Computer Network Interview Questions and Answers (2026)
Preparing for a Computer Network interview? This comprehensive guide covers the most frequently asked networking interview questions and answers for freshers, intermediate, and experienced candidates in 2026.
From core concepts like the OSI model, TCP/IP stack, and IP addressing to advanced topics like subnetting, routing protocols, network security, and distributed systems — this list is designed to help you ace technical rounds at top tech companies, telecom firms, and cloud providers.
What You'll Learn
- OSI and TCP/IP model layers and their roles
- Networking protocols — DNS, DHCP, HTTP, FTP, SMTP, ARP, ICMP
- IP addressing, subnetting, NAT, and IPv4 vs IPv6
- Network topologies, devices, and hardware
- Security concepts — firewalls, encryption, DDoS, SQL injection
- Advanced networking — BGP, CSMA/CD, subnetting, VLANs
- Practical commands — ipconfig, netstat, tracert, ping
What is a Computer Network?
A Computer Network is a collection of computers, servers, mainframes, network devices, and other devices connected to each other to share resources and communicate. Networks enable data transmission across various devices and facilitate services like the internet, email, file sharing, and more.
Why Computer Networks are Important from a Placements Perspective
Having a strong understanding of Computer Networks is essential for cracking technical interviews and securing dream placements in networking, system administration, and software development roles. Here's why it should be a priority for you:
- High Demand: Tech firms, telecom, and cloud service providers need network professionals for efficient communication and data sharing.
- Core Concept: Networking fundamentals, including protocols, OSI model, and security, are crucial for technical roles.
- Real-World Application: Expertise in networking helps solve issues like troubleshooting, security breaches, and optimizing data transfer.
- Versatility: Networking knowledge is valuable across industries like telecom, cybersecurity, cloud computing, and IT infrastructure.
- System Performance: Understanding networks helps optimize performance and ensure smooth, reliable communication.
General Network Concepts
1. What is a Link?
A link is a physical or logical communication channel connecting two or more network devices. It can be a wired medium (Ethernet cable, fiber optic) or wireless (Wi-Fi, Bluetooth). A link defines the path over which data travels between nodes in a network.
2. What is a node?
A node is any device connected to a network that can send, receive, or forward data. Examples include computers, servers, printers, routers, and switches. Each node is identified by a unique address (IP or MAC) within the network.
3. What is a gateway? Is there any difference between a gateway and router?
A gateway is a network device that connects two networks using different protocols or architectures, translating between them. A router connects networks using the same protocol (typically IP) and routes packets based on IP addresses. A gateway performs protocol translation in addition to routing — all gateways can act as routers, but not all routers are gateways.
4. What is a Network?
A network is a collection of interconnected devices (computers, servers, printers, switches, routers) that communicate with each other to share data and resources. Networks can be classified by size (LAN, MAN, WAN), topology (star, ring, mesh), and purpose (internet, intranet, extranet).
5. What is a node and link?
A node is any device on a network capable of sending or receiving data — computers, switches, routers, and printers are all nodes. A link is the communication path connecting two nodes, which can be physical (cable) or logical (wireless signal). Together, nodes and links form the fundamental building blocks of any network topology.
6. What are routers?
Routers are networking devices that operate at Layer 3 (Network Layer) of the OSI model. They forward data packets between different networks by examining the destination IP address and using routing tables to determine the best path. Routers connect LANs to WANs (like the internet) and make intelligent path decisions based on routing protocols like OSPF, BGP, and RIP.
7. What is the difference between domain and workgroup?
A workgroup is a peer-to-peer network model where each computer manages its own authentication — there is no central authority. Suitable for small networks (up to 20 computers). A domain is a client-server model where a central domain controller (like Windows Active Directory) manages authentication, policies, and resources for all computers in the domain. Domains are more secure and scalable for enterprise networks.
