Interview Questions

1. What is the difference between the ASA firewall operating in Routed Mode and Transparent Mode ?

    Ans  :  A firewall in a routed mode is a routed hop and acts as a default gateway for hosts that connect to one of its screened subnets. . A transparent firewall, on the other hand, is a Layer 2 firewall that acts like a "bump in the wire," or a "stealth firewall," and is not seen as a router hop to connected devices.

2. How to control ARP Traffic in Transparent mode of ASA Firewall ? 

    Ans :  ARP Inspection is used to control ARP Traffic

3.  What is mean by Stealth Firewall ?

Ans  :

4.  What are called Non-IP Traffic?

Ans : AppleTalk, IPX, BPDUs, and MPLS

5. What happen when you change the mode of firewall from Routed to Transparent ?

Ans : When you change modes, the adaptive security appliance clears the configuration because many commands are not supported in both modes.

6. what are the different types of NAT supported by ASA ?
Ans :  i. Static NAT

         ii. Dynamic NAT
        iii. Static PAT
        iv. Dynamic PAT
         v. Identity NAT
        vi. Static Identity NAT
       vii. NAT Exemption
  

7. What is mean by Load Balancing?
In firewall, load balancing means the two firewall are configured in such a way that both the firewall will process the client request based on specific algorithm ( such as Round Robin Algorithm ) 

8. What is the use of VPN ?
       VPN is used to create a seperate tunnel between two users to have a secure connection which means the data is encapsulated before sending.

9.  What is the use of Proxy ARP ?
 Ans :  Proxy ARP feature will enable the device to answer the ARP queries for the network address that is not on that network

10. What is mean by Policy Based NAT?

11. Can you explain about OSI Model ?
   Ans :  OSI model is develpoped to have a common reference model for communication between devices of different vendors. It consists of seven layers 
       The bottom layer in OSI model is  ''Physical Layer '' which is responsible for forming a physical interfaces between devices which allows for transmission of data in raw bit stream.
       The second bottom layer is " Data Link Layer"  which is responsible for


12. What do you mean by Access List?
  Ans :  Routers ,Cisco ASA firewall provide traffic filtering capabilities using the access-list . Access list consists of ACE ( Access Control Entries ). An ACE is a single entry which permits or deny based on Protocol , Source and Destination address and can also be used source and destination port numbers

Cisco ASA supports mant Access list types
1.  Standard Access List
2.  Extendd Access List
3.  Ethertype Access List
4.  Web based Access List
5.  IPv6 Access List

13.  Differnce between TCP and UDP

	TCP	UDP
Acronym for:	Transmission Control Protocol	User Datagram Protocol or Universal Datagram Protocol
Function:	As a message makes its way across the internet from one computer to another. This is connection based.	UDP is also a protocol used in message transport or transfer. This is not connection based which means that one program can send a load of packets to another and that would be the end of the relationship.
Usage:	TCP is used in case of non-time critical applications.	UDP is used for games or applications that require fast transmission of data. UDP's stateless nature is also useful for servers that answer small queries from huge numbers of clients.
Examples:	HTTP, HTTPs, FTP, SMTP Telnet etc...	DNS, DHCP, TFTP, SNMP, RIP, VOIP etc...
Ordering of data packets:	TCP rearranges data packets in the order specified.	UDP has no inherent order as all packets are independent of each other. If ordering is required, it has to be managed by the application layer.
Speed of transfer:	The speed for TCP is slower than UDP.	UDP is faster because there is no error-checking for packets.
Reliability:	There is absolute guarantee that the data transferred remains intact and arrives in the same order in which it was sent.	There is no guarantee that the messages or packets sent would reach at all.
Header Size:	TCP header size is 20 bytes	UDP Header size is 8 bytes.
Common Header Fields:	Source port, Destination port, Check Sum	Source port, Destination port, Check Sum
Streaming of data:	Data is read as a byte stream, no distinguishing indications are transmitted to signal message (segment) boundaries.	Packets are sent individually and are checked for integrity only if they arrive. Packets have definite boundaries which are honored upon receipt, meaning a read operation at the receiver socket will yield an entire message as it was originally sent.
Weight:	TCP requires three packets to set up a socket connection, before any user data can be sent. TCP handles reliability and congestion control.	UDP is lightweight. There is no ordering of messages, no tracking connections, etc. It is a small transport layer designed on top of IP.
Data Flow Control:	TCP does Flow Control. TCP requires three packets to set up a socket connection, before any user data can be sent. TCP handles reliability and congestion control.	UDP does not have an option for flow control
Error Checking:	TCP does error checking	UDP does error checking, but no recovery options.
Fields:	1. Sequence Number, 2. AcK number, 3. Data offset, 4. Reserved, 5. Control bit, 6. Window, 7. Urgent Pointer 8. Options, 9. Padding, 10. Check Sum, 11. Source port, 12. Destination port	1. Length, 2. Source port, 3. Destination port, 4. Check Sum
Acknowledgement:	Acknowledgement segments	No Acknowledgment
Connection:	TCP is a connection-oriented protocol.	UDP is a connectionless protoc

