Top 100 CCNA Interview Questions and Answers

  • By Samir Khatib
  • February 26, 2025
  • CCNA
Top 100 CCNA Interview Questions and Answers

Top 100 CCNA Interview Questions and Answers

Prepare for your CCNA interview with our Top 100 CCNA Interview Questions and Answers. Get expert insights and boost your networking career with confidence!

 

1. Explain the OSI model and its seven layers. 

The OSI (Open Systems Interconnection) model is a framework that standardizes network communication  into seven layers

Physical Layer – Deals with raw data transmission (cables, hubs, signals). 

Data Link Layer – Handles MAC addresses, switches, and error detection (Ethernet, VLANs).

Network Layer – Manages IP addressing, routing, and packet forwarding (Routers, IPv4, IPv6).

Transport Layer – Ensures reliable or fast communication (TCP/UDP, port numbers).

Session Layer – Manages and maintains communication sessions (Authentication, session checkpoints).

Presentation Layer – Converts data formats and encryption (JPEG, ASCII, TLS). 

Application Layer – Provides network services to users (HTTP, FTP, DNS, SMTP). 

 

2. What is the difference between TCP and UDP? 

Feature 

Reliability 

Speed 

Use Cases 

TCP (Transmission Control Protocol) UDP (User Datagram Protocol) Connectionless 

Unreliable (no acknowledgments) Faster, less overhead 

Streaming, VoIP, gaming

Connection Type Connection-oriented 
Reliable (uses acknowledgments) 
Slower due to error checking 
Web browsing, email, file transfer 

 

3. How does ARP (Address Resolution Protocol) work? 

ARP maps an IP address to a MAC address in a local network. When a device needs to send data to another device, it sends an ARP request asking for the MAC address of the target IP. The target responds with an ARP  reply, allowing communication.

 

4. What is the difference between a hub, switch, and router? 

Hub 

Switch Router 

Device Function  Works at OSI Layer Layer 1 (Physical)  

Layer 3 (Network)

Broadcasts data to all connected devices 
Sends data only to the intended recipient using MAC addresses Layer 2 (Data Link)
Routes data between different networks using IP addresses 

 

5. Explain Subnetting and how it helps in network management. 

Subnetting divides a large network into smaller sub-networks to optimize performance and enhance security.  It helps by: 

Reducing network congestion 

Efficiently allocating IP addresses 

Improving security by isolating devices 

Enhancing routing performance 

Example: 

192.168.1.0/24 (256 addresses) can be subnetted into 

192.168.1.0/26, 192.168.1.64/26, 192.168.1.128/26, etc.

 

6. What is a VLAN, and how does it work? 

A VLAN (Virtual Local Area Network) groups devices logically, even if they are on different physical networks.  It improves security and efficiency by isolating traffic. VLANs operate at Layer 2 of the OSI model. Example: 

VLAN 10: Finance Department 

VLAN 20: HR Department 

VLAN 30: IT Department 

Switches use 802.1Q tagging to allow VLAN communication over trunk links.

 

7. What is the difference between IPv4 and IPv6? 

Feature 

Address Length Address Example 192.168.1.1 Address Space Security 

Configuration 

IPv4  IPv6 

128-bit 

2001:db8::1 

~4.3 billion addresses 340 undecillion addresses Includes IPsec for security Auto-configuration supported

32-bit 
Less built-in security 
DHCP, static 

 

8. Explain CIDR (Classless Inter-Domain Routing). 

CIDR replaces classful addressing to use IP addresses more efficiently. It allows flexible Subnetting using subnet masks (e.g., 192.168.1.0/24). 

Example: 

Instead of using Class A (255.0.0.0), we can use /16, /24, etc. to allocate only the needed IPs.

 

9. What is a default gateway? 

A default gateway is a router or device that forwards traffic to other networks when a destination is not found in the local subnet. 

Example: 

PC: 192.168.1.10 

Default Gateway: 192.168.1.1 (Router)

 

10. What are private and public IP addresses? 

Private IPs: Used within local networks (e.g., 192.168.x.x, 10.x.x.x). Not routable on the internet. Public IPs: Unique addresses assigned by ISPs for internet communication.

 

11. What is NAT (Network Address Translation), and how does it work? 

NAT allows multiple devices in a private network to access the internet using one public IP. Static NAT: One-to-one mapping of private to public IPs. 

Dynamic NAT: Uses a pool of public IPs. 

PAT (Port Address Translation): Maps multiple private IPs to a single public IP using port numbers.

 

12. Explain the differences between broadcast, unicast, and multicast. 

Type 

Broadcast Unicast 

Multicast 

Description  Example 

ARP request 

Web browsing 

Sends data to all devices in a network 
Sends data to a single recipient 
Sends data to multiple selected recipients Video conferencing

 

13. How does DHCP work, and what are its benefits? 

DHCP (Dynamic Host Configuration Protocol) automatically assigns IP addresses, subnet masks, and gateways  to devices. 

Steps: 

Discovery – The client requests an IP. 

Offer – The server provides an available IP. 

Request – The client accepts the IP. 

Acknowledgment – The server confirms the lease. 

Benefits: 

Reduces manual configuration. 

Prevents IP conflicts. 

Centralized network management.

 

14. What is the function of a DNS server? 

DNS (Domain Name System) translates domain names (e.g., google.com) into IP addresses (e.g.,  142.250.74.46). 

