what changes need to be implemented in
firewall to ensure neighbour ship is built?
If Firewall is the intermediate device between two BGP interface - what changes need to be implemented in firewall
to ensure neighbour ship is built?
What piece of information firewall verifies after reassembling the packet?
Explain NAT with respect to firewall?
What is NAT T, DNAT, SNAT and Static NAT?
Explain Security ZONEs?
Explain DMZ? Why it is required? Benefits of DMZ?
What are Proxy servers & how do they work?
Explain Denial of Service?
Explain some common attacks & how to prevent them?
How does a firewall process a packet?
What are the types of Firewall? Explain.
What is the difference between stateful & stateless?
Explain HA with regards to server clustering?
Explain Active-active and active-passive high availability solutions.
Explain how does standby Know if acive is down.
Explain Failover.
Explain Switchover.
Explain Switchback.
VPN
IPSec
Route based & Policy based
AH,ESP,NAT-T, IKE - V1 & V2, ISAKMP, DH groups, PFS
Phase 1 & Phase 2 (Main, quick & aggressive mode)
Tunnel & Transport Mode
Dynamic VPN
Certificates
How to troubleshoot IPSEC VPN?
What is the need of Phase 2 negotiation when we already set up communication through Phase 1?
Issue with a particular message of IPSEC VPN?
What is Dynamic IPSEC VPN?
What is the difference between Transport and Tunnel mode?
Explain the traffic flow (for Netscreen)
What are ports used during an IPSec communication phase?
How IPSec works (Phase 1 and Phase 2) ?
What is the difference between IPSec VPN & GRE Tunnel?
Why do we need two phases in IPSec? Can we run IPSec with only one Phase? If Yes, is it Phase 1 or Phase 2 Justify

What is symmetricAssymmentric key encryption ?

Explain Hash process.
Explain IKE phases (Main Mode, Aggressive Mode & Quick Mode)

UTM
UTM Protocols
Threats
Attacks (DOS, TROJAN, WORM, IP Spoofing, Man in the Middle, Session hijack)
Anti Virus
Anti Spam
Content Filter
Web Filter
Mitigation Techniques for the above attacks
Deep packet Inspection

Questions
Blocked at connection level is when SMTP sender is
identified as spam sender based on which parameter?
Anti-virus is responsible for which vulnerability?
Content filtering can permit/deny traffic based on which
parameter?
The hacker/untrusted user is trying to change its ip header
source as trusted ip header . what type of attack is this?
For the Anti-spam / Anti-Virus / Web-Filtering to work, what are
features required on firewall?
How is a VIRUS packet spread across network?
In anti-spam what is the order of verification of email?
What is UTM ?
Explain Web filtering, content filtering, ANTI SPAM, Anti Virus
Explain deep packet inspection

Scenario Based Questions

NETWORKING
1) You are not able to access yahoo.com on your private computer, in your home. Please list the
steps you will take to find (not necessarily fix) the cause of the problem.
2) A scenario with 3 PCs connected to a switch with IP addresses, explain how PC1 will learn
MAC of PC2 step by step.
3) What is a gateway, how and which scenario ARP will learn the MAC of gateway?
4) What is Proxy ARP and in which scenario you will enable proxy ARP.
SWITCHING

1) Explain in detail, PC1 wants to communicate to PC2

2) Explain in detail, PC1 wants to communicate to PC2

3) What happens if we add link between two switches

a) No STP running on switches, explain how data loop will occur

b) If STP running, which port would be blocked

4) Explain Redundancy Scenario VRRP

5) Scenario, 2 PCs connected to different Switches in the same VLAN but not able to
communicate (Issue is with link between Switches) Tagging and Native VLAN
ROUTING
1) Explain troubleshooting states
a. routers stuck in INIT state
b. routers stuck in EXSTART State
2) Explain OSPF adjacency formation through each state

a. If same router-id on R1 & R2. Routers will be in which OSPF state and what
packet will tell it.
b. If router R1 & R2 on same link are configured with same IP address which
ospf state will it be.

3) In OSPF domain Router in Area 1 is connected to Area 0, Router in Area 0 is

connected to Area 2.
Routers in Area 2 receives LSA Type 5 from Area 1 via., Area 0
a. Router in Area 2 based on what criteria will install the route in the routing
table

b. Assume another router (R7) in Area 1 having an ASBR. Based on what

criteria will it look before installing in Routing table.