Interview Questions with Cisco for post of Network Engineer

Interview Questions with Cisco:-

Hi folks recently i have attended interview with cisco for the post of Network Engineer . So i would like to post the interview questions in by blog. I hope this post will be helpfull for those who are preparing for interview .

   1.        Tell about your job profile ?

   2.       Explain about OSI layers ?

   3.       Do we use OSI layers now ? 

   4.       Explain about ARP works?

   5.       Scenario 1 : Explain how communication between PCA and PCB happens ?

   6.       What is the difference between OSI layer and TCP/IP Protocol?

   7.       What is the difference between TCP and IP ?

   8.       How much you know about RIP ?

   9.       What are the difference between RIPv1 and RIP v2?

   10.   Whether auto-summarisation is enable by default in RIP ? 

   11.   How auto-summarization works ?

   12.   Scenario 2 : How auto summarization works in this topology?

   13.   What do you mean by static routing and Default Static routing?

   14.   What do you mean by routed protocols and routing protocols ?

   15.   What is mean by AD value and Metric Value ?

   16.   How much you know about EIGRP ?

   17.   What is mean by Stuck in Active in EIGRP ?

   18.   What is the method to avoid Stuck  in active state ?

   19.   What is mean by Fessiable Successor ?

   20.   Whether it is possible to have two routes with for same destination ?

   21.   How much you know about OSPF ?

   22.   Explain how OSPF protocol works ?

   23.   How much you know about BGP?

   24.   How HSRP works ?

   25.   How STP protocol works ?

   26.   How is Root bridge is elected ?

   27.   What is the method to manually elect the root bridge?

   28.   What type of NAT you used in ASA firewall ?

   29.   What is the difference between Static Nat, Dynamic Nat and Policy Nat ?

   30.   You are worked in Cisco 6509 catalyst switch , so what is the supervisor engine model supported in Cisco 6509 switch ?

   31.   What type of redundancy you configured in Supervisor engine of your switch ?

   32.   What is mean by SSO mode ?

Cognizant - Interview Questions for Network Admin

Dear all,
       I have attended interview for the post of Network Admin on 31st August 2013. I would like the share the experience with you , that's why i am posting the list of interview questions asked to me.

I am just posting just the technical questions alone

1. What is mean by stuck in active in EIGRP ? 
2. What is mean by Feasible Sucessor ?
3. What  is it located ?
4. What are the metrics used in EIGRP ?
5. What are the default values of Metric ?
6. What is the Multicast address used in EIGRP ?
7. What do you mean by unequal cost load balancing ?
8. what is the formula to calculate metric ?
9. what is the condition for feasible distance ?
10. next come to OSPF , What do you mean by LSA in OSPF ?
11. What are the different states in OSPF ?
12. when will the database description packet gets exchanged ?
13. what are the contents in database description packet  ?
14. What do you mean by Type 6 LSA ?
15. In a site to site vpn how many phases are there ?
16. What are the parameters of Phase 1 ?
17. If the authentication method in phase 1 mismatch ,how will you identify ?
18. How will check the configured Access-List is working or not ?
19. What is the use of having Security Zones in ASA Firewall ?
20. What are the parameters you will check if i cannot able to communicate from inside  n/w to outside n/w through the ASA firewall ?
21. How will you check whether NAT is happening or not ?