Example: 

User enters: www.example.com 

DNS Resolves: 192.168.1.5

 

15. What is a loopback address, and when is it used? 

A loopback address (127.0.0.1 in IPv4,::1 in IPv6) is used to test a device’s own network interface. Example: ping 127.0.0.1 checks if TCP/IP is working.

 

16. Explain STP (Spanning Tree Protocol) and its role in networking. 

STP prevents loops in Ethernet networks by disabling redundant paths. It uses the BPDU (Bridge Protocol Data  Unit) and selects a Root Bridge to control path selection.

 

17. What are collision and broadcast domains? 

Collision Domain: A network segment where data collisions occur (hub-based networks). Broadcast Domain: A segment where broadcasts reach all devices (separated by routers). Switches reduce collisions, and routers reduce broadcasts.

 

18. What is MAC addressing, and why is it important? 

A MAC address is a unique 48-bit hardware address for network devices. It is essential for switching and local network communication

Example: 00:1A:2B:3C:4D:5E

 

19. What is the purpose of a trunk port? 

A trunk port allows multiple VLANs to pass through a single physical connection using 802.1Q tagging.

 

20. How do you check the network speed between two devices? 

Ping: ping -n 10 <IP> (checks latency) 

iPerf: iperf -c <server IP> (measures bandwidth) 

Traceroute: tracert <destination> (checks path performance)

 

21. What is the difference between static and dynamic routing? 

Feature 

Configuration Adaptability 

Overhead 

Use Case 

Static Routing  Dynamic Routing 

Automatically updates routes 

Adapts to network changes dynamically 

Higher CPU and memory usage due to routing protocol  calculations 

Large, complex networks

Manually configured by admin 
Does not change unless modified  manually 
Low CPU and memory usage
Small, stable networks 

 

Example: 

Static Route: ip route 192.168.2.0 255.255.255.0 192.168.1.1 

Dynamic Route (OSPF): router ospf 1

 

22. Explain how OSPF works and its advantages. 

OSPF (Open Shortest Path First) is a link-state routing protocol that finds the best path using Dijkstra’s algorithm

How It Works: 

Routers exchange LSAs (Link-State Advertisements)

Each router builds a topology database

The best path is calculated using Dijkstra’s SPF algorithm

OSPF updates only changes (not entire routing tables), improving efficiency. 

Advantages of OSPF:

Fast convergence 

Uses cost as a metric (based on bandwidth) 

Supports VLSM and CIDR 

Scales well with multiple areas

 

23. What are the differences between OSPF, EIGRP, and RIP? 

Feature 

Type 

Metric 

Convergence Fast Scalability 

OSPF  EIGRP  RIP 

Distance-vector 

Hop count 

Slow 

Low (limited to 15 hops)

Link-state  Hybrid (Distance-vector + Link-state) 
Cost (Bandwidth)  Composite (Bandwidth, Delay) 
Faster than OSPF 
High (supports multi-area) Medium 

 

24. What is the purpose of BGP, and where is it used? 

BGP (Border Gateway Protocol) is an exterior gateway protocol used to route traffic between ISPs and large networks (the Internet)

Uses Path Vector routing 

Exchanges prefix information 

Avoids loops using the AS-path attribute 

Example: 

Internet Service Providers (ISPs) use BGP to exchange routing information between autonomous systems (AS).

 

25. How does a router determine the best path to a destination? 

A router chooses the best path based on: 

Administrative Distance (AD) – Reliability of the routing source 

Routing Protocol Metric – Distance (hop count, bandwidth, delay, cost) 

Longest Prefix Match (LPM) – Most specific subnet mask wins 

Backup Routes – Used if the primary fails

 

26. What is a default route, and when is it used? 

A default route is a catch-all route when no specific match is found. 

Example: 

ip route 0.0.0.0 0.0.0.0 192.168.1.1 

Used in small networks and edge routers connecting to ISPs.

 

27. What is a floating static route? 

A floating static route is a backup static route with a higher administrative distance (AD) than the primary route. 

Example: 

ip route 192.168.2.0 255.255.255.0 192.168.1.1 10 

The AD of 10 makes it a backup to a primary dynamic route.

 

28. What is VTP (VLAN Trunking Protocol), and how does it work? 

VTP automates VLAN distribution across switches. 

Server Mode: Creates/modifies VLANs 

Client Mode: Receives VLAN updates 

Transparent Mode: Forwards updates but does not apply them 

Prevents VLAN misconfigurations but can overwrite VLAN databases if not careful.

 

29. What is EtherChannel, and why is it used? 

EtherChannel bundles multiple physical links into a single logical link for: 

Higher bandwidth 

Redundancy 

Load balancing 

Protocols:

LACP (Link Aggregation Control Protocol) – IEEE standard 

PAgP (Port Aggregation Protocol) – Cisco proprietary

 

30. What is HSRP (Hot Standby Router Protocol)? 

HSRP provides router redundancy by creating a virtual IP shared by multiple routers. How It Works: 

Active Router handles traffic. 

Standby Router takes over if the active router fails. 

Example: 

standby 1 ip 192.168.1.1

 

31. What is the difference between a Layer 2 and a Layer 3 switch? 

Feature 

Routing 

Uses 

Layer 2 Switch Layer 3 Switch  

Yes (Inter-VLAN Routing) MAC addresses MAC & IP addresses

Works On Data Link Layer Network Layer
No 

 

32. What is route summarization, and why is it important? 

Route summarization reduces routing table size by combining multiple routes. 

