Network Interview Questions

Question 1

Troubleshoot with a user over the phone who can’t log into their computer. (7)
Tier 1

Answer 1

1. Check the power source and ensure it is properly plugged in and turned on.
2. Verify user credentials, including username, password, and caps lock status.
3. Check for error messages and use them to guide troubleshooting.
4. Verify network connection is working properly.
5. Restart the computer to see if it resolves the issue.
6. Try logging in with a different account to determine if the problem is specific to the user’s account.
7. Scan for malware and check for other security issues if none of the above steps work.

Question 2

Troubleshoot a user who can’t log into their computer while over the phone?
Tier 2 (6)

Answer 2

1. Verify user account status in AD.
2. Check for relevant event logs or error messages.
3. Reset password and retry login.
4. Verify group membership and privileges.
5. Review security policies and network configurations.
6. Send a new device and perform a system restore if needed on old system.

Question 3

Troubleshoot a user who calls and says they can’t print- what would you do to troubleshoot?

Answer 3

• Ask basic questions to gather information about the issue to see if any errors could point me in the right direction.
• Check printer network settings!
• Check printer settings on the computer and ensure the correct printer is selected and set as default.
• Restart both the computer and printer and check for software updates or driver issues.
• Escalate the problem to a higher level of support or contact the printer manufacturer for assistance if the issue persists.

Question 4

Can you tell me about a time you had trouble diagnosing a network error? What did you do?

Answer 4

To diagnose a network error, I would start by gathering as much information as possible to see if I hear an error or issue that can point in the right direction.

Could be a weak Wi-Fi signal, or the physical cable is worn or completely snapped, could be an application that’s hogging up the bandwidth, excessive CPU,

Question 5

Explain LAN vs WAN

Answer 5

LAN stands for (Local Area Network) refers to a group of devices that are connected to each other within a small geographic area, such as an office or building.

WAN (Wide Area Network), on the other hand, refers to a larger network that spans across a wider geographic area, such as multiple buildings or even countries.

Question 6

What goes into Wi-Fi management and configuration?

Answer 6

• This includes configuring wireless access points, security settings.

It’s also important to consider factors such as signal strength, bandwidth, and interference when setting up and managing a Wi-Fi network.

Question 7

• Topographically where would you put a Firewall?

Answer 7

• Firewall placement depends on network topology and security requirements
• Typically placed at perimeter of network between internal network and internet
• Can also be placed internally within a network
• Monitors and filters incoming and outgoing network traffic
• Blocks unauthorized or malicious access
• Provides additional layers of protection and controls access between different network segments
• Placement and configuration depend on organization’s needs, goals, network architecture, traffic patterns, and security policies

Question 8

What is a VPN?

Answer 8

A VPN is Virtual Private Network which is a private WAN (Wide Area Network) built on the internet. It creates secured tunnels which allow secure connection between different networks. So by using a VPN a client can connect to the organization’s network remotely.

Question 9

What is an IPv4 address? What are the different classes of IPv4 and what are Private and Special IP adresses?

Answer 9

An IPv4 address is a 32-bit dynamic address that is usually displayed in dotted decimal notation. It has 5 classes A, B, C, D, E.

A - Large Networks
B - Medium Networks
C - Local Area Networks
D - Reserved for multicasting
E - Reserved for research purposes

Special IP addresses range from 127.0.0.1 to 127.255.255.255 and are network testing addresses or known as loopback addresses.

Question 10

• On what device would you put DHCP on?

Answer 10

• DHCP is typically put on a router or server
• Responsible for managing the network and assigning IP addresses
• Automatically assign IP addresses to devices as that connect to the network

Question 11

Define and describe the 7 layers of the OSI model?

“All people seem to need data processing.”

Answer 11

Application (APDU) - Contains protocols commonly used by users.
Presentation (PPDU) - Concerned with syntax and semantics of information transmitted.
Session (SPDU) - Allows users on different machines to establish sessions with each other.
Transport (TPDU) - Uses TCP protocol to transport data.
Network (Packet) - Uses network addresses to route packets to a destination node. Uses IP protocol.
Data Link (Frame) - Provides means to transfer data between network entities and possible detect errors that may occur. Uses MAC addresses.
Physical (Bit) - Concerned with transmitting raw bits over communication channels.

Question 12

• What is NAT used for?

Answer 12

• NAT (Network Address Translation) is used to translate private IP addresses to public IP addresses, allowing devices on a local network to communicate with the internet.
• This is typically done through a router or firewall, which assigns a unique public IP address to each device on the network.

Question 13

Describe the TCP/IP Reference Model

Answer 13

The TCP/IP Reference Model is a conceptual model that describes the communication protocols used on the internet.