Network Management Software - LAN Management Soultion

Cisco Works Lan Management Solution :

    The need for computers in this world are increasing day by day and the most important things is to have a connection between these computers so therr is need for network devices like switches , Routers and Firewalls.
    The toughest job for Network Administrators is to administrator all the network devices from one place. Cisco systems has come with an solution called Cisco Works LAN Management Solution which is a software used to managemt and troubleshoot network devices.

LMS 3.2 Features :

1. Campus Manager
2. Common Services
3. Device Fault Management
4. Health And Utiliziation Monitors
5. Internetwork Performance Monitors
6. Resource Manager Essentials

ASA Firewall

Hi Readers ,

           Today i am going to post about the Security Appliance ( i.e Adapative Security Appliance )

Cisco Develops Security appliance for all kinds of customers vary from small , medium sized to large organizations.

Various models of ASA firewall :

1. Cisco 5505

2. Cisco 5510

3. Cisco 5520

4. Cisco 5540

5. Cisco 5550

6. Cisco 5580

7. Cisco 5585 X

Functional Overview of a Firewall :

Firewall Mode :
a. Routed Mode -
     
b. Transparent Mode -

-> A transparent firewall, on the other hand, is a Layer 2 firewall that acts like a "bump in the wire," or a "stealth firewall," and is not seen as a router hop to connected devices.
-> Layer 3 traffic, such as IP traffic, cannot pass through the security appliance unless you explicitly permit it with an extended access list.
->  The only traffice can pass through transparent firewall is ARP traffic which can be controlled by arp inspection
  

Differnce Between HSRP and VRRP Protocol

 I hope this blog will be usefull to those who want to understand the difference between HSRP and VRRP.Both the protocols are widely used by Network professional to achieve gateway load-balancing .The More about these protocols are listed below.

HSRP :
->  HSRP stands for Hot Standby Routing Protocol
->  Cisco Properiotity Protocol
->  Preempt is diabled by default
->  HSRP Router terms Active Router, Standby Router

VRRP :
->  VRRP stands for Virtual Router Redundancy Protocol
->  Open Standard Protocol
->  Preempt is enable by default
->  VRRP Router terms Master Router, Backup Router

Dell Sonicwall - Interview Questions

Hi readers ,
     This time i would like to share another interview experience of mine in my blog

Company Name -  Dell Sonicwall
Job Title             -   Network Security Engineer
Work Location   -  Chennai
Interview Mode  -  Telephonic

1. Can you explain about you , your educational background and Technical Background ?
2. Explain about DHCP process ?
3. What is the use of ARP Protocol ?
4. scenario -  There are two brand new systems with windows seven operating system .In one of the system      
    i have created a file and saved it to the desktop. Now my question is what are the minimum software and  
    hardware requirments required for me to get the file in another system.
5. What do you mean by proxy ARP ?
6. What is mean by SSL Handshake ?
7. what is the difference between STP and RSTP ?
8. Can you explain about VPN ?
9.  What is mean by TCP Handshake ?
10. what is mean by iterative query ?
11. Scenario -  In a router there are two routing protocol EIGRP and OSPF , by default the router will
      choose which route .

What happens when the Environment Temperature of the Cisco Switches Exceeds the Threshold Temperature

Hi everybody today i will share my knowledge about what will be the problem for the cisco switches if the environment temperature exceeds the Normal Operating temperature.

I will show how to check the Environment temperature details in cisco catalyst switches cisco 4507 and 6509 series.

Commands you should use to check environment temperature details are
1. show environment status.
2. show environment temperature.

