Networking Interview Questions – Part 1

The following are interview questions and answers for network engineers. These are sample questions from the ebook 250 Networking Interview questions and answers

Question 1- What happens when a TCP based packet exits a NAT firewall

When a TCP packet exits a NAT firewall, the source port and destination port
number in the TCP header along with the source and destination IP address in the
IP header is added to the Network address translation table. After this operation is
performed, the source IP address in the IP header is re-written with the IP address
of the NAT firewall following which the packet exits the firewall.

Question 2 -What happens when a TCP based packet returns to a NAT firewall

When a TCP packet which exited the NAT firewall returns, the firewall looks into
the destination port in the TCP header. It would then identify the appropriate entry
in the NAT table which has the corresponding entry. After the packet is identified,
the destination IP address in the IP packet which now contains the IP address of the
NAT firewall would be re-written with the actual initiators IP address, following
which the packet is sent to the intended recipient.

Question 3 – Explain a practical scenario why split tunneling is used

Assume a scenario where a user initiates a VPN tunnel using a remote access
client. Once the connection is established, all packets would be sent through the
VPN tunnel which is created. This would also apply for internet bound packets.
Internet bound packets should not be sent through the VPN tunnel. To avoid
internet packets to be sent through the tunnel, split tunneling feature is used. When
the feature is enabled, all internet packets would be sent through the adapter which
is associated with the internet connection on the client and not through the VPN
tunnel.

Question 4 What is the difference between TCP 4 way handshake and WPA 4 way
handshake

TCP 4 way handshake is used for tearing down a TCP session between a client and
a server. WPA 4 way handshake is used by wifi clients and access points
configured with WPA to derive session‟s keys for encryption and authentication.

Question 5 – Which protocol would you block on a firewall for blocking tracert

Tracert uses ICMP at the network layer. ICMP should be denied on a firewall to
block tracert

Question 7 – How does WEP derive keys which would be used for encrypting data sent
over the wireless channel

WEP pre-shared key is configured on the wifi client and the access point. Preshared
keys are 40 bit or 104 bit in size. The key is combined with an IV
(Initialization vector) which is 24 bits in size and randomly generated and is unique
for every data frame which is encrypted. The total size of the key would then be 64
/ 128 bits.

Question 8 – How does a switch forward traffic from a trunk port to appropriate VLAN.

Trunk links are used for carrying multiple vlan traffic. Every packet which is sent
over a trunk port would have the appropriate VLAN ID inserted in the frame. The
switch would look into the VLAN ID and forward the packet to the appropriate
VLAN based on this information.

Click here to download ebook with Paypal or Amazon – 250 Networking Interview questions and answers