8. What are nodes and links?
Nodes are the endpoints or intermediate devices in a network — computers, servers, printers, routers, and switches. Links are the connections between nodes — physical cables (Ethernet, fiber) or wireless channels. The combination of nodes and links defines the network's topology and determines how data flows between devices.
9. What is point to point link?
A point-to-point link is a direct dedicated communication path between exactly two nodes. It provides a dedicated channel with no sharing — the full bandwidth is available exclusively for those two endpoints. Examples include leased lines between branch offices or serial connections between two routers. Point-to-point links are simple, reliable, and have predictable performance.
10. What is the main job of the ARP?
ARP (Address Resolution Protocol) resolves IP addresses to MAC addresses within a local network. When a device knows the IP address of another device on the same network but not its MAC address, it broadcasts an ARP request. The device with that IP address responds with its MAC address. The result is cached in the ARP table for future use. ARP operates at Layer 2 (Data Link Layer).
Network Layers & Models
1. What are the layers of the OSI reference model?
The OSI (Open Systems Interconnection) model has 7 layers from bottom to top: Physical (bits over medium), Data Link (frames, MAC addressing), Network (IP routing), Transport (TCP/UDP, end-to-end delivery), Session (managing sessions), Presentation (data formatting, encryption), and Application (HTTP, FTP, DNS — user-facing protocols).
2. What is OSI and what role does it play in computer networks?
OSI (Open Systems Interconnection) is a conceptual framework developed by ISO that standardizes how different network systems communicate. It divides network communication into 7 layers, each with specific responsibilities. OSI helps vendors build interoperable products, helps engineers troubleshoot networks (isolating which layer has an issue), and provides a common language for describing network protocols and functions.
3. What is the job of the Network Layer under the OSI reference model?
The Network Layer (Layer 3) is responsible for logical addressing (IP addresses), routing packets from source to destination across multiple networks, and path determination. It handles inter-network communication — when data needs to travel beyond the local network to reach a different network. Key protocols at this layer include IP, ICMP, and routing protocols like OSPF and BGP.
4. How many layers are there under TCP/IP?
The TCP/IP model has 4 layers: Application (handles protocols like HTTP, FTP, SMTP, DNS), Transport (TCP and UDP for end-to-end communication), Internet (IP addressing and routing), and Network Access (also called Link layer — covers physical transmission and data link functions). It is a simplified, practical model compared to the 7-layer OSI model.
5. What is the TCP/IP model? What are its layers?
The TCP/IP model is the practical networking model used by the internet. Its 4 layers are: Application Layer — provides services to end-user applications (HTTP, HTTPS, FTP, SMTP, DNS). Transport Layer — provides end-to-end communication using TCP (reliable) or UDP (fast, unreliable). Internet Layer — handles IP addressing, routing, and packet forwarding. Network Access Layer — manages hardware addressing (MAC) and physical data transmission.
6. What is the difference between the TCP/IP model and the OSI model?
The OSI model has 7 layers and is a theoretical reference framework; TCP/IP has 4 layers and is the practical model the internet runs on. OSI separates Presentation and Session into distinct layers; TCP/IP merges them into the Application layer. OSI was developed before the protocols it describes; TCP/IP was built around existing protocols. TCP/IP is protocol-specific; OSI is protocol-independent and generic.
7. Define the 7 different layers of the OSI Reference Model.
- Physical — transmits raw bits over a physical medium (cables, radio waves). 2. Data Link — frames data, manages MAC addresses and error detection (Ethernet, Wi-Fi). 3. Network — routes packets using IP addresses (IP, ICMP, routers). 4. Transport — provides reliable or fast end-to-end delivery (TCP, UDP). 5. Session — establishes, manages, and terminates sessions between applications. 6. Presentation — handles data format translation, encryption, and compression (SSL/TLS). 7. Application — provides network services to applications (HTTP, FTP, DNS, SMTP).