4) Troubleshoot BGP Neighborship stuck in ACTIVE

Hints
a. TCP
b. Debug

c. Firewall blocking
5) In BGP multi-homing scenario, how can we prevent customer being used as
transit AS

6) In BGP, if different hold timer set on two routers what will happen?

7) What happens if we have different version of routers in BGP open message sent

8) What things to be considered for eBGP if connected indirectly

9) BGP Scenario

eBGP between R1 & R5 and R3 & R6

iBGP between R1 and R3
R5 advertises prefix 1.1.1.1
-

will R6 see the route 1.1.1.1 in it bgp table ? explain

What will the bgp attributes seen in R6 bgp table like next-hop, metric, aspath

10. computers are connected with one Ethernet cable. What cable should be used? How network
adapters should be configured so that one computer can ping another.
11. 2 computers are connected with 2 Ethernet cable via L2 switch. What cables should be used?
How network adapters should be configured so that one computer can ping another.
12. 2 computers are connected with 2 Ethernet cable via router. What cables should be used?
How network adapters should be configured so that one computer can ping another. How
should router be configured

13. In MPLS, customers CE router is connected to two Provider Edges (PE) - PE1 and PE2. PE1
and PE2 are connected to Provider(P) router acting as Route Reflector(RR). P acting as RR is
connected to PE3.Will PE3 have two routes from CE? Explain step by step

14.Troubleshoot MPLS L3VPN scenario, customers two sites CEs are connected
through MPLS backbone are not able to exchange the routes with each other.

15.Explain from 1 to 9 what headers will change at which location

16.Explain in detail the functions of a router

17.All ports are access ports and no trunk configured on any ports
Will C1 be able to ping C2

Will C1 be able to ping C3

Will C1 be able to ping C4

18.C1 is not able to Ping C3, Explain in detail What needs to be done in order to
ping between all Machines

19.I am running RIP V1, Assume all links are up and running.

run debug ip rip

why do you see 10.1.0.0, 10.2.0.0, 10.3.0.0 and 10.4.0.0 RIP V1 destination
address 255.255.255.255?
Why RIP V1 is carrying the second octet in the advertisement since RIP V1 is
supposed to be class full routing protocol?

VLSM

1) VLSM 192.168.0.0/24
5 host

15 host
2)

25 host

45 host

3) No. of Hosts in 10.0.0.1/32

4) New Subnet mask 10.10.10.1/24 if need 1000 hosts
5) What is the subnet mask 192.168.0.0/24 if need 10 subnets

Firewall
1. How FTP connection will be established between client & server. Explain in detail.

Perform FTP from 10.1.1.10 to 192.168.1.3. Explain where & what type of NAT
has to take place along with the flow of traffic.

2. What is the most efficient way to make PC A reach server A using Public IP on
firewall. Both First & Fast Path has to be evaluated by engineer & explain packet
structure at each point.

3. Firewall has Anti-virus enabled and AV is supposed to update the pattern

database every 1 hour. The update is failing and the database is now 1 day old.
How will I troubleshoot & resolve

UTM
1. Requirement is to block www.facebook.com& in my blacklist I have hardcoded
the IP to blocked, however after 2 days again from Trust I am able to open
www.facebook.com. What can be the problem how can I resolve

2. We see remote ends are overlapping, how will I establish my connection over
VPN to get site A to talk to site B

1. How many messages are exchanged in Aggresive Mode ?

2. What data is passed in Main Mode?
3. What information passes in Phase 2 ?
4. What is the advantage of SPI?
5. List out the possible reasons for which Phase 1 of VPN tunnel does not
come up?
6. Troubleshooting scenario of VPN :

7. 10.10.10.0/24-------FW(192.168.0.1)-------------(192.168.0.2)FW------192.168.0.0/16
-Proposal on both sides are similar but tunnel is not coming up, how
will you troubleshoot?
-What will you check if message 5 fails?
8. Troubleshoot the scenario where ping from 192.168.0.2 is not working
to 20.20.20.2.
9. 192.168.0.2/24----SW----ROUTER----------ROUTER------SW----20.20.20.0/24
10.

What is the information or content in Routing Table ?

11. Can you explain the flow in a firewall when ping/tcp traffic is
initiated?
12.

Why does Destination NAT occur before other look ups?