Application - HTTP, SMTP, RTP, DNS
Transport - TCP, UDP
Internet - IP, ICMP
Network Interface / LInk - Ethernet, 802.11, DSL, SONET

Question 14

What is HTTP and HTTPS Protocol?

Answer 14

HTTP is HyperText Transfer Protocol which defines a set of rules and standards on how information can be transmitted on the World Wide Web (WWW). Uses the TCP protocol and default port is 80.

HTTPS is HyperText Transfer Protocol Secure which is a secure version of HTTP. On top of HTTP it uses SSL/TLS protocol to provide the extra layer of security and uses port 443 by default.

Question 15

What is the SMTP Protocol?

Answer 15

SMTP is Simple Mail Transfer Protocol which is a set of rules for communication between servers. These rules help software send emails over the Internet and the default port is 25.

Question 16

What is DNS?

Answer 16

DNS stands for Domain Name Server. It serves as a directory of the internet that translates domain names to their corresponding IPs. Default port is 53.

Question 17

What is UDP Protocol?

Answer 17

UDP stands for User Datagram Protocol and is based on Datagrams. Usually used for broadcasting or multicasting but does not use the three way handshake model and does not do any error checking.

Question 18

What is the ICMP Protocol?

Answer 18

ICMP stands for Internet Control Message Protocol and is a network layer protocol which is used for error handling. ICMP does not have a default port since it was designed to communicate network-layer information not between application layer processes.

Question 19

What is the ARP Protocol?

Answer 19

ARP stands for Address Resolution Protocol. It is a network-level protocol used to convert IP addresses to MAC addresses when devices are trying to communicate with each other over local networks.

Question 20

What is the FTP protocol?

Answer 20

FTP stands for File Transfer Protocol. It is an application layer protocol used to transfer files and data between hosts. Default port is usually 21.

Question 21

What is Cryptography?

Answer 21

Cryptography is the study of techniques for securing information for communication to prevent third parties from reading the data.

Question 22

What is the difference between IDS and IPS?

Answer 22

IDS is Intrusion Detection System which only detects intrusion while IPS is Intrusion Prevention System which prevents and detects intrusions into the system.

Question 23

How is Encryption different from Hashing?

Answer 23

Encrypted data has a key which can convert data back to the original while hashed data cannot be converted back to the original.

Question 24

What is a three-way handshake?

Answer 24

The three-way handshake is the TCP protocol which creates a connection between the host and client.

1. Client sends a SYN packet to server to see if server is up and to request for a connection
2. Server sends a SYN-ACK package to the client to acknowledge the connection
3. Client sends ACK packet back to the server

Question 25

What are the response codes than can be received from a Web Application?

Answer 25

1xx - Informational Response
2xx - Success
3xx - Redirection
4xx - Client-side error
5xx - Server-side error

Question 26

What is traceroute? What is it used for?

Answer 26

Traceroute is a tool that shows you the path of a packet. Usually used to check if packet is reaching its destination and to identify the point of failure.

Question 27

What is the difference between Symmetric Encryption and Asymmetric Encryption?

Answer 27

Symmetric encryption is when you use the same key to both decrypt and encrypt while Asymmetric encryption uses public key for encryption and private key for decryption.

Question 28

Explain SSL Encryption and SSL handshake.

Answer 28

SSL stand for Secure Socket Layer which encrypts connections between Web Servers and Browsers.

1. Client browser requests for SSL certificate from server
2. Server responds with its SSL certificate containing public key and who the certificate was signed by
3. Client then process the certificate and check the signature of the certificate and then send its key encrypted by the public key.
4. Server can now send messages encrypted with your key for secure communication.

Question 29

What are some common Cyberattacks?

Answer 29

1. Malware
2. Phishing
3. Password Attacks
4. DDoS
5. Man in the Middle

Question 30

What is a Brute Force Attack? How can you prevent it?

Answer 30

A Brute Force Attack is when you repetitively trying different permutation of passwords for possible credentials

1. Increase password length
2. Increase password complexity
3. Set login attempts

Question 31

What is Port Scanning?

Answer 31

Port Scanning is a technique used to identify open ports on a host.