8. Describe the TCP/IP Reference Model.
The TCP/IP Reference Model is a 4-layer architecture that forms the basis of internet communication. The Network Access layer handles physical transmission and MAC addressing. The Internet layer handles IP routing and logical addressing. The Transport layer provides end-to-end communication via TCP (reliable, ordered) or UDP (fast, connectionless). The Application layer provides protocols for user-facing services like the web (HTTP), email (SMTP), and DNS.
9. Define the 4 different layers of the TCP/IP Reference Model.
Network Access Layer: Handles physical data transmission and device addressing (MAC addresses). Corresponds to OSI Physical + Data Link layers. Internet Layer: Handles logical IP addressing, routing, and packet forwarding (IP, ICMP, ARP). Transport Layer: Manages end-to-end communication — TCP for reliable ordered delivery, UDP for fast connectionless delivery. Application Layer: Provides protocols for user services — HTTP, HTTPS, FTP, SMTP, DNS, SSH.
10. What is the equivalent layer or layers of the TCP/IP Application layer in terms of the OSI reference model?
The TCP/IP Application layer corresponds to three OSI layers: Session Layer (Layer 5 — manages sessions), Presentation Layer (Layer 6 — handles data formatting, encryption, compression), and Application Layer (Layer 7 — user-facing protocols like HTTP, FTP, DNS). TCP/IP collapses these three into a single Application layer for simplicity.
11. What is the role of the Data Link Layer in the OSI model?
The Data Link Layer (Layer 2) provides node-to-node data transfer within the same network segment. It packages raw bits from the Physical layer into frames, manages MAC (Media Access Control) addressing to identify devices on the local network, performs error detection (using CRC), and controls access to the shared medium. It is divided into two sublayers: LLC (Logical Link Control) and MAC. Ethernet and Wi-Fi operate at this layer.
12. Explain the concept of flow control in networking.
Flow control is a mechanism that prevents a fast sender from overwhelming a slow receiver with more data than it can process. The receiver signals the sender to slow down or pause transmission. In TCP, flow control is implemented using a sliding window — the receiver advertises a receive window size indicating how much buffer space it has. If the window size drops to zero, the sender stops until the receiver signals it can accept more data.
Network Topology & Architecture
1. Describe Network Topology.
Network topology describes the physical or logical arrangement of nodes and links in a network. Physical topology refers to the actual layout of cables and devices. Logical topology refers to how data flows through the network. Common topologies include bus, star, ring, mesh, tree, and hybrid. The choice of topology affects performance, fault tolerance, cost, and scalability.
2. What is network topology?
Network topology is the structural layout of a computer network — how nodes are interconnected and how data travels between them. It can be described physically (actual wiring/device placement) or logically (data flow paths). Different topologies offer different trade-offs in cost, performance, reliability, and ease of management.
3. What is VPN?
A VPN (Virtual Private Network) creates an encrypted, secure tunnel over a public network (like the internet), allowing remote users or branch offices to communicate as if they were on a private network. VPNs provide confidentiality (encryption), integrity (tamper detection), and authentication. They are widely used for secure remote work, bypassing geographic restrictions, and connecting geographically distributed offices.
4. Describe star topology.
In a star topology, all devices connect to a central hub or switch. All communication passes through this central device. Star topology is the most common in modern networks because it is easy to install, manage, and troubleshoot — a failure in one node doesn't affect others. The main disadvantage is that if the central hub/switch fails, the entire network goes down.
5. What is Hybrid Network?
A hybrid network combines two or more different network topologies (e.g., star + ring, or star + mesh). It inherits the strengths of each component topology. For example, a large enterprise might use a mesh topology for its core network (high redundancy) and star topologies for department-level connections. Hybrid networks offer flexibility but can be complex to design and manage.
6. What is mesh topology?
In a mesh topology, every device is connected to every other device, creating multiple paths for data. A full mesh has every node connected directly to all others; a partial mesh has some nodes with multiple connections. Mesh topology offers very high fault tolerance and redundancy — if one link fails, data is rerouted. It is used in backbone networks and military communications but is expensive due to the large number of cables required.
