Network administrator interview questions

How can the basic working of the functionality of an application on a server checked from a remote location.

Network applications works on port numbers. When an application is installed on a system, the appropriate port would be open. If the application is not running, the port would be in closed state. A port scanner like nmap can be used for checking the appropriate port is in open or closed state.

Name two reasons as to why ping response is not received from the destination

The ping can fail if the destination is shutdown or it can also be a firewall on the destination blocking the packet.

How can a FTP server residing on a LAN network accessed from a PC on the internet. Assume that the LAN network has an internet connection using a router.

Port forwarding feature can be used to achieve the functionality. Port forwarding feature can be configured on the router to forward all requests to TCP port 20 and 21 which are used by FTP servers to the appropriate LAN IP address of the FTP server. Users can then FTP into the public IP address of the router which is connected to the internet. When the router receives the request, it forwards to the internal FTP server IP address.

How can the desktop of a Linux system viewed from Windows.

VNC protocol can be used for the purpose. The Linux system can be setup as a VNC server and Window as the VNC client. The IP address of the Linux system can be configured in the VNC client, following which connectivity can be achieved.

Explain a technique by which web access can be blocked on a network with a firewall.

An ACL can be configured which would block DNS packets originating from the network. DNS is used for resolving URL into IP address. If DNS is blocked, web communication would fail.

How can web access be blocked for a specific group of users on a network with a firewall.

Create two networks to segregate users. Map 1 network with users which are allowed and the 2nd network with users which are not allowed. Create an ACL which would deny access to DNS for the 2nd network. As DNS is blocked, web access would not be allowed for the respective network.

Which feature on a router can be used to block access to known websites.

URL filtering is a feature which is available on routers where the URL name of the websites can be provided and access to the same can be blocked.

Does HTTPS use TLS/SSL protocol at the transport layer

HTTPS uses TCP at the transport layer. TCP port 443 is used. TLS/SSL is used by HTTPS for encrypting the data exchanged.

Why should mac-filtering not be used as a security defense mechanism on wireless networks.

Mac-filtering is a feature which would allow the mac-address of wireless units on a network to be configured for allowing or denying access to the network. Wireless communication is a shared medium. Anyone with a protocol analyzer can view the mac-addresses on a network. The valid mac-addresses can then be used by hackers to gain connectivity to the network, by using spoofing techniques. This makes mac-filtering vulnerable, due to which it is not


How can a DHCP starvation attack be mitigated on a switch.

DHCP starvation attack occurs when an attacker sends multiple requests to the DHCP server impersonating different clients. To mitigate this, port-security can be Copyright 2015 @

configured which can be used for limiting the allowed number of mac-addresses on a switch port.

Explain two access control techniques by which a router on a LAN can be configured for access only for the network admin.

Appropriate username and password can be used for the admin. An ACL can be configured which would allow only the IP address of the admin PC for access.

What will a router do if it receives an IP packet with TTL value 2.

The router would decrement the value by 1 and forward the packet to the next hop.

Which protocol is not used by IPv6 compared with IPv4 for identifying the mac-address of a peer.

The ARP protocol is used by IP v4 to detect the mac-address for a specific IP address. IP v6 does not use ARP.

How can an admin configure only SSH protocol for remote access on a Cisco router.

The admin can configure an ACL which would allow only TCP port 22 for SSH and deny all other access.

Can two vlans be assigned with two subnets from the same major network.

Vlans are used for segregating networks. So two subnets irrespective of whether they are from the same of different major networks can be used with two vlans.

Question 108 Copyright 2015 @

Give a practical instance where static NAT is configured on a router.

Static NAT is used in a scenario where a server which is residing on a LAN network needs to be accessed from users on the internet. In this case, the server would have a public IP address which would be mapped with the private IP address using static NAT.

Which port number would you open on a firewall to allow access to a Windows remote desktop server on the LAN network.

Windows remote desktop servers work on TCP port 3389, which should be opened on the firewall for access.

How can packet drops on a network tested by using ping.

100 ping packets can be issued to a system on the network. On a Windows system this can be achieved by the use of command ping – n 100, where 100 suggests the number of packets and is the system which is being pinged. The output can be analyzed to see how many ping responses have been lost, which would correspond to the packet loss.

Will a router forward DHCP Discover packet

DHCP Discover is a broadcast packet. Routers do not forward broadcast packets.

A user configures the internet firewall to block incoming IP packets originating from the subnet What type of filtering is being performed.

An ACL configured to block inbound packets is termed as ingress filtering. Egress filtering is used for outbound packets.

A user has an http proxy configured on the browser. He attempts to open the website on the browser. The IP address of the proxy server is and the port configured is 80. How will the TCP connection from the user established with the website.

When the user initiates the connection to the website, a TCP 3 way connection is initially established with the proxy server which is The proxy server would then, on behalf of the user, would initiate a TCP 3 way handshake with the website server. This process is transparent and the user is not aware of the same.

Three switches sw1, sw2 and sw3 transmit STP BPDU packets with the following info in the Bridge ID. Which switch will be elected as the root bridge

sw1 : Bridge priority 3456, Mac-address : 00:1b:78:ab:9f:91. sw2 : Bridge priority 1234, Mac-address : 00:1b:78:ab:9f:92. sw3 : Bridge priority 2345, Mac-address: 00:1b:78:ab:9f:93.

STP protocol elects the switch with the lowest priority as the root bridge. Sw2 would be elected as the root bridge as it has the lowest priority.

A switch port operating in full duplex mode is connected to a PC operating in half duplex. What would be the effective duplex settings for the communication

The effective duplex setting would be half duplex as a full duplex system cannot communicate as full duplex when the peer is operating in half duplex.