Example: 

Instead of 10 routes like 192.168.1.0/24, 192.168.2.0/24, use 192.168.0.0/22

Saves memory 

Reduces CPU load 

Improves convergence

 

33. What is the administrative distance? 

Administrative Distance (AD) defines the trustworthiness of routing sources. 

Protocol 

Directly Connected 0Static Route 

EIGRP 

OSPF 

RIP 

AD 

 

90 

110 120

 

Lower AD = More trusted route.

 

34. How does STP prevent network loops? 

STP (Spanning Tree Protocol) blocks redundant paths and prevents loops using: 

BPDU (Bridge Protocol Data Unit) messages 

Root Bridge election 

Blocking & Forwarding states

 

35. What is BPDU, and what role does it play in STP? 

BPDU (Bridge Protocol Data Unit) is a control message sent by switches to detect loops and elect the Root  Bridge

BPDU Guard protects against rogue switches.

 

36. What is a stub area in OSPF? 

A stub area in OSPF blocks external routes (Type 5 LSAs) to reduce routing table size. Used to simplify routing in branch offices.

 

37. What is the difference between single-area and multi-area OSPF? 

Feature 

Areas 

Routing Table Larger Use Case 

Single-Area OSPF Multi-Area OSPF Multiple areas with Area 0 as backbone Smaller (Better scalability) 

Large networks

Only Area 0 
Small networks 

 

38. How does ECMP (Equal Cost Multi-Path) work in routing? 

ECMP allows multiple best paths with the same metric. 

Improves load balancing 

Used in OSPF, EIGRP, and BGP 

Example: 

If two routes have equal cost, both are used for traffic forwarding.

 

39. What is an access port vs. a trunk port? 

Port Type Access Port Trunk Port  Function  VLAN Support 

 

Multiple VLANs (Tagged with 802.1Q)

Connects to a single VLAN One VLAN
Passes multiple VLANs 

 

40. How do you troubleshoot VLAN misconfigurations? 

Check VLAN assignments: show vlan brief 

Verify trunk status: show interfaces trunk 

Ensure correct native VLAN: show running-config 

Use ping & traceroute for connectivity tests

 

41. What is an ACL (Access Control List), and how does it work? 

An Access Control List (ACL) is a set of rules used to filter network traffic by permitting or denying packets based on source/destination IP, protocol, or port. 

Types of ACLs: 

Standard ACL – Filters based on source IP only 

Extended ACL – Filters based on source/destination IP, port, and protocol 

Example of an ACL: 

access-list 101 deny tcp 192.168.1.0 0.0.0.255 any eq 23 

access-list 101 permit ip any any 

interface GigabitEthernet0/1 

ip access-group 101 in 

This blocks Telnet (port 23) from 192.168.1.0/24 but allows all other traffic.

 

42. What is port security, and how does it protect a network? 

Port security restricts MAC addresses on a switch port, preventing unauthorized devices from connecting. Static – Manually assigns allowed MAC addresses 

Dynamic – Learns and limits MAC addresses automatically 

Sticky – Dynamically learns and saves MAC addresses in the configuration 

Example: 

switchport port-security 

switchport port-security maximum 2 

switchport port-security violation shutdown 

Prevents unauthorized access & MAC flooding attacks.

 

43. What is 802.1X authentication? 

IEEE 802.1X is port-based authentication that uses: 

Supplicant (User device) – Requests network access 

Authenticator (Switch/AP) – Passes authentication request 

Authentication Server (RADIUS/TACACS+) – Grants or denies access

Prevents unauthorized access 

Used in corporate Wi-Fi & wired networks

 

44. How does a firewall work, and what are its different types? 

A firewall controls traffic between networks based on rules and policies

Types of Firewalls: 

Packet Filtering Firewall – Filters traffic by IP, port, and protocol 

Stateful Firewall – Tracks connection states 

Application Firewall – Inspects application-layer traffic (e.g., HTTP, FTP) 

Next-Gen Firewall (NGFW) – Includes IDS/IPS, deep packet inspection

 

45. What is the difference between stateful and stateless firewalls? 

Feature  Stateful Firewall  Stateless Firewall
Tracks Connections Yes  No
Security Level  Higher  Lower
Performance  Slightly slower  Faster
Example  Cisco ASA, Palo Alto ACL-based firewall

 

Stateful firewalls remember connections and allow only valid responses

Stateless firewalls filter based on rules but do not track sessions.

 

46. How does VPN (Virtual Private Network) encryption work? 

VPN encrypts data before transmission over a public network, ensuring secure communication. Types of VPN Encryption: 

IPsec (Internet Protocol Security) – Encrypts entire packet (L2TP/IPsec, IKEv2) 

SSL (Secure Sockets Layer) – Encrypts application traffic (e.g., OpenVPN) 

Uses AES (Advanced Encryption Standard) or 3DES encryption.

 

47. What is the difference between IPS and IDS? 

Feature IDS (Intrusion Detection System) IPS (Intrusion Prevention System) 

Function  Detects threats  Blocks threats
Placement Monitors traffic  Inline with traffic
Action  Alerts admin  Automatically blocks attacks
Example  Snort (IDS)  Cisco Firepower (IPS)

 

IDS is passive, while IPS is active in blocking threats.

