P - 250 Networking Interview Questions and Answers

250 Networking Interview Questions & Answers

www.tcpipguru.com

Preface

This book contains 250 questions based on networking concepts like Firewall, NAT, VPN, Wireless networking, TCP/IP, Frame relay, Routing and switching. The book also includes scenario based questions with diagrams and detailed tutorials. It is ideal for candidates aspiring for networking job interview.

Question 1

What happens when a TCP based packet exits a NAT firewall

When a TCP packet exits a NAT firewall, the source port and destination port number in the TCP header along with the source and destination IP address in the IP header is added to the Network address translation table. After this operation is performed, the source IP address in the IP header is re-written with the IP address of the NAT firewall following which the packet exits the firewall.

Question 2

What happens when a TCP based packet returns to a NAT firewall

When a TCP packet which exited the NAT firewall returns, the firewall looks into the destination port in the TCP header. It would then identify the appropriate entry in the NAT table which has the corresponding entry. After the packet is identified, the destination IP address in the IP packet which now contains the IP address of the NAT firewall would be re-written with the actual initiators IP address, following which the packet is sent to the intended recipient.

Question 3

Explain a practical scenario why split tunneling is used

Assume a scenario where a user initiates a VPN tunnel using a remote access client. Once the connection is established, all packets would be sent through the VPN tunnel which is created. This would also apply for internet bound packets. Internet bound packets should not be sent through the VPN tunnel. To avoid internet packets to be sent through the tunnel, split tunneling feature is used. When the feature is enabled, all internet packets would be sent through the adapter which is associated with the internet connection on the client and not through the VPN tunnel.

Question 4

What is the difference between TCP 4 way handshake and WPA 4 way handshake

TCP 4 way handshake is used for tearing down a TCP session between a client and a server. WPA 4 way handshake is used by wifi clients and access points configured with WPA to derive sessions keys for encryption and authentication.

Question 5

Which protocol would you block on a firewall for blocking tracert

Tracert uses ICMP at the network layer. ICMP should be denied on a firewall to block tracert.

The following questions are based with reference to the below diagram (Cisco router is used)

Question 6

Is a default gateway required to be configured on PC1 to ping 192.168.2.1

PC1 and PC2 are on two different networks. So a default gateway with the IP address 192.168.1.1 should be configured on PC1 for it to ping the IP address 192.168.2.1.

Question 7

How many route entry would be available on the routers routing table.

There would be two route entries, 192.168.1.0/24 and 192.168.2.0/24 which would be directly connected networks .

Question 8

It is required that the server should not be accessed by systems on the 192.168.1.0/24. Identify two techniques which can be used.

1. Configure an inbound ACL on the 192.168.1.1 interface which would deny traffic from 192.168.1.0/24 to 192.168.2.0/24 network.

1. Configure an outbound ACL on the 192.168.2.1 interface, which would block all traffic from the 192.168.1.0/24 network.

Question 9

The gateway of PC1 is 192.168.1.1. Should it be configured on it for PC1 to be able to ping 192.168.1.1.

PC1 and the gateway are on the same network. To ping a gateway it need not be configured as gateways are required to reach systems on different networks.

Question 10

How many route entry would be available on the router, if the interface corresponding to 192.168.2.1 is shutdown .

The route entry corresponding to 192.168.2.0/24 would not be available and there would be only one entry which would be 192.168.1.0/24.

Question 11

Apart from interface configuration on the router, is any additional configuration required on the router for PC1 to access the 192.168.2.0 network .

No. When the interfaces are configured, the routing table of the router is populated with the appropriate entries which are 192.168.1.0/24 and 192.168.2.0/24. When PC1 pings PC2, the packet is sent to the router, which would then look up its routing table and forward to the appropriate interface to PC2.

% End of Question Based on Diagram%

Question 12

How does WEP derive keys which would be used for encrypting data sent over the wireless channel

WEP pre-shared key is configured on the wifi client and the access point. Pre-shared keys are 40 bit or 104 bit in size. The key is combined with an IV (Initialization vector) which is 24 bits in size and randomly generated and is unique for every data frame which is encrypted. The total size of the key would then be 64 / 128 bits.

Question 13

How does a switch forward traffic from a trunk port to appropriate VLAN.

Trunk links are used for carrying multiple vlan traffic. Every packet which is sent over a trunk port would have the appropriate VLAN ID inserted in the frame. The switch would look into the VLAN ID and forward the packet to the appropriate VLAN based on this information.

Refer the below diagram for the following questions (Cisco router is used)

Question 14

PC1 PC2 and PC3 are connected to the internet via a NAT router which does port address translation. If the three PCs simultaneously initiate a HTTP session with the web server, explain how the NAT router would handle the communication

HTTP is based on TCP. When an http based communication is initiated to the web server, the TCP/IP on the operating systems would initiate a TCP 3 way handshake initially with the Web server. The TCP header would contain the source port number, which is used by the operating system and would be unique. The NAT router, on receipt of the TCP header would maintain an entry in the NAT table which would contain the source port number and the source IP address of the actual system which has initiated the connection with a translated mapping which would contain the source port as the same or different number, based on the routers implementation, and the source IP address as the NAT routers IP address. The translated packet is sent to the Web server. When the response from the Web server reaches the router, every packet would contain the same destination IP address (NAT routers IP address), but the destination port number would be unique. The packet would be looked into and based on the destination port number, the correct entry in the NAT table would be used and forwarded to the actual recipient

Question 15

How does the NAT router differentiate two simultaneous connections which are initiated from PC1 to the web server.

The two simultaneous connections from PC1 would be two distinct TCP connections, which would contain unique source port numbers for each connection. Based on this information, the NAT router would differentiate the connection.

Question 16

What would the source IP address in the IP header which is sent from PC1 be when it reaches the web server .

When PC1 initiates a packet to the web server, the NAT router intercepts and re-writes the source IP address in the IP header with the IP address of the router. When the packet reaches the web server, the source IP address would contain the IP address of the router.