TOP 20 NETWORK ADMINISTRATOR INTERVIEW QUESTIONS

The following are the top 20 network administrator interview questions and answers.

These are sample questions from the ebook.

Does HTTPS use TLS/SSL protocol at the transport layer

HTTPS uses TCP at the transport layer. TCP port 443 is used. TLS/SSL is used by HTTPS for encrypting the data exchanged.

Why should mac-filtering not be used as a security defense mechanism on wireless networks.

Mac-filtering is a feature which would allow the mac-address of wireless units on a network to be configured for allowing or denying access to the network. Wireless communication is a shared medium. Anyone with a protocol analyzer can view the mac-addresses on a network. The valid mac-addresses can then be used by hackers to gain connectivity to the network, by using spoofing techniques. This makes mac-filtering vulnerable, due to which it is not recommended.

How can a DHCP starvation attack be mitigated on a switch.

DHCP starvation attack occurs when an attacker sends multiple requests to the DHCP server impersonating different clients. To mitigate this, port-security can be configured which can be used for limiting the allowed number of mac-addresses on a switch port.

Explain two access control techniques by which a router on a LAN can be configured for access only for the network admin.

Appropriate username and password can be used for the admin. An ACL can be configured which would allow only the IP address of the admin PC for access.

What will a router do if it receives an IP packet with TTL value 2.

The router would decrement the value by 1 and forward the packet to the next hop.

Which protocol is not used by IPv6 compared with IPv4 for identifying the mac-address of a peer.

The ARP protocol is used by IP v4 to detect the mac-address for a specific IP address. IP v6 does not use ARP.

How can an admin configure only SSH protocol for remote access on a Cisco router.

The admin can configure an ACL which would allow only TCP port 22 for SSH and deny all other access.

These are sample questions from the ebook.

Can two vlans be assigned with two subnets from the same major network.

Vlans are used for segregating networks. So two subnets irrespective of whether they are from the same of different major networks can be used with two vlans.

Give a practical instance where static NAT is configured on a router.

Static NAT is used in a scenario where a server which is residing on a LAN network needs to be accessed from users on the internet. In this case, the server would have a public IP address which would be mapped with the private IP address using static NAT.

Which port number would you open on a firewall to allow access to a Windows remote desktop server on the LAN network.

Windows remote desktop servers work on TCP port 3389, which should be opened on the firewall for access.

How can packet drops on a network tested by using ping.

100 ping packets can be issued to a system on the network. On a Windows system this can be achieved by the use of command ping – n 100 192.168.2.1, where 100 suggests the number of packets and 192.168.2.1 is the system which is being pinged. The output can be analyzed to see how many ping responses have been lost, which would correspond to the packet loss.

Will a router forward DHCP Discover packet

DHCP Discover is a broadcast packet. Routers do not forward broadcast packets.

A user configures the internet firewall to block incoming IP packets originating from the subnet 192.168.1.0/24. What type of filtering is being performed.

An ACL configured to block inbound packets is termed as ingress filtering. Egress filtering is used for outbound packets.

A user has an http proxy configured on the browser. He attempts to open the website www.tcpipguru.com on the browser. The IP address of the proxy server is 192.168.1.1/24 and the port configured is 80. How will the TCP connection from the user established with the website.

When the user initiates the connection to the website, a TCP 3 way connection is initially established with the proxy server which is 192.168.1.1. The proxy server would then, on behalf of the user, would initiate a TCP 3 way handshake with the website server. This process is transparent and the user is not aware of the same.

What is the use of a destination port number.

The destination port number is used to identify the application, to which the connection needs to be established with. In the above diagram, when the web client opens the browser and attempts to access the website on the server, the destination port number 80 is used, which would be used the web server system to identify, which application the incoming packet is intended for.

These are sample questions from the ebook.

What happens when you ping a website

Take a scenario, where a user pings the website www.tcpipguru.com from a PC. On the PC screen from where the ping is issued, the reply is from an IP address and not from the website name www.tcpipguru.com. Network communications are based on IP addresses and not domain names. When the command ping www.tcpipguru.com is typed, a DNS query is send by the PC to the DNS server IP address which is configured on the TCP/IP adapter settings of the PC, to retrieve the IP address of www.tcpipguru.com. After the IP address is received, the ICMP request (Ping request) is sent to the IP address of the website to which the server sends a reply.

What happens when a URL is typed in a browser

Take a scenario where you are accessing the internet at your home on your laptop. The laptop is configured behind a wireless router which is connected to the internet. You type http://www.tcpipguru.com on your browser. What exactly happen The following are the list of events which happen before you see the home page of the website.

Type the URL on the browser. A DNS query is sent to the DNS Server configured on the TCP IP adapter settings of the laptop. The DNS server responds with the IP address of the website. (This is the IP address of the server which hosts the website). The TCP IP stack of the operating system initiates a TCP 3 way handshake with the IP address of the server. Once the handshake is successful, HTTP Get Message is sent by the TCP IP stack to the server. The server responds with the files and images of the home page of the website, which is displayed on the browser window.

What is the main difference between TCP and UDP

Assume that there are two applications, application 1 and application 2. Application 1 uses TCP and Application 2 uses UDP. The client version of both the applications are installed on PC1 and the server version of both the applications are installed on PC2. If the application 1 client residing on PC1 wishes to send data to the corresponding server residing on PC2, it has to first establish transport layer connectivity. This transport layer connectivity is termed as the TCP 3 way handshake. Only after the handshake is successful, data can be send. If the application 2 client wishes to send data to the corresponding server residing on PC2 , then a transport layer connectivity is not required beforehand. The data can be send instantaneously. Due to this , UDP is always a faster communication protocol.

Is a proxy server IP address required to be configured on a browser if NAT is used for sharing internet.

Proxy server and NAT are two different technologies. If NAT is used for sharing internet, proxy server is not required to be configured on the browser.

Will internet work if the dns server is configured on a PC but not the default gateway.

All packets bound to the internet should be routed through an appropriate gateway. DNS is used only for name resolution. So internet would fail, if the PC is not configured with an appropriate gateway address.

On which port do a DNS client and server work.

DNS clients do not work on a know port. When a DNS request is send, the operating system assigns a random number for the port. DNS servers work on well known port number 53.

These are sample questions from the ebook.