 

48. What is DHCP snooping? 

DHCP Snooping prevents rogue DHCP servers from assigning malicious IP addresses. Trusted Ports – Allow legitimate DHCP responses 

Untrusted Ports – Block unauthorized DHCP replies 

Prevents DHCP spoofing & MITM attacks 

Example: 

ip dhcp snooping 

ip dhcp snooping vlan 10 

interface GigabitEthernet0/1 

ip dhcp snooping trust 

Protects against DHCP-related attacks.

 

49. What is ARP spoofing, and how do you prevent it? 

ARP Spoofing is an attack where a hacker poisons the ARP table, redirecting traffic to a malicious device. Prevention Methods: 

Dynamic ARP Inspection (DAI) 

Use static ARP entries

Enable port security 

Example (DAI Configuration): 

ip arp inspection vlan 10 

interface GigabitEthernet0/1 

ip arp inspection trust 

Prevents attackers from intercepting traffic.

 

50. How does MAC filtering improve network security? 

MAC filtering allows or blocks devices based on their MAC addresses

Used in Wi-Fi networks, switches, and firewalls

Limits access to only authorized devices. 

Example (Wi-Fi MAC Filtering): 

Whitelist: Only allowed MACs can connect 

Blacklist: Block specific MACs 

Prevents unauthorized devices from connecting.

 

51. What is VLAN hopping, and how can it be prevented? 

VLAN hopping allows attackers to send traffic into another VLAN using: 

Switch Spoofing – Imitating a switch 

Double Tagging – Injecting extra VLAN tags 

Prevention Methods: 

Disable DTP (Dynamic Trunking Protocol) 

Manually set trunk ports 

Use VLAN Access Control Lists (VACLs) 

Example: 

switchport mode access 

switchport nonegotiate 

Prevents unauthorized VLAN access.

 

52. What are the different types of NAT? 

Static NAT – One-to-one mapping of private to public IP 

Dynamic NAT – Maps multiple private IPs to a pool of public IPs 

PAT (Port Address Translation) – Multiple private IPs use one public IP with different ports PAT (also called NAT Overload) is the most common type used in home and office networks.

 

53. What are TACACS+ and RADIUS? 

Feature 

Protocol 

Encryption Function 

Vendor 

TACACS+  RADIUS 

UDP 

Encrypts only password  

Open Standard

TCP 
Encrypts full packet 
Used for network device authentication Used for user authentication
Cisco Proprietary 

 

TACACS+ – Used for device management (CLI access) 

RADIUS – Used for Wi-Fi authentication & remote access

 

54. What is a DMZ (Demilitarized Zone) in network security? 

A DMZ (Demilitarized Zone) is a network segment that isolates public-facing servers (e.g., web, mail servers)  from the internal LAN. 

Prevents direct access to private networks. 

Placed between two firewalls for added security.

 

55. How do you protect a network from DDoS attacks? 

Rate Limiting – Limits traffic to prevent overload 

ACLs & Firewalls – Block malicious IPs

Intrusion Prevention Systems (IPS) – Detects & stops DDoS patterns 

Cloud-based DDoS Protection – Uses external services like Cloudflare 

A combination of these methods is the best defense against DDoS attacks.

 

56. What tools do you use for network monitoring? 

Network monitoring tools help in tracking network performance, identifying issues, and ensuring optimal  operation. 

Popular Network Monitoring Tools: 

PRTG Network Monitor – Monitors traffic, bandwidth, and device health. 

SolarWinds NPM – Advanced network performance monitoring. 

Nagios – Open-source network and server monitoring. 

Zabbix – Real-time monitoring of network devices. 

Wireshark – Packet capture and analysis tool. 

ManageEngine OpManager – Monitors routers, switches, and firewalls. 

NetFlow Analyzer – Traffic analysis and flow monitoring.

 

57. How does SNMP (Simple Network Management Protocol) work? 

SNMP is used to manage and monitor network devices like routers, switches, and servers. Components of SNMP: 

SNMP Manager – Central system that requests information from devices. 

SNMP Agent – Software running on network devices to provide data. 

MIB (Management Information Base) – Database of network performance metrics. SNMP Versions: 

SNMPv1 – Basic, no encryption. 

SNMPv2c – Improved performance, still no security. 

SNMPv3 – Adds authentication and encryption. 

How It Works: 

SNMP Manager sends a request to the Agent

Agent retrieves the requested data and sends a response. 

The Manager analyzes and logs the data.

 

58. What is Syslog, and why is it used? 

Syslog is a logging protocol used to collect and store logs from network devices. Why is Syslog Used? 

Centralized log collection for easier troubleshooting. 

Helps track security events and network performance

Stores logs from routers, switches, firewalls, and servers

Syslog Levels (0-7): 

Level

Name  Description 

System unusable 

Immediate action needed Critical conditions 

Error conditions 

Potential issues 

Normal but significant events Informational Informational messages Debugging messages

Emergency 
Alert 
Critical 
Error 
Warning 
Notice 
Debug 

 

Example: 

logging host 192.168.1.10 

logging trap informational 

Sends logs to Syslog Server (e.g., Graylog, Splunk, ELK Stack).

 

59. How do you troubleshoot high network latency? 

High latency means delayed network response and can impact applications. Troubleshooting Steps: 

Check Ping & Traceroute – Identify slow hops. 

Analyze Bandwidth Usage – Monitor high traffic. 