7. What is the advantage of mesh topology?
Key advantages: High fault tolerance — multiple redundant paths mean no single point of failure; if one link fails, data takes an alternate route. High reliability — data can always find a path. No traffic bottlenecks — dedicated connections between pairs. Easy troubleshooting — faults are isolated to specific links. It is ideal for critical infrastructure where uptime is paramount.
8. What is the disadvantage of a star topology?
The main disadvantage of star topology is its single point of failure — if the central hub or switch fails, the entire network loses connectivity. Additional drawbacks include: requires more cable than bus topology (each device needs its own cable to center), the central device becomes a bottleneck under heavy traffic, and cost increases with the number of devices due to port requirements on the central switch.
9. What are the advantages of Distributed Processing?
Distributed processing spreads computation across multiple systems. Advantages: Faster processing — tasks are parallelized across multiple nodes. Fault tolerance — if one node fails, others continue working. Scalability — capacity is added by adding nodes. Resource sharing — different nodes can share data and computational power. Geographic distribution — processing can occur closer to data sources, reducing latency.
10. What are the disadvantages of implementing a ring topology?
Disadvantages: Single point of failure — a break in the ring disrupts the entire network (unless it's a dual ring). Difficult troubleshooting — identifying which node caused the failure is complex. Slower than star — data must pass through every intermediate node to reach its destination. Adding/removing nodes disrupts the network temporarily. Performance degrades as more nodes are added.
11. What is the backbone network?
A backbone network is the high-capacity central part of a computer network that interconnects various pieces of network and provides a path for the exchange of information between different LANs, subnets, or subnetworks. Backbone networks use high-speed connections (fiber optic, Gigabit Ethernet) and are designed for maximum bandwidth and reliability. The internet's core infrastructure is a backbone network.
12. How does a network topology affect your decision in setting up a network?
Topology choice impacts: Cost (mesh is expensive; bus is cheap), fault tolerance (mesh is highly resilient; bus has a single point of failure), scalability (star scales easily by adding ports; bus does not), performance (dedicated connections in star vs. shared medium in bus), ease of maintenance (star is easiest to troubleshoot), and physical space (mesh requires extensive cabling). The right topology depends on budget, required reliability, and scale.
13. What is bus topology?
In a bus topology, all devices are connected to a single central cable (the "bus"). Data transmitted by any device travels along the entire bus and is received by all devices, but only the intended recipient processes it. Bus topology is simple and cheap for small networks but has significant disadvantages: a break anywhere in the cable disables the entire network, performance degrades as more devices are added, and it's difficult to troubleshoot.
14. What are the characteristics of a hybrid network?
Hybrid networks combine two or more topologies. Key characteristics: Flexibility — can be tailored to specific needs of different departments. Scalability — easy to expand by adding a new topology segment. Fault tolerance — inherits redundancy from component topologies like mesh. Complex management — requires understanding of multiple topology types. Higher cost — combining topologies typically requires more hardware and cabling.
Protocols & IP Addressing
1. What is RIP?
RIP (Routing Information Protocol) is one of the oldest distance-vector routing protocols. It uses hop count as its routing metric (maximum 15 hops — 16 means unreachable). RIP routers broadcast their entire routing table to neighbors every 30 seconds. RIPv1 is classful (no subnet info); RIPv2 supports CIDR and authentication. RIP is simple but slow to converge and unsuitable for large networks due to the 15-hop limit.
2. What is the main purpose of OSPF?
OSPF (Open Shortest Path First) is a link-state routing protocol used within an autonomous system (interior gateway protocol). Its main purpose is to efficiently route packets by calculating the shortest path to every destination using Dijkstra's algorithm. OSPF routers share link-state advertisements (LSAs) to build a complete topology map. It supports VLSM/CIDR, converges faster than RIP, and scales to large networks. It uses cost (based on bandwidth) as its metric.