Below are the ouput you will get if you type these commands in cisco switches
switch_4507>show environment temperature
Module    Sensor                       Temperature                   Status    
------+--------------------------+--------------------+------------
3             air inlet                   36C (51C,65C,68C)              ok
3             air outlet                 43C (69C,83C,86C)              ok

switch_6509>show environment temperature
VTT 1 outlet temperature: 23C
  VTT 2 outlet temperature: 25C
  VTT 3 outlet temperature: 29C
  module 1 outlet temperature: 41C
  module 1 inlet temperature: 24C
  module 1 device-1 temperature: 24C
  module 1 device-2 temperature: 39C
  module 1 EARL outlet temperature: 34C
  module 1 EARL inlet temperature: 29C
  module 2 outlet temperature: 39C
  module 2 inlet temperature: 24C
  module 2 device-1 temperature: 24C
  module 2 device-2 temperature: 37C
  module 2 EARL outlet temperature: 29C
  module 2 EARL inlet temperature: 28C
  module 3 outlet temperature: 37C
  module 3 inlet temperature: 26C
  module 3 EARL outlet temperature: 26C
  module 3 EARL inlet temperature: 27C
  module 4 outlet temperature: 39C
  module 4 inlet temperature: 25C
  module 4 EARL outlet temperature: 26C
  module 4 EARL inlet temperature: 27C
 --More--          module 5 outlet temperature: 25C
  module 5 inlet temperature: 21C
  module 5 device-1 temperature: 29C
  module 5 device-2 temperature: 30C
  module 5 asic-1 temperature: 20C
  module 5 asic-2 temperature: 20C
  module 5 asic-3 temperature: 20C
  module 5 asic-4 temperature: 20C
  module 5 asic-5 temperature: 20C
  module 5 asic-6 temperature: 20C
  module 5 RP outlet temperature: 23C
  module 5 RP inlet temperature: 24C
  module 5 EARL outlet temperature: 28C
  module 5 EARL inlet temperature: 22C
  module 6 outlet temperature: 25C
  module 6 inlet temperature: 20C
  module 6 device-1 temperature: 29C
  module 6 device-2 temperature: 29C
  module 6 asic-1 temperature: 21C
  module 6 asic-2 temperature: 21C
  module 6 asic-3 temperature: 21C
  module 6 asic-4 temperature: 21C
  module 6 asic-5 temperature: 21C
 --More--          module 6 asic-6 temperature: 21C
  module 6 RP outlet temperature: 23C
  module 6 RP inlet temperature: 24C
  module 6 EARL outlet temperature: 28C
  module 6 EARL inlet temperature: 22C
  module 9 outlet temperature: 30C
  module 9 inlet temperature: 30C
  module 9 device-1 temperature: 25C
  module 9 device-2 temperature: 28C

IPv6 - The Begining

Features:

->  128bit in length.
->  Total 3.40 Trillion Trillion Trillion IP address
->   No Broadcast IP Address
->   No NAT
->  IPv6 addresses are represented as eight groups of four hexadecimal digits separated by colons, for example 2001:0db8:85a3:0042:1000:8a2e:0370:7334,
Types of address:

Link local IP address:
 -  The first three bits should be 001
 Following Combination is possible
    001 0   i.e  2
    001 1   i.e  3

Site Local IP address
 -  The first seven bits should be 1111 110
following combination is possible



Dear Readers kindly post your valuable suggestions and comments below so that i can enhance this blog with more informative and knowledgeable.

Syntel Corportion - Network Engineer Interview questions

Hi , i have attended Telephonic interview last week for Information Security Domain in Syntel Corporation, chennai . So i want to share my experience because i think it may be helpful to those who are searching job.

The questions i was asked during the interview are

1. The common question in all the interviews is " Tell about yourself ?"
2. Difference b/w Router and Firewall ?
3. Whether Firewall can able to terminate the network ?
3. Difference b/w the access-list in the router and Firewall ?
4. What is the port number used by Ping Command ?
5. Can you explain about the media layer in OSI model ?
6. How DHCP Works ?
7. what is the purpose of SRV Records in DNS ?
8. Router and Firewall works in which layer of OSI model ?
9. What is the use of NSLOOKUP command ?
10. what is the difference between AD in windows server 2003 and 2008 ( interms of security side)
11. What are the things you will observer , if you are asked to do firewall auditing ?
12. How will you contribute yourself to Information Security ?
13. Tell some commands you used for troubleshooting in windows or linux environment ?

Network Device Troubleshooting Tips

Corrupt image & router boots into rommon mode:

Introduction:

This page explains how to recover a Cisco 2600 Series Router and a VG200 stuck in ROMmon (rommon# >prompt).

Before You Begin

Conventions

For more information on document conventions, see the Cisco Technical Tips Conventions.