Check QoS (Quality of Service) Policies – Ensure critical traffic is prioritized. Inspect Network Congestion – Reduce unnecessary traffic. 

Look for Faulty Hardware – Test cables, routers, and switches. 

Example Ping Test: 

ping -n 10 8.8.8.8 

Example Traceroute: 

tracert 8.8.8.8 (Windows) 

traceroute 8.8.8.8 (Linux)

 

60. What are the main causes of packet loss? 

Packet loss occurs when data does not reach its destination. 

Common Causes: 

Network Congestion – Too much traffic on the network. 

Faulty Hardware – Damaged cables, switches, or routers. 

Wireless Interference – Signal degradation in Wi-Fi networks. 

Overloaded Firewalls – Too many active sessions. 

High Latency Links – Long-distance routing issues. 

Use Ping to Check Packet Loss: 

ping -c 100 8.8.8.8

 

61. How do you diagnose a network outage? 

Steps to Diagnose: 

Check Physical Connections – Cables, power, and LED status. 

Ping Gateway & External Sites – Verify connectivity. 

Check Router & Switch Logs – Look for errors. 

Use Traceroute – Find the failure point. 

Check Firewall Rules – Ensure traffic isn’t blocked. 

Verify ISP Connection – Contact the service provider.

 

62. What is a traceroute, and how is it useful? 

Traceroute shows the path packets take to reach a destination and helps identify delays or failures. Command Usage: 

tracert 8.8.8.8 (Windows) 

traceroute 8.8.8.8 (Linux) 

Helps detect network congestion, routing loops, or ISP issues.

 

63. How do you use Wireshark for packet analysis? 

Steps to Capture Packets: 

Open Wireshark and select an interface. 

Start Capture – Click “Start” and generate network traffic. 

Use Filters – Example: ip.addr == 192.168.1.1 

Analyze Traffic – Look for packet drops, retransmissions, or latency. 

Wireshark Filters: 

tcp.port == 80 → Show only HTTP traffic. 

icmp → Show only ping packets.

 

64. What is NetFlow, and how does it help in network monitoring? 

NetFlow is a Cisco protocol used to analyze traffic patterns and bandwidth usage. Benefits: 

Monitors which IPs are consuming bandwidth. 

Detects security threats and anomalies.

Helps with capacity planning

Example Configuration: 

ip flow-export destination 192.168.1.10 9996 

ip flow-export version 9 

interface GigabitEthernet0/1 

ip flow ingress

 

65. What are the key logs to check when troubleshooting a network issue? Critical Logs: 

Syslog – Device logs for errors and warnings. 

Firewall Logs – Check blocked traffic. 

Router & Switch Logs – Look for interface errors. 

Event Logs – Check Windows/Linux logs for authentication failures.

 

66. How do you troubleshoot a slow internet connection? Troubleshooting Steps: 

Check Bandwidth Usage – Identify heavy users. 

Test Speed – Use speedtest.net. 

Check for Packet Loss – Use ping -c 100 8.8.8.8. 

Examine Firewall Rules – Ensure traffic isn’t restricted. 

Reset Modem/Router – Restart devices.

 

67. What is the difference between a soft and hard network failure? Soft Failure – Performance degradation (e.g., high latency, packet loss). ✔ Hard Failure – Complete loss of network connectivity (e.g., link down).

 

68. How do you resolve a DNS resolution failure? 

Troubleshooting Steps: 

Check DNS Server Reachability – ping 8.8.8.8. 

Flush DNS Cache – ipconfig /flushdns. 

Manually Set DNS – Use Google DNS (8.8.8.8)

Check Firewall Rules – Ensure port 53 (DNS) is not blocked.

 

69. How do you monitor bandwidth usage on a network? Use Tools Like: 

PRTG Network Monitor 

NetFlow Analyzer 

Wireshark 

Example Using Linux: 

iftop -i eth0

 

70. What is network congestion, and how can it be mitigated? Causes: 

Too many users consuming bandwidth. 

Inefficient routing. 

Solutions: 

Implement QoS (Quality of Service)

Use load balancing

Upgrade network bandwidth.

 

71. What are the different types of Wi-Fi standards? 

Wi-Fi standards are defined by the IEEE 802.11 family and have evolved over time for better speed, security,  and efficiency. 

Standard 

802.11a 

802.11b 

802.11g 

802.11n (Wi-Fi 4) 

802.11ac (Wi-Fi 5) 

802.11ax (Wi-Fi 6 & 6E) 802.11be (Wi-Fi 7) 

Frequency  Max Speed Range  Features 

Less interference 

Prone to interference 

Compatible with 802.11b 

MIMO (Multiple Input, Multiple Output) Medium MU-MIMO (Multi-User MIMO) Medium OFDMA, BSS Coloring 

Medium Wider channels (320 MHz)

5 GHz  54 Mbps  Short 
2.4 GHz  11 Mbps  Long 
2.4 GHz  54 Mbps  Long 
2.4 & 5 GHz  600 Mbps  Long 
5 GHz  6.9 Gbps 
2.4, 5, & 6 GHz 9.6 Gbps 
2.4, 5, & 6 GHz 46 Gbps 

 

72. What is an SSID (Service Set Identifier)? 

An SSID is the name of a Wi-Fi network that allows users to identify and connect to a wireless network. Key Points: 

SSIDs are broadcasted by wireless routers or access points

They can be hidden (not publicly visible). 