3. What is DNS?
DNS (Domain Name System) is a hierarchical distributed naming system that translates human-readable domain names (like www.google.com) into IP addresses (like 142.250.80.46). Without DNS, users would need to remember IP addresses for every website. DNS operates on port 53 using UDP (for queries) and TCP (for zone transfers). The resolution process goes: local cache → recursive resolver → root servers → TLD servers → authoritative nameservers.
4. What is DHCP?
DHCP (Dynamic Host Configuration Protocol) automatically assigns IP addresses and other network configuration parameters (subnet mask, default gateway, DNS server) to devices on a network. Instead of manually configuring each device, DHCP automates the process. When a device joins the network, it broadcasts a DHCP Discover message; the DHCP server responds with an IP address offer. DHCP leases are time-limited and renewable.
5. What is TCP/IP?
TCP/IP (Transmission Control Protocol/Internet Protocol) is the foundational suite of communication protocols used for the internet and most modern networks. IP handles addressing and routing packets between networks. TCP provides reliable, ordered, error-checked delivery of data between applications. Together they define how data is packaged, addressed, transmitted, routed, and received — forming the basis of virtually all internet communication.
6. What is the FTP protocol?
FTP (File Transfer Protocol) is an application-layer protocol used to transfer files between a client and a server over a TCP network. FTP uses two connections: a control connection (port 21) for commands and a data connection (port 20) for file transfers. It supports authentication (username/password) but transmits data in plaintext, making it insecure. SFTP (SSH File Transfer Protocol) and FTPS (FTP Secure) are the secure alternatives.
7. What is the SMTP protocol?
SMTP (Simple Mail Transfer Protocol) is the standard protocol for sending email between mail servers and from email clients to servers. It operates on port 25 (between servers) and port 587 (for client submission). SMTP handles only outgoing mail; incoming mail is retrieved using IMAP (port 143/993) or POP3 (port 110/995). SMTP is a push protocol — the sender initiates the transfer to the recipient's mail server.
8. What is ICMP?
ICMP (Internet Control Message Protocol) is a network-layer protocol used by network devices to send error messages and operational information. It reports problems like unreachable destinations, TTL expiration, and network congestion. ICMP is the foundation of two widely-used diagnostic tools: ping (tests reachability and round-trip time) and traceroute (maps the path packets take). ICMP does not carry application data — it is purely for diagnostics and control.
9. What is Ping?
Ping is a network diagnostic tool that tests connectivity between two hosts by sending ICMP Echo Request packets and measuring the response time. It reports whether the destination is reachable and the round-trip time (latency) in milliseconds. High ping values indicate network congestion or distance issues. Ping also reports packet loss percentage. Usage: ping google.com. It is one of the most basic and frequently used network troubleshooting commands.
10. What is ARP?
ARP (Address Resolution Protocol) maps a known IP address to an unknown MAC address within a local network segment. When device A wants to communicate with device B (same network, known IP), A broadcasts an ARP request asking "who has IP x.x.x.x?" Device B responds with its MAC address. A caches this mapping in its ARP table. ARP operates at Layer 2 and is essential for Ethernet communication since Layer 2 frames use MAC addresses.
11. What are the different types of networks?
Networks are classified by size and scope: PAN (Personal Area Network) — very short range, personal devices (Bluetooth). LAN (Local Area Network) — single building or campus. MAN (Metropolitan Area Network) — spans a city. WAN (Wide Area Network) — spans countries or continents (the internet is a WAN). CAN (Campus Area Network) — multiple buildings on a campus. SAN (Storage Area Network) — dedicated high-speed network for storage devices.
12. What are private IP addresses?
Private IP addresses are reserved IP ranges defined by RFC 1918 for use within private networks — they are not routable on the public internet. The three private ranges are: Class A: 10.0.0.0 – 10.255.255.255, Class B: 172.16.0.0 – 172.31.255.255, Class C: 192.168.0.0 – 192.168.255.255. Devices using private IPs access the internet through NAT (Network Address Translation) via a public IP on the router.
