Networking - 50 QnA

Networking connects devices to share data using protocols. Enables communication via LAN, WAN, or internet. Uses OSI or TCP/IP models for structure. Troubleshoot with ping, traceroute, or packet captures. Secure with firewalls and encryption. In 2025, focuses on zero trust and SD-WAN. Monitor for latency and packet loss. Interviewers expect knowledge of models and protocols.

OSI model is a 7-layer framework for networking. Layers: Physical, Data Link, Network, Transport, Session, Presentation, Application. Guides protocol design and troubleshooting. Troubleshoot with layer-specific tools (e.g., Wireshark). Secure each layer with appropriate controls. In 2025, used for zero trust segmentation. Monitor layer-specific issues for diagnostics. Interviewers may ask about layer functions and examples.

TCP/IP model is a 4-layer framework: Link, Internet, Transport, Application. Maps to OSI but is more practical for internet protocols. Supports IP, TCP, UDP, and application protocols. Troubleshoot with packet analysis and logs. Secure with IPsec, TLS, and firewalls. In 2025, aligns with SDN and zero trust. Monitor for protocol-specific issues. Interviewers expect comparison with OSI model.

IP address uniquely identifies devices on a network. IPv4 (32-bit, e.g., 192.168.1.1) or IPv6 (128-bit). Assigned statically or via DHCP. Troubleshoot with ipconfig and ARP tables. Secure with IP filtering and NAT. In 2025, IPv6 adoption grows for IoT. Monitor for IP conflicts or spoofing. Interviewers may ask about IPv4 vs. IPv6.

Subnet divides a network into smaller segments. Uses subnet masks to define network/host portions. Improves performance and security isolation. Troubleshoot with subnet calculator and routing tables. Secure with VLANs and ACLs. In 2025, subnets align with micro-segmentation. Monitor for misconfigured subnets. Interviewers expect subnetting calculations and CIDR.

MAC address is a 48-bit unique identifier for network interfaces. Operates at Data Link layer for local communication. Assigned by manufacturers, immutable in hardware. Troubleshoot with ARP cache and packet captures. Secure with MAC filtering and port security. In 2025, used in zero trust device identification. Monitor for MAC spoofing attempts. Interviewers may ask about MAC vs. IP addressing.

DHCP dynamically assigns IP addresses to devices. Uses DORA process: Discover, Offer, Request, Acknowledge. Reduces manual configuration errors. Troubleshoot with DHCP logs and lease conflicts. Secure with DHCP snooping and IP binding. In 2025, supports IPv6 and zero trust policies. Monitor for rogue DHCP servers. Interviewers expect details on DHCP scope and options.

DNS resolves domain names to IP addresses. Uses hierarchical servers: root, TLD, authoritative. Supports A, CNAME, MX, and TXT records. Troubleshoot with nslookup and dig commands. Secure with DNSSEC and query filtering. In 2025, enhances with AI-driven DNS analytics. Monitor for DNS poisoning or hijacking. Interviewers may ask about DNS resolution process.

Router forwards packets between networks at Layer 3. Uses routing tables and protocols (e.g., OSPF, BGP). Connects LANs to WANs or internet. Troubleshoot with show ip route and logs. Secure with ACLs and BGP filtering. In 2025, routers support SD-WAN and zero trust. Monitor for routing loops and latency. Interviewers expect knowledge of routing protocols.

Switch connects devices within a LAN at Layer 2. Uses MAC addresses for frame forwarding. Supports VLANs for network segmentation. Troubleshoot with port status and spanning tree. Secure with port security and 802.1X. In 2025, switches enable micro-segmentation. Monitor for broadcast storms and loops. Interviewers may ask about managed vs. unmanaged switches.

Firewall controls network traffic based on rules. Operates at Layers 3-7, stateful or stateless. Blocks unauthorized access, allows defined traffic. Troubleshoot with packet filtering logs and rules. Secure with deny-by-default and DMZ. In 2025, integrates with zero trust and AI. Monitor for rule violations and anomalies. Interviewers expect details on firewall types and policies.

NAT translates private IPs to public IPs for internet access. Uses PAT for port-based multiplexing. Conserves IPv4 addresses, hides internal topology. Troubleshoot with NAT table and logs. Secure with static NAT and ACLs. In 2025, NAT supports IPv6 transitions. Monitor for NAT overload and misconfigurations. Interviewers may ask about NAT types and limitations.