Prerequisites

There are no specific prerequisites for this document.

Components Used

This document is not restricted to specific software and hardware versions.

The information presented in this document was created from devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If you are working in a live network, ensure that you understand the potential impact of any command before using it.

Check Configuration Register Settings

If the router is stuck in ROMmon mode, the first setting that should be checked is the value of the configuration register.

The first four bits of the configuration register comprise the boot field. The value of the boot field defines the source of a default Cisco IOS® software image that will be used to run the router. If the value of the boot field is 0 (configuration register value of XXX0), on startup the system enters and remains in the ROM monitor mode (rommon>), awaiting a user command to boot the system manually. For more information on the software configuration register bit meanings, see Configuring the Software Configuration Register.

If your router keeps entering the ROMmon mode each time the system is restarted, it is probably due to the setting of the configuration register. To verify the configured value of the configuration register, use the confreg command as shown below:

rommon 2 > confreg

    Configuration Summary
enabled are:
load rom after netboot fails
console baud: 9600
boot: the ROM Monitor

do you wish to change the configuration? y/n  [n]: 

As indicated by the output of the confreg command above, the configuration register is set to a value that forces the router to go into the ROMmon mode each time it is reloaded or power-cycled. To make the router boot automatically from a default Cisco IOS software image, change the configuration register value as shown below:

rommon 2 > confreg 

    Configuration Summary
enabled are:
load rom after netboot fails
console baud: 9600
boot: the ROM Monitor

do you wish to change the configuration? y/n  [n]:  y
enable  "diagnostic mode"? y/n  [n]:
enable  "use net in IP bcast address"? y/n  [n]:
disable "load rom after netboot fails"? y/n  [n]:
enable  "use all zero broadcast"? y/n  [n]:
enable  "break/abort has effect"? y/n  [n]:
enable  "ignore system config info"? y/n  [n]:
change console baud rate? y/n  [n]:
change the boot characteristics? y/n  [n]:  y
enter to boot:
 0 = ROM Monitor
 1 = the boot helper image
 2-15 = boot system
    [0]:  2

    Configuration Summary
enabled are:
load rom after netboot fails
console baud: 9600
boot: image specified by the boot system commands
      or default to: cisco2-C2600

do you wish to change the configuration? y/n  [n]: n
You must reset or power cycle for new config to take effect

By doing this, you have changed the configuration register to a value that makes it look for a valid Cisco IOS software image on startup and boot from the same. The router must now be reset.

rommon 3 > reset

System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
Copyright (c) 1999 by cisco Systems, Inc.
TAC:Home:SW:IOS:Specials for info

The router should now reload with a valid Cisco IOS software image.

Look for a Valid Image in Flash

If the configuration register value is set to make the system boot automatically from a default Cisco IOS software image, and if no break signal is sent during start up, the router should boot normally. However, if the router still enters the ROMmon mode, it is probably because the device is unable to locate a valid Cisco IOS software image.

The first thing you need to do then is to look for a valid Cisco IOS software image. To do this, issue the dir <device> command for each available device, and look for a valid Cisco IOS software image. For example, to look for the IOS in the Flash, use the command shown below.

rommon 1 > dir flash:
         File size         Checksum   File name   
5358032 bytes (0x51c1d0)   0x7b16    c2600-i-mz.122-10b.bin
rommon 2 >

Note that if the router returns the "bad device name" message, the device specified probably does not exist. The output above indicates that a valid image is indeed present in the Flash. Try to boot from that image using the boot command.

rommon 2 > boot flash:c2600-i-mz.122-10b.bin
program load complete, entry point: 0x80008000, size: 0x51c0dc
Self decompressing the image : #################################################
##################################
...

The router should now boot with the Cisco IOS software image specified in the boot command. However, there are times when a valid image does not exist on any of the devices or the image on the Flash might be corrupted. In these cases, a valid image has to be downloaded using Trivial File Transfer Protocol (TFTP) or by using the Xmodem procedure. Both these procedures can be carried out from the ROMmon mode.

Note: There are instances where the system message "Device does not contain a valid magic number" appears. If this happens, in addition to getting a valid Cisco IOS software image, you might need to reseat the Flash or replace it, if it is damaged.