13. What is a private IP address?
A private IP address is an IP address from one of the RFC 1918 reserved ranges (10.x.x.x, 172.16-31.x.x, 192.168.x.x) used within a local/private network. These addresses are not routable on the public internet — they are reused across many private networks globally. A router with NAT translates private IPs to a single public IP for internet access, allowing many devices to share one public address.
14. What is the difference between MAC address and IP address?
A MAC address (Media Access Control) is a hardware address burned into the NIC — it is a 48-bit address (e.g., 00:1A:2B:3C:4D:5E) unique to each physical device globally. It operates at Layer 2 and is used for local network communication. An IP address is a logical address assigned by software (Layer 3) used for routing packets across networks. IP addresses can change; MAC addresses are permanent (though they can be spoofed).
15. What is the MAC address and how is it related to NIC?
A MAC (Media Access Control) address is a unique 48-bit identifier assigned to a Network Interface Card (NIC) by the manufacturer. It is written as six pairs of hexadecimal digits (e.g., AA:BB:CC:DD:EE:FF). The first three pairs identify the manufacturer (OUI), and the last three are device-specific. MAC addresses are used in Ethernet and Wi-Fi for device identification within a local network segment. Each NIC has exactly one factory-assigned MAC address.
16. How can you identify the IP class of a given IP address?
IP classes are determined by the first octet: Class A: 1–126 (e.g., 10.x.x.x) — large networks, 8-bit network part. Class B: 128–191 (e.g., 172.16.x.x) — medium networks, 16-bit network part. Class C: 192–223 (e.g., 192.168.x.x) — small networks, 24-bit network part. Class D: 224–239 — multicast. Class E: 240–255 — experimental. Note: 127.x.x.x is reserved for loopback.
17. What are some examples of private network addresses?
Private network address examples: Class A: 10.0.0.0/8 — e.g., 10.0.0.1, 10.100.50.25. Class B: 172.16.0.0/12 — e.g., 172.16.0.1, 172.31.255.254. Class C: 192.168.0.0/16 — e.g., 192.168.1.1 (most common home router address), 192.168.0.100. The loopback address 127.0.0.1 (localhost) is also a special reserved address used for local testing.
18. What are the different network protocols that are supported by Windows RRAS services?
Windows RRAS (Routing and Remote Access Service) supports: PPP (Point-to-Point Protocol) for dial-up and VPN connections, PPTP (Point-to-Point Tunneling Protocol) for VPNs, L2TP (Layer 2 Tunneling Protocol) with IPsec for secure VPNs, SSTP (Secure Socket Tunneling Protocol) using HTTPS, IKEv2 for mobile VPN connections, IP routing protocols (RIP, OSPF), and RADIUS for authentication.
19. What are Unicasting, Anycasting, Multicasting, and Broadcasting?
Unicasting: one-to-one communication — a packet is sent from one source to one specific destination (e.g., loading a webpage). Multicasting: one-to-many — sent to a group of interested receivers simultaneously (e.g., video streaming to subscribers). Broadcasting: one-to-all — sent to all devices in a network segment (e.g., ARP requests). Anycasting: one-to-nearest — sent to the nearest member of a group (used in IPv6 and CDN routing to direct users to the closest server).
20. What is the purpose of cables being shielded and having twisted pairs?
Twisted pairs reduce electromagnetic interference (EMI) and crosstalk — twisting two conductors together causes their electromagnetic fields to cancel each other out, reducing signal degradation over distance. Shielding (in STP cables) adds a metal foil or braid around the twisted pairs to provide additional protection against external EMI sources (motors, fluorescent lights, nearby cables). Together they improve signal integrity, especially in electrically noisy environments.