13.

What is a session id?

14.

What are the parameters of the session?

15. In fast path of session, how does return traffic where ip addresses
and ports numbers are interchanged match the session?
16.

What is reverse path look up?

17.

How do you check for error on interface?

18.

What do you look for in syslog?

19.

What infomration does layer 3 and layer 4 header contain?

20.

What kind of problems related to MTU is seen in L2 and L3 devices?

21.

How can I turn off fragmentation?

22. IN VPN phase 1 is up, but Phase 2 is down , what will be your
approach to troubleshoot this?
23.
VPN PH-1 and PH-2 is UP, but traffic is not flowing, how will you
troubleshoot?
24.

When is a security policy required?

25.
What is the difference between host in bound traffic(to traffic) and
transit traffic (through traffic) ?

26. 10.9.40.2(PC)--------SW-----FW---ISP-----Google ----> 10.9.40.2 is

unable to ping google , what will you check?
27. To which address does DNS query go by deafult if DNS server is not
configured?
28.

How is a ARP packet generated for an IP address?

29.

Why is GARP used?

30.

Explain the packet of GARP.

31. In Cisco cluster, the passive device has a stand by ip, why is this ip
required or what is the use of this ip?
32.

What is DH group is VPN, what kind of key does it generate?

33.

What events or protocols used for monitoring?

34.

Explain how SNMP works?

35.

What is the difference between SNMP v2 and SNMP v3 ?

36.

How will you troubleshoot a scenario where SNMP is not working?

37.

What is the difference between CAM and MAC table?

38.

What is the difference between MAC and ARP table?

39.

What is the difference between MSS and MTU?

40.

Can you explain how ADSL works?

41.

For PPoE connection what types of authentication are available?

42. A(PC)---1500----600-L2(SW)-800------700-FW-400----750-L2(SW)1000----1500-B(PC) , with different MTU's how will packet traverse?

43.

In which fragment will you have layer 4 infomration?

44.

What is a transperant firewall?

45.

How does session get created in a transperant firewall?

46. EBGP----R2----------R1-----------R3 EBGP

(i) Routes of R2 is shown in R3 as hidden , how will you troubelshoot?
(ii) EBGP routing is OK, but IBGP routes are not getting exchanged. How

will you troubleshoot?

47.

55.

What is a sub-interface and what is the use of tagging?

48.

What is the difference between L2 and L3 tag/vlan?

49.

What is window scaling?

50.

What is SYN and SEQ check?

51.

What is the size of SYN?

52.

What is the use of SACK?

53.

Can you draw and explain ARP header?

54.

How does path MTU discovery happen?

What is Transparent Firewall?

56.

How is the session table maintained in the transparent firewall?

57. EBGP routes are exchanged properly, but IBGP routes are not exchanged.
Why?
58.

How will you determine pack drops/ loss in the Network?

COMMUNICATION PARAMETERS
Compete
ncies
Vocal
Delivery

Rating

Neutral
Accent

No Errors

1 to 2 errors

3 to 4 errors

Mother Tongue Influence/

Regional Language Influence

Speech
Quality

Completely
clear &
audible:
normal/aver
age/good
RoS,
volume &
pitch;
absence of
speech
defects;
clear
enunciation

Very clear &

audible speech:
normal/average
/good RoS,
volume & pitch;
absence of
speech defects;
slightly unclear
enunciation

Mostly clear &

audible: varying
RoS, volume &
pitch; slight
speech defect;
slightly unclear
enunciation

Very unclear &

inaudible: very
high RoS &
pitch; traces of
mumbling;
strong speech
defects; unclear
enunciation

Completely
unclear &
inaudible:
very high
RoS & pitch;
consistent
mumbling;
severe
speech
defects;
unclear
enunciation

Thought
Flow &
Fluency

Speaks in
complete
sentences;
has a good
command
of the
languageexcellent
vocabulary
& correct
usage of
idioms;
sentences
follow one
another in a
logical
sequence;
very
comfortable
with the
languageextremely
smooth flow
of speech.

Speaks a lot &

in complete
sentences;
uses a range of
words & idioms,
may
falter/digress if
interrupted; no
groping/fumblin
g for words,
pauses,
slipping into the
vernacular or
fillers; the entire
speech makes
sense but is not
organized in the
best possible
manner.