Different SSIDs can be used to create separate networks (e.g., guest vs. corporate). 

Example: 

Home Wi-Fi SSID: Samir_WiFi_5G 

Office SSID: CompanyGuest & CompanyInternal

 

73. What is the difference between WPA2 and WPA3 security? 

Wi-Fi security is essential to protect networks from unauthorized access

Security Type 

WPA2 (Wi-Fi Protected  Access 2) 

WPA3 

Encryption Authentication  Security Features 

Susceptible to brute force attacks 

Stronger encryption, protection  against offline attacks

AES  Pre-Shared Key (PSK) or  

Enterprise (RADIUS) 

AES-256  Simultaneous Authentication of  Equals (SAE)

 

Key Benefits of WPA3: 

Better security against dictionary attacks. 

Stronger encryption using AES-256. 

Individualized encryption for open Wi-Fi networks.

 

74. How does a wireless access point (AP) work? 

A wireless access point (AP) extends network connectivity by providing Wi-Fi access to wired networks. How It Works: 

The AP is connected to a wired network (switch/router) via Ethernet. 

It broadcasts an SSID for wireless clients. 

Devices connect to the AP, which forwards traffic to the wired network. 

Types of APs: 

Standalone APs – Used in small networks (e.g., home, small office). 

Managed APs – Controlled by a wireless controller (e.g., Aruba, Cisco, UniFi).

 

75. What is the difference between 2.4 GHz and 5 GHz Wi-Fi? 

Wi-Fi operates on two primary frequency bands

Frequency Speed 2.4 GHz 

5 GHz 

Range  Interference  Best Use Cases 

High (crowded) IoT devices, larger coverage High-speed applications (streaming, gaming)

Lower  Longer 
Higher Shorter  Low 

 

2.4 GHz – Works better through walls, but slower. 

5 GHz – Faster but less range and blocked by walls.

 

76. How does wireless roaming work? 

Wireless roaming allows devices to switch between access points (APs) without disconnecting. How It Works: 

A device connects to an AP. 

When the signal weakens, it scans for a stronger AP. 

If another AP is stronger, the device switches to it seamlessly

Roaming Technologies: 

Fast Transition (802.11r) – Improves handoff time. 

802.11k & 802.11v – Help devices find better APs. 

Example: 

Walking through an office with multiple APs – the phone stays connected as it moves.

 

77. What is a mesh network? 

A mesh network is a system of interconnected access points that provide seamless Wi-Fi coverage. How It Works: 

Uses multiple nodes to extend coverage. 

If one node fails, traffic is rerouted. 

Common in large homes and enterprises

Examples: 

Google Nest Wi-Fi 

Eero Mesh 

TP-Link Deco 

Advantages: 

No single point of failure. 

Automatic optimization for best signal.

 

78. What are the key parameters to consider when designing a Wi-Fi network? When setting up a Wi-Fi network, the following factors must be considered: ✔ 1. Coverage – Ensure sufficient APs for full coverage.

2. Capacity – Consider number of users and bandwidth requirements

3. Frequency Band – Use 5 GHz for speed, 2.4 GHz for coverage. 

4. Security – Implement WPA3, VLANs, and MAC filtering

5. Channel Planning – Minimize interference by using non-overlapping channels. 6. Roaming & Handoff – Enable 802.11r/k/v for seamless transitions. 

7. Interference – Avoid microwaves, Bluetooth, and other 2.4 GHz devices. 8. Power Levels – Adjust transmit power to prevent overlap and interference.

 

79. What is band steering in wireless networks? 

Band steering is a technique used to push devices to connect to the 5 GHz band instead of 2.4 GHz. How It Works: 

The AP detects dual-band clients

It blocks or delays 2.4 GHz responses. 

The client switches to 5 GHz for better performance. 

Benefits: 

Reduces congestion on 2.4 GHz. 

Improves speed and network performance. 

Example: 

A modern smartphone tries to connect to Company Wi-Fi. 

The AP steers it to 5 GHz for better speed

 

80. How do you troubleshoot weak Wi-Fi signals? 

Troubleshooting Steps: 

Check Signal Strength: 

Use tools like NetSpot, inSSIDer, or Wi-Fi Analyzer

Reduce Interference: 

Avoid placing the router near microwaves, cordless phones, or Bluetooth devices

Optimize Router Placement: 

Place it centrally and at an elevated position

Adjust Wi-Fi Channels: 

Use 1, 6, or 11 for 2.4 GHz (non-overlapping). 

Use DFS channels in 5 GHz to avoid congestion. 

Upgrade Antennas or APs: 

Use higher-gain antennas or Wi-Fi 6 APs for better coverage. 

Enable QoS & Band Steering: 

Prioritize critical applications like VoIP and video calls

Check for Firmware Updates: 

Ensure routers/APs are updated for performance improvements.

 

81. What is SDN (Software-Defined Networking)? 

Software-Defined Networking (SDN) is a networking architecture that separates the control plane from the  data plane, making networks more flexible and programmable. 

Key Features: 

Centralized Control: Uses a SDN Controller to manage the entire network. 

Programmability: Network behaviour is defined using APIs and automation

Dynamic Traffic Management: Traffic flows can be modified in real time. 

Example: 

OpenFlow, Cisco ACI, VMware NSX 

Benefits: 

Simplifies network management

Improves scalability and automation

Reduces costs and complexity.