21. What is the difference between IPv4 and IPv6?
IPv4 uses 32-bit addresses (e.g., 192.168.1.1) providing ~4.3 billion addresses — now nearly exhausted. IPv6 uses 128-bit addresses (e.g., 2001:0db8::1) providing ~340 undecillion addresses. IPv6 has a simplified header, built-in IPsec support, better multicast, no need for NAT (every device gets a globally unique address), stateless address autoconfiguration (SLAAC), and eliminates broadcast in favor of multicast. IPv6 also improves routing efficiency with hierarchical addressing.
22. What is the purpose of NAT in IP addressing?
NAT (Network Address Translation) allows multiple devices on a private network to share a single public IP address for internet access. When packets leave the private network, NAT replaces the private source IP with the router's public IP and tracks the mapping in a translation table. Incoming reply packets are translated back to the correct private IP. NAT conserves the limited IPv4 address space and provides a basic level of security by hiding internal addresses.
Security
1. What are different ways of securing a computer network?
Network security measures include: Firewalls (filter traffic by rules), encryption (SSL/TLS, IPsec for data in transit), strong authentication (MFA, certificates), VPNs for secure remote access, network segmentation (VLANs to isolate sensitive areas), IDS/IPS (intrusion detection/prevention systems), regular patching of devices and software, access control lists (ACLs), disabling unused ports and services, and network monitoring for anomalous traffic.
2. What is the importance of implementing a Fault Tolerance System? Are there limitations?
Fault tolerance ensures a network continues operating even when one or more components fail, by using redundancy (duplicate links, devices, or power). This is critical for business continuity. Limitations: it significantly increases cost (duplicate hardware), adds complexity to configuration and management, and redundant components can introduce new failure points if not properly maintained. There is also a trade-off between the level of redundancy and the cost of implementation.
3. What is the importance of Encryption on a network?
Encryption protects data in transit from eavesdropping and tampering. Without encryption, anyone with network access can read packets using a packet sniffer — capturing passwords, personal data, or business secrets. Protocols like HTTPS (TLS), SSH, and IPsec encrypt data so only the intended recipient can decrypt it. Encryption also ensures data integrity (detecting tampering) and authentication (verifying the sender's identity).
4. What are firewalls?
A firewall is a network security device (hardware or software) that monitors and filters incoming and outgoing network traffic based on predefined security rules. It creates a barrier between trusted internal networks and untrusted external networks. Firewalls can work at different layers — packet filtering (Layer 3/4), stateful inspection (tracking connection state), and application-layer firewalls (inspecting packet content). They block unauthorized access while permitting legitimate traffic.
5. What is DoS (Denial of Service)?
A DoS (Denial of Service) attack attempts to make a network resource, server, or service unavailable by overwhelming it with traffic or requests, exhausting bandwidth, memory, or CPU resources. A DDoS (Distributed DoS) uses thousands of compromised machines (botnet) to amplify the attack, making it much harder to block. Common types include SYN floods, UDP floods, and HTTP floods. Mitigations include rate limiting, traffic scrubbing, and CDN-based DDoS protection.
6. What are proxy servers and how do they protect computer networks?
A proxy server acts as an intermediary between client devices and the internet. Clients send requests to the proxy, which forwards them on their behalf. Security benefits: it hides internal IP addresses (clients appear as the proxy's IP), filters malicious websites and content, caches frequently accessed content (reducing bandwidth), logs web activity for auditing, and can enforce access policies. Reverse proxies protect servers by handling incoming requests and shielding the backend.
7. What is the importance of authentication?
Authentication verifies the identity of users, devices, or systems before granting network access. Without authentication, anyone could access network resources. Strong authentication prevents unauthorized access, data breaches, and insider threats. Forms include passwords, certificates, biometrics, and multi-factor authentication (MFA). Network authentication protocols include RADIUS, TACACS+, and Kerberos. Authentication is the first line of defense in any network security model.
8. One way of securing a network is through the use of passwords. What can be considered as good passwords?
Strong passwords: are at least 12–16 characters long, use a mix of uppercase, lowercase, numbers, and special characters, do not contain dictionary words or personal information (name, birthday), are unique for each account/system, and are changed regularly. Best practices include using a password manager, enabling MFA alongside passwords, and avoiding password reuse. Passphrases (long sequences of random words) are both strong and memorable.