Techniques may include:

1. Ping Scan
2. TCP Half-Open
3. TCP Connect
4. UDP
5. Stealth Scanning

Question 32

What are the OWASP Top Ten

Answer 32

1. Broken Access Control - Failure to prevent users from accessing sensitive information. For example user can see robots.txt file.
2. Cryptographic Failures - Failure to encrypt data. For example not using HTTPS and using protocols such as HTTP or FTP.
3. Injection - Failure to stop XSS, SQL Injection attacks.
4. Insecure Design - Failure to design systems that are secure.
5. Security Misconfiguration
6. Vulnerable and Outdated Components
7. Identification and Authentication Failures
8. Software and Data Integrity Failures
9. Security Logging and Monitoring Failures
10. Server-Side Request Forgery

Question 33

SonicWall: firewall and network security appliance. What can you tell me about it? (3)

Answer 33

• Firewall protection
• Intrusion prevention
• Anti-malware
• Centralized management console for easy network management and monitoring

Question 34

• Cisco: networking and telecommunications equipment, including what exaclty?

Answer 34

• They make devices like switches and routers that help computers communicate with each other and share information
• They also make VoIP phones, which allow people to make phone calls over the internet instead of traditional phone lines

Question 35

Fortinet: network security solutions, including (3)

Answer 35

firewalls, VPNs, and intrusion prevention systems

Question 36

What is a firewall?

Answer 36

A firewall is like a security guard for a computer network. It checks all the information going in and out of the network to make sure it’s safe and blocks any unauthorized or dangerous traffic. It’s an important tool in protecting a network from hackers and other security threats. Firewalls can be placed at different points in a network, but they’re usually put at the perimeter between the internal network and the internet.

Question 37

What is the TCP Protocol three way handshake model?

Answer 37

The three messages transmitted by TCP to negotiate and start a TCP session are nicknamed SYN, SYN-ACK, and ACK for SYNchronize, SYNchronize-ACKnowledgement, and ACKnowledge respectively

Question 38

What is TCP/IP

Answer 38

TCP stands Transmission Control Protocol which deals with establishing a connection beteween computers before any datea is sent.

Used by protocols like HTTP, HTTPS, & FTP

Question 39

What is a Proxy?

Answer 39

Proxy can block access to certain websites but can also act as a measure of hiding the true origin in point of access.

Question 40

What is the loopback IP adress and what is it used for?

Answer 40

The loopback IP address is a special IP address that represents your own computer. It’s like talking to yourself. It’s used for testing network settings and making sure your computer is working properly.

If you ping this IP address and it completes successfully it means your hardware is okay.

Question 41

How does DHCP assign IP addresses to a device?

Answer 41

They are assigned Dynamically. If you connect a PC to a network it will get leased an IP addr and if you disconnect that address becomes available again

Question 42

What is SSH and port used?

Answer 42

SSH (Secure Shell) is a secure way to connect to and control another computer over the internet. It uses encryption to keep your data safe and can be used to remotely manage servers, transfer files, and access other resources on a network over port 22.

Question 43

What is the Job of the network layer?

Answer 43

The job of the network layer is to manage and route data between different devices on a network. It’s like a traffic cop, making sure data goes where it needs to go and doesn’t get lost along the way. It’s essential to how devices communicate and shares information on a network.

Question 44

What is a subnet mask?

Answer 44

A subnet mask is a way to divide a larger network into smaller subnetworks. It’s like dividing a city into neighborhoods to make it easier to manage and navigate.

The subnet mask tells devices on the network which part of the address identifies the network and which part identifies the specific device. This helps prevent devices from sending data to the wrong place and ensures that data is delivered efficiently.

Question 45

Can you tell me the difference between a workgroup and a domain?

Answer 45

A workgroup is a collection of computers on a network that share resources, such as files and printers.

A domain is a group of computers and users that are managed by a central server. A domain provides centralized authentication and management, while a workgroup is more decentralized.

Question 46

Ping:

Answer 46

This command is used to test the connectivity between two devices on a network. It sends a small packet of data to the target device and waits for a response.

Question 47

Traceroute:

Answer 47

This command is used to trace the path that packets take from one device to another on a network. It shows the IP addresses of each device along the way.

Question 48

Ipconfig:

Answer 48

This command is used to view the IP address configuration of a device on a network. It shows the device’s IP address, subnet mask, and default gateway.

Question 49

Netstat:

Answer 49

This command is used to view active network connections and their status. It shows which ports are open and which programs are using them.

Question 50

Nslookup:

Answer 50

This command is used to query DNS servers to resolve domain names to IP addresses. It can be used to troubleshoot DNS issues and verify DNS configurations.

Question 51

The hostname command

Answer 51

displays the hostname of the system. The hostname command is much easier to use than going into the system settings to search for it.

Question 52

systeminfo command

Answer 52

can access the system’s hardware and software details, such as processor data, booting data, Windows version, etc.

Question 53

What are some RMS that you’ve used?

Answer 53

Teamviewer, Microsoft RDS & Quick Assist, LogMeIn