 

82. What is the difference between cloud networking and traditional networking? 

Feature 

Infrastructure Control 

Scalability 

Cost 

Management 

Traditional Networking  Cloud Networking 

Virtualized routers and software-based networking 

Managed via cloud-based dashboards (e.g., AWS, Azure,  GCP) 

Highly scalable, elastic 

Pay-as-you-go model 

Automated and software-driven

Physical routers, switches, and  firewalls 
Managed on-site by network  engineers
Limited, requires hardware  

upgrades 

High upfront costs 
Manual configuration 

 

Example: 

Traditional Networking: Enterprise network with Cisco/MikroTik hardware 

Cloud Networking: AWS VPC, Azure Virtual Network

 

83. How does REST API help in network automation? 

A REST API (Representational State Transfer Application Programming Interface) allows applications to  interact with network devices using HTTP requests. 

Key Features: 

Uses HTTP methods: GET, POST, PUT, DELETE 

Works with JSON or XML for data exchange 

Allows automated network configuration and monitoring 

Example:

Automating Cisco devices using Cisco DNA Center API 

Monitoring network performance via REST APIs in SDN controllers

 

84. What is JSON, and how is it used in network automation? 

JSON (JavaScript Object Notation) is a lightweight data format used for storing and exchanging data. Why is JSON used in networking? 

Used in APIs for network automation

Provides a structured format for configurations. 

Works with tools like Postman, Python, and Ansible

Example JSON Network Configuration: 

 “interface”: “GigabitEthernet0/1”, 

 “ip_address”: “192.168.1.1”, 

 “subnet_mask”: “255.255.255.0” 

}

 

85. What is Ansible, and how does it help in network management? 

Ansible is an open-source automation tool used for network configuration management. Key Features: 

Uses YAML (playbooks) for automation. 

Agentless (no software needed on devices). 

Supports multi-vendor networking (Cisco, Juniper, Arista). 

Example: 

Ansible Playbook to configure a Cisco router: 

– name: Configure Cisco Router 

 hosts: routers 

 tasks: 

 – name: Configure an interface 

 cisco.ios.ios_config: 

 lines: 

 – ip address 192.168.1.1 255.255.255.0 

 parents: interface GigabitEthernet0/1

 

86. What is Terraform, and how is it used in networking? 

Terraform is an Infrastructure as Code (IaC) tool that automates cloud infrastructure deployment. Why is Terraform used in networking? 

Deploys and configures cloud networks (AWS, Azure, GCP)

Automates virtual networks (VPCs, subnets, firewalls)

Works with APIs to manage SDN-based networks. 

Example Terraform Code for AWS Networking: 

resource “aws_vpc” “main” { 

 cidr_block = “10.0.0.0/16” 

}

 

87. How does NetConf/YANG work for network configuration? 

NetConf (Network Configuration Protocol) and YANG (Yet Another Next Generation) are used for network  automation and configuration management

How They Work: 

NetConf is a protocol for configuring network devices over SSH. 

YANG is a data modeling language that defines network configurations. 

Example Use Case: 

Automating Cisco routers with NetConf. 

Using YANG models for structured configuration.

 

88. What is the difference between on-premises and cloud networking? 

Feature 

Infrastructure Management Scalability 

Security 

Cost 

On-Premises Networking  Cloud Networking 

 

Automated, remote control Highly scalable, elastic 

Managed by cloud provider Pay-as-you-go

Physical devices (switches, routers) Virtualized network (VPC, subnets)
Manual, local configuration 
Limited, hardware-based 
Managed on-site 
High initial investment 

 

Example: 

On-Premises: Cisco/MikroTik hardware-based network. 

Cloud Networking: AWS VPC, Azure Virtual Network.

 

89. What is Infrastructure as Code (IaC)? 

Infrastructure as Code (IaC) is the practice of managing and provisioning network infrastructure using code instead of manual configuration. 

Key Benefits: 

Automates network setup using scripts. 

Ensures consistency across environments. 

Works with tools like Terraform, Ansible, and CloudFormation

Example: 

Using Terraform to create a virtual network in AWS: 

resource “aws_vpc” “main” { 

 cidr_block = “10.0.0.0/16” 

}

 

90. What is a virtual network in cloud computing? 

A virtual network (VNet/VPC) is a logically isolated network in the cloud that allows resources to  communicate securely. 

Key Features: 

Provides private IP addressing

Supports subnets, firewalls, and VPN connections

Can be extended to on-premises networks

Example Virtual Networks: 

AWS VPC (Virtual Private Cloud) 

Azure Virtual Network (VNet) 

Google Cloud VPC 

Use Case: 

Connecting cloud servers securely

Setting up hybrid networks (on-prem + cloud).

 

91. Describe a time when you troubleshot a major network issue. 

Example Scenario: 

At my previous job, a core switch failure disrupted connectivity for hundreds of users. Troubleshooting Steps: 

Identified the issue: Checked network monitoring tools (SolarWinds, PRTG) for alerts. Checked logs and interfaces: Found high CPU usage and errors on core switch ports. Failed over to backup: Used HSRP (Hot Standby Router Protocol) to shift traffic. 

Replaced faulty hardware: Installed a new switch, reconfigured VLANs, and restored services. Root cause analysis: Discovered a misconfigured STP loop causing high CPU spikes. Result: 

Restored network in 30 minutes

Optimized STP and load balancing to prevent future issues

 

92. How would you handle a network outage in a critical production environment? Step-by-Step Approach: 

Assess the Scope:  

Use monitoring tools (Nagios, Zabbix, SolarWinds) to identify affected areas. Check for alerts on core devices. 