9. What are the different factors that affect the security of a network?
Key factors: Physical security (preventing unauthorized physical access to devices), access control (who can access what), patch management (keeping firmware and software up to date), encryption strength, user awareness (phishing resistance), network monitoring (detecting anomalies), firewall and IDS configuration, password policies, insider threats, and third-party/vendor security. A network is only as secure as its weakest link.
10. What is the role of IEEE in computer networking?
The IEEE (Institute of Electrical and Electronics Engineers) develops and publishes international standards for networking and telecommunications. The most important networking standards come from the IEEE 802 committee: 802.3 (Ethernet), 802.11 (Wi-Fi), 802.15 (Bluetooth, Zigbee), 802.1Q (VLANs). These standards ensure interoperability between equipment from different manufacturers across the globe.
11. What is a DDoS attack?
A DDoS (Distributed Denial of Service) attack uses a large number of compromised computers (a botnet) to flood a target server or network with overwhelming traffic, making it unavailable to legitimate users. Unlike a DoS attack from a single source, DDoS is distributed across thousands of IPs, making blocking difficult. Attack types include volumetric (bandwidth exhaustion), protocol (SYN floods), and application layer (HTTP floods). Defenses include rate limiting, BGP blackholing, and DDoS scrubbing services.
12. Explain the differences between symmetric and asymmetric encryption.
Symmetric encryption uses the same key for both encryption and decryption (e.g., AES). It is fast and efficient for large data volumes but requires a secure way to share the key. Asymmetric encryption uses a public key (shared openly) for encryption and a private key (kept secret) for decryption (e.g., RSA, ECC). It solves the key distribution problem but is slower. In practice, asymmetric encryption is used to securely exchange a symmetric key (as in TLS handshakes), and then symmetric encryption handles the bulk data.
Devices & Hardware
1. What is NIC?
A NIC (Network Interface Card) is a hardware component that enables a computer or device to connect to a network. It provides the physical interface for network communication — handling the conversion between digital data and electrical/optical/wireless signals. Each NIC has a unique MAC address burned in by the manufacturer. NICs can be wired (Ethernet) or wireless (Wi-Fi adapters) and operate at Layer 1 and Layer 2 of the OSI model.
2. What is the maximum length allowed for a UTP cable?
The maximum segment length for UTP (Unshielded Twisted Pair) cable in standard Ethernet (100Base-TX, 1000Base-T) is 100 meters (328 feet). Beyond this length, signal attenuation causes data errors and unreliable communication. To extend beyond 100 meters, a network switch or repeater must be used to regenerate the signal.
3. What is the standard color sequence of a straight-through cable?
A straight-through cable follows the T568B standard on both ends: White-Orange, Orange, White-Green, Blue, White-Blue, Green, White-Brown, Brown. Both ends are wired identically. Straight-through cables connect dissimilar devices (PC to switch, switch to router). Crossover cables (T568A on one end, T568B on the other) connect similar devices (PC to PC, switch to switch), though modern auto-MDI/MDIX ports make crossover cables largely unnecessary.
4. What is the difference between a hub and a switch?
A hub operates at Layer 1 (Physical) and broadcasts all incoming data to every connected port regardless of destination — all devices share the same collision domain and bandwidth. A switch operates at Layer 2 (Data Link) and uses MAC address tables to forward frames only to the specific port where the destination device is connected. Switches create separate collision domains per port, dramatically improving performance and security over hubs.
5. What is the maximum segment length of a 100Base-FX network?
100Base-FX uses multimode fiber optic cable. The maximum segment length is 412 meters in half-duplex mode and 2,000 meters (2 km) in full-duplex mode. Using single-mode fiber with appropriate transceivers can extend this significantly further (up to 10 km or more). Fiber is used when distances exceed UTP limits or