VLAN segments a network logically without separate hardware. Uses 802.1Q tagging for traffic isolation. Improves performance and security. Troubleshoot with VLAN misconfiguration and trunking. Secure with private VLANs and access controls. In 2025, VLANs align with zero trust segmentation. Monitor for VLAN hopping attacks. Interviewers expect VLAN setup and tagging details.

TCP is a reliable, connection-oriented Transport layer protocol. Ensures delivery with handshakes, retransmissions, and flow control. Uses ports for application multiplexing. Troubleshoot with Wireshark and TCP flags. Secure with TLS for encrypted sessions. In 2025, optimizes for high-latency networks. Monitor for TCP resets and congestion. Interviewers may ask about TCP handshake and states.

UDP is a connectionless, lightweight Transport layer protocol. Used for low-latency apps like DNS and streaming. No retransmission or flow control. Troubleshoot with packet loss and application logs. Secure with DTLS for encryption. In 2025, supports real-time IoT traffic. Monitor for UDP flooding attacks. Interviewers expect UDP vs. TCP trade-offs.

IPsec secures IP communications with encryption and authentication. Uses AH for integrity, ESP for confidentiality. Supports site-to-site and remote-access VPNs. Troubleshoot with IKE logs and SA errors. Secure with strong ciphers and key exchange. In 2025, adopts post-quantum algorithms. Monitor for IPsec tunnel failures. Interviewers may ask about AH vs. ESP and IKEv2.

SSL/TLS encrypts application-layer communications. Uses certificates for authentication and key exchange. TLS 1.3 improves security and performance. Troubleshoot with handshake errors and cipher mismatches. Secure with PFS and strong ciphers. In 2025, supports post-quantum cryptography. Monitor for deprecated protocol usage. Interviewers expect TLS handshake and cipher details.

VPN creates secure tunnels over public networks. Uses IPsec, SSL, or WireGuard for encryption. Enables remote access and site-to-site connectivity. Troubleshoot with tunnel logs and auth failures. Secure with MFA and split tunneling. In 2025, aligns with zero trust access. Monitor for unauthorized VPN connections. Interviewers may ask about VPN protocols and scaling.

ARP maps IP addresses to MAC addresses in LANs. Operates at Data Link layer for local routing. Vulnerable to ARP spoofing attacks. Troubleshoot with ARP cache and packet captures. Secure with ARP inspection and static entries. In 2025, used in zero trust device validation. Monitor for ARP poisoning attempts. Interviewers expect ARP process and security risks.

BGP is an exterior gateway protocol for inter-domain routing. Exchanges routing info between autonomous systems. Uses path attributes for route selection. Troubleshoot with BGP neighbor and route logs. Secure with RPKI and BGPsec. In 2025, enhances with AI-driven route optimization. Monitor for route leaks and hijacks. Interviewers may ask about BGP attributes and security.

OSPF is an interior gateway protocol using link-state routing. Builds topology maps for shortest-path routing. Supports areas for scalability in large networks. Troubleshoot with LSA errors and neighbor issues. Secure with MD5 authentication and ACLs. In 2025, integrates with SDN controllers. Monitor for OSPF convergence issues. Interviewers expect OSPF area types and metrics.

Software-Defined Networking (SDN) decouples control and data planes. Centralizes network management via controllers. Enables programmable and dynamic configurations. Troubleshoot with controller logs and flow tables. Secure with encrypted control channels. In 2025, drives zero trust and AI automation. Monitor for controller failures and misconfigs. Interviewers may ask about SDN vs. traditional networking.

SD-WAN optimizes WAN traffic with software-defined routing. Uses overlay tunnels for cost-effective connectivity. Prioritizes traffic based on application needs. Troubleshoot with tunnel health and QoS logs. Secure with encrypted tunnels and zero trust. In 2025, integrates AI for traffic optimization. Monitor for latency and tunnel drops. Interviewers expect SD-WAN benefits and deployment.

Zero trust assumes no implicit trust, verifies all access. Uses identity, device, and context-based policies. Implements micro-segmentation and least privilege. Troubleshoot with policy enforcement and logs. Secure with MFA and continuous monitoring. In 2025, leverages AI for dynamic policies. Monitor for unauthorized access attempts. Interviewers may ask about zero trust principles and tools.

DMZ is a network segment for public-facing services. Isolates servers from internal networks for security. Uses firewalls to control inbound/outbound traffic. Troubleshoot with firewall rules and NAT issues. Secure with hardened servers and monitoring. In 2025, aligns with zero trust segmentation. Monitor for DMZ breaches and misconfigs. Interviewers expect DMZ design and security practices.