Quick Fix for Critical Services:  

If a router is down, use a backup link or failover mechanism (HSRP/VRRP). 

If a switch is down, enable redundant paths (EtherChannel, STP)

Troubleshoot Systematically:  

Check logs (Syslog), ping, traceroute, show commands

Isolate faulty devices (switch, router, firewall). 

Communicate the Status:  

Inform stakeholders with updates. 

Provide estimated resolution time (ETA)

Implement a Permanent Fix:  

If a link failed, reconfigure BGP/OSPF redundancy

If hardware failed, replace and test thoroughly.

 

93. How do you prioritize multiple network issues reported at the same time? Prioritization Strategy: 

Critical Services First:  

If production servers or VPN tunnels are down, fix them first. 

Impact-Based Approach:  

Affects entire office (critical) → Immediate action. 

Affects single user (low priority) → Handle after urgent tasks. 

Use ITIL Framework:  

Incident Management Process: Identify, log, categorize, resolve. 

Delegate if Necessary:  

Assign junior engineers to less critical tasks. 

Example: 

VPN outage (high priority) → Fix immediately. 

Slow Wi-Fi in a meeting room (low priority) → Schedule for later.

 

94. If a server cannot communicate with another server, what steps will you take? Troubleshooting Steps: 

Basic Connectivity Test: 

ping <server-IP> → Check if it’s reachable. 

tracert <server-IP> → Identify network hops. 

Check Network Configuration: 

Run ipconfig /all (Windows) or ifconfig (Linux) for IP settings. 

Ensure default gateway is correct

Firewall and ACL Rules: 

Verify firewall rules are not blocking traffic. 

Check access control lists (ACLs) on routers/switches. 

DNS Resolution Check: 

nslookup <server-name> → Check if DNS is resolving correctly. 

Log Analysis & Packet Capture: 

Use Wireshark to analyze packet flow. 

Example: 

If ping fails, but traceroute stops at a firewall, then firewall rules need modification.

 

95. How do you communicate technical issues to non-technical users? 

Best Practices: 

Use simple language, no jargon (e.g., “Our network switch needs a restart to fix the slow internet”). Provide impact assessment (“The network will be slow for 10 minutes while we resolve the issue”). Offer clear steps users should take (“Try reconnecting in 5 minutes”).

Give regular updates on resolution progress. 

Example: 

Instead of: “The OSPF adjacency is flapping due to high CPU on the core switch.” Say: “There is a temporary issue with the main network device, and we are fixing it to restore connectivity  soon.”

 

96. If your team is facing continuous high latency issues, what would you do? 

Steps to Diagnose High Latency: 

Check Bandwidth Utilization: 

Use NetFlow, SNMP, or Wireshark

Identify bandwidth-heavy applications (YouTube, file downloads, etc.)

Identify Network Bottlenecks: 

Use tracert to find slow hops. 

Test latency between internal routers

Check for Packet Loss & Congestion: 

Run ping -t <destination> to check for dropped packets

Implement QoS (Quality of Service) to prioritize critical traffic. 

Optimize Routing & Redundancy: 

Adjust OSPF/EIGRP/BGP metrics for better path selection. 

Enable load balancing

Fixes: 

Apply QoS rules

Limit non-essential traffic (streaming, large downloads).

 

97. How do you handle working under pressure in a NOC environment? 

Best Practices: 

Stay calm and focused

Follow standard troubleshooting procedures

Prioritize tasks logically (critical issues first). 

Use team collaboration to divide work efficiently. 

Keep stakeholders informed about progress. 

Example: 

During a DDoS attack, I worked under pressure to: 

Identify the attack source using firewall logs. 

Mitigate impact by blocking malicious traffic via ACLs. 

Inform management with real-time updates.

 

98. What would you do if a customer reports intermittent internet disconnection? Troubleshooting Steps: 

Check Signal Strength & Wi-Fi Interference: 

If wireless, check for overlapping channels and signal drops

Monitor ISP Connection & Latency: 

Run ping 8.8.8.8 -t to check for packet loss

Verify Cable & Hardware Issues: 

Replace faulty Ethernet cables or reset the modem/router

Check Router Logs for Errors: 

Look for frequent reboots or DHCP lease issues

Use a Secondary ISP Connection: 

Test with another ISP to rule out provider issues.

 

99. How would you improve network uptime in a data center? 

Best Practices: 

Implement redundant links (HSRP, VRRP, BGP failover). 

Use load balancing with multiple ISPs. 

Monitor with real-time alerts (SNMP, Syslog, NetFlow)

Conduct regular firmware upgrades.

Use power backups (UPS, dual power supplies).

 

100. Why do you want to work as a NOC Engineer or Network Engineer? 

Good Answer: 

“I enjoy solving complex network issues and ensuring smooth connectivity. I like working in a fast-paced environment where I can monitor, troubleshoot, and optimize networks. My passion for networking, problem-solving skills, and experience in troubleshooting make me a great fit for this role.”

 

Do visit our channel to know more: Click Here

Author:-

Samir Khatib

Call the Trainer and Book your free demo Class for CCNA now!!!

© Copyright 2021 | SevenMentor Pvt Ltd