Limited range
of/similar
sentences;
slips into the
vernacular;
regular use of
fillers; long &
regular pauses;
inappropriate
usage.

Poor
vocabulary &
knowledge of
sentence
construction;
standard 3-4
word sentence
format; regular
groping for
words; speech
mostly a
questionanswer
session;
repeats words
& ideas; too
many fillers,
pauses, &/or
local language
words; no
organization of
speech.

Speaker
cannot
speak even
one or two
sentences
completely.
Appears as
if/she is
speaking for
the first time
in English.
Uses one or
two word
sentences.
No
organization
and flow at
all. Keeps
silent for
most part of
the time.

Grammar

Grammar

No errors

14
grammatical
errors

5 7 errors

8 14 errors

15+errors

Customer
Service

Courtesy
&
Empathy

Empathized Empathized,
Empathized,
Displays some
Poor Call
,
paraphrased
paraphrased
traits of
handling
paraphrase
and assured
and assured
empathy and
skills. Did
d and
assistance.
assistance.
tries to assist .
not
assured
Appropriate
Appropriate
Appropriate
empathize,
assistance.
response /
response/Ackn
response /
assure
Logical
Acknowledgme owledgment.
Acknowledgme assistance.
probing.
nt. Dead air
nt.
Did not
Providing
management.
acknowledge
resolution.
/respond
Appropriate
appropriately
response/A
.
cknowledg
ment. Dead
air
manageme
nt.
Empathized, paraphrased and assured assistance. Logical probing. Providing resolution.
Appropriate response/Acknowledgment. Dead air management.
Under Active listener,
Displays active
Seldom
Follows
Inactive
standi Acknowledges
listening most
displays active
selective
listener.
ng
and provides
of the time,
listening,
listening,
Doesn't
Accen assurance
acknowledges
doesn't
doesn't
acknowledge
t
appropriately.
and provides
acknowledge
acknowledge,
, empathize,
Empathized &
assurance
appropriately.
empathize or
provide
followed
appropriately.
Provides
provide
assurance

effective
avoidance of
interruption.

Empathized &
followed
effective
avoidance of
interruption.

assurance,
empathy and
follows effective
avoidance of
interruption.

assurance
appropriately.
However
follows effective
avoidance of
interruption.

and effective
avoidance of
interruption.

Customer Handling
S.No Questions
1
2
3
4
5
6
7
8
9
10
11

Customer call and says his Firewall is down. What will you do?
When will you escalate cases?
How will you judge the criticality of a case?
How will you handle an escalation?
As soon as you pick up the phone the customer says he will only speak to a manager. What will you
do?
A case came to you, you couldnt resolve it. T went to L2 and they also couldnt resolve it. It is now
with the ATAC. What will you do?
For how long will you troubleshoot a case before escalating it?
You are on a bridge call, issues is resolved, but more people are getting on to the bridge. What will
you do?
When will you decide to replace a device?
You have a two cases. One is amongst your top 10 customers. One is a new customer. Which will you
give priority?
You are trouble shooting a case which involves products of other vendors. How will you convince a
customer that the issues is not with the device but with the other vendor device?

12
13

Customer calls and says it is an emergency, what will you do?

Customer calls and says that he needs immediate help but he is not at his office nor does he have
connectivity to the network. How will you troubleshoot?

14

You are on a call where the VPN is not coming up. At that time you get a call back popup on your
screen for another customer. Your current customer is not willing to get off the phone. What will you
do?
Weekend, no team lead, customer is irate, delay in case progress. What will you do?
Priority issue, not able to resolve, what is the next action?
P1 issue small customer, P3 issue but premium customer. Which one will you attend first?
Cool customer, getting irate due to delay in troubleshooting. How will you handle this on the call?
Long pending case, stuck with logistics team, were engineer cant do much.. Customer not willing to
speak to duty manager any more.. Wants you to resolve the issue right on the call. How will you
handle?
VPN tunnel is down, have only 15 mins to resolve the issue? How will you handle this situation?
When will you decide to escalate the issue? How long will you continue working on the case?
Initially on the conference call there were 10 people on the bridge.. as you troubleshoot.. number of
people on the bridge increases to 50.. what does it mean to you? Big designations are getting added
on the call & you get a call from unknown person in your company asking you .. Do you need Help?
What will you do?

15
16
17
18
19
20
21
22