Packet sniffer captures and analyzes network traffic. Tools like Wireshark decode protocol details. Used for troubleshooting and security analysis. Troubleshoot with capture filters and packet loss. Secure with restricted access to sniffing tools. In 2025, integrates AI for anomaly detection. Monitor for unauthorized sniffing attempts. Interviewers may ask about sniffer use cases and ethics.

Port scanning probes for open ports on devices. Used for vulnerability assessment or attacks. Tools like Nmap identify services and OS. Troubleshoot with scan logs and false positives. Secure with firewall rules and IDS/IPS. In 2025, AI enhances scan detection. Monitor for unauthorized scans and patterns. Interviewers expect scanning techniques and mitigation.

DDoS overwhelms networks or servers with traffic. Types: volumetric, protocol, application-layer attacks. Mitigated with rate limiting and CDN protection. Troubleshoot with traffic logs and mitigation tools. Secure with DDoS protection services. In 2025, AI improves DDoS detection. Monitor for traffic spikes and anomalies. Interviewers may ask about DDoS types and defenses.

DNSSEC secures DNS with digital signatures. Prevents DNS spoofing and cache poisoning. Uses RRSIG and DNSKEY records for validation. Troubleshoot with DNSSEC chain errors and logs. Secure with key rotation and ZSK/KSK. In 2025, supports post-quantum signatures. Monitor for DNSSEC validation failures. Interviewers expect DNSSEC setup and key management.

802.1X authenticates devices for network access. Uses EAP with RADIUS or TACACS+ servers. Enforces port-based access control. Troubleshoot with EAP logs and auth failures. Secure with strong EAP methods and certificates. In 2025, aligns with zero trust policies. Monitor for unauthorized port access. Interviewers may ask about EAP types and deployment.

NIDS monitors traffic for malicious activity. Uses signatures or anomaly-based detection. Alerts on suspicious packets or patterns. Troubleshoot with false positives and rules. Secure with encrypted management channels. In 2025, leverages AI for advanced detection. Monitor for missed or false alerts. Interviewers expect NIDS vs. NIPS differences.

NIPS actively blocks malicious traffic based on rules. Extends NIDS with inline blocking capabilities. Supports deep packet inspection (DPI). Troubleshoot with blocked legitimate traffic. Secure with updated signatures and policies. In 2025, integrates AI for real-time blocking. Monitor for performance and false positives. Interviewers may ask about NIPS deployment modes.

Micro-segmentation isolates workloads at a granular level. Uses software-defined policies for zero trust. Reduces lateral movement in breaches. Troubleshoot with policy conflicts and logs. Secure with least privilege and encryption. In 2025, AI optimizes segmentation policies. Monitor for policy violations and anomalies. Interviewers expect micro-segmentation benefits and tools.

Proxy server intermediates client-server communications. Provides caching, filtering, and anonymity. Types: forward, reverse, and transparent proxies. Troubleshoot with proxy logs and connection errors. Secure with authentication and TLS inspection. In 2025, supports zero trust access control. Monitor for proxy bypass attempts. Interviewers may ask about proxy types and security.

DPI analyzes packet payloads for security or QoS. Detects malware, protocols, or application patterns. Used in firewalls, NIPS, and traffic shapers. Troubleshoot with DPI performance and false positives. Secure with encrypted inspection channels. In 2025, AI enhances DPI accuracy. Monitor for privacy and performance issues. Interviewers expect DPI use cases and risks.

NAT overload (PAT) maps multiple private IPs to one public IP. Uses ports to differentiate connections. Scales small networks with limited public IPs. Troubleshoot with port exhaustion and logs. Secure with ACLs and timeout tuning. In 2025, supports IPv6 NAT scenarios. Monitor for NAT table overflows. Interviewers may ask about PAT limitations and scaling.

Load balancer distributes traffic across servers for scalability. Uses algorithms like round-robin or least connections. Supports health checks and session persistence. Troubleshoot with balancer logs and health probes. Secure with TLS termination and ACLs. In 2025, integrates with AI-driven traffic routing. Monitor for load imbalance and failures. Interviewers expect load balancing algorithms and types.

MPLS routes packets using labels instead of IP addresses. Provides QoS and traffic engineering for WANs. Supports VPNs and low-latency paths. Troubleshoot with label stack and LSP issues. Secure with LDP authentication and encryption. In 2025, competes with SD-WAN for cost efficiency. Monitor for label switching failures. Interviewers may ask about MPLS vs. SD-WAN trade-offs.

Quality of Service (QoS) prioritizes network traffic. Uses queuing, shaping, and policing for performance. Ensures low latency for critical apps. Troubleshoot with QoS policy and bandwidth logs. Secure with policy enforcement and monitoring. In 2025, AI optimizes QoS policies. Monitor for QoS misconfigs and drops. Interviewers expect QoS mechanisms and use cases.

Network segmentation divides networks for security and performance. Uses VLANs, subnets, or firewalls for isolation. Reduces attack surface and congestion. Troubleshoot with routing and ACL issues. Secure with strict policies and monitoring. In 2025, aligns with zero trust micro-segmentation. Monitor for segmentation breaches. Interviewers may ask about segmentation strategies.

MITM intercepts communications to steal data or impersonate. Exploits ARP, DNS, or unencrypted channels. Mitigated with TLS, IPsec, and DNSSEC. Troubleshoot with packet captures and logs. Secure with certificate pinning and encryption. In 2025, AI detects MITM anomalies. Monitor for session hijacking attempts. Interviewers expect MITM detection and prevention.

NAC enforces policies for device network access. Uses 802.1X, VLAN assignment, or quarantining. Ensures compliance with security standards. Troubleshoot with NAC policy and auth logs. Secure with strong authentication and monitoring. In 2025, integrates with zero trust frameworks. Monitor for unauthorized device access. Interviewers may ask about NAC deployment and policies.

Resource Public Key Infrastructure (RPKI) secures BGP routing. Uses certificates to validate route origins. Prevents BGP hijacks and route leaks. Troubleshoot with RPKI validator and logs. Secure with signed ROAs and key rotation. In 2025, supports post-quantum signatures. Monitor for invalid route announcements. Interviewers expect RPKI setup and benefits.

Honeypot is a decoy system to detect or study attacks. Mimics real services to attract malicious activity. Logs attacker behavior for analysis. Troubleshoot with honeypot logs and false positives. Secure with isolation and monitoring. In 2025, AI enhances honeypot deception. Monitor for honeypot interactions and alerts. Interviewers may ask about honeypot types and uses.

Network traffic analysis monitors flows for performance and security. Uses NetFlow, sFlow, or packet captures. Detects anomalies, bottlenecks, or attacks. Troubleshoot with flow data and analysis tools. Secure with encrypted collection channels. In 2025, AI improves traffic anomaly detection. Monitor for unusual traffic patterns. Interviewers expect analysis tools and use cases.

Network tap copies traffic for monitoring or analysis. Provides passive, non-intrusive packet capture. Used for IDS, performance, or forensics. Troubleshoot with tap configuration and packet loss. Secure with restricted access to tap data. In 2025, supports high-speed 400G taps. Monitor for tap failures and overload. Interviewers may ask about tap vs. SPAN differences.

VLAN hopping bypasses VLAN isolation to access restricted traffic. Exploits double-tagging or switch spoofing. Mitigated with proper trunking and tagging controls. Troubleshoot with VLAN logs and packet captures. Secure with disabled auto-trunking and DTP. In 2025, zero trust reduces hopping risks. Monitor for unauthorized VLAN access. Interviewers expect VLAN hopping mitigation strategies.

Network sandbox analyzes suspicious files or traffic in isolation. Detonates malware to study behavior securely. Used in advanced threat detection systems. Troubleshoot with sandbox logs and timeouts. Secure with isolated environments and encryption. In 2025, AI enhances sandbox analysis. Monitor for sandbox evasion attempts. Interviewers may ask about sandbox integration and limits.

Network encryption secures data in transit using protocols. Includes IPsec, TLS, and WireGuard for confidentiality. Protects against eavesdropping and tampering. Troubleshoot with encryption handshake errors. Secure with strong ciphers and key management. In 2025, adopts post-quantum cryptography. Monitor for deprecated cipher usage. Interviewers expect encryption protocols and key exchange.

In 2025, networking embraces zero trust and SD-WAN. AI optimizes routing, QoS, and security detection. Post-quantum cryptography secures protocols. Troubleshoot with AI-driven analytics and logs. Secure with micro-segmentation and encryption. Monitor for emerging threats and performance. Interviewers may probe AI integration and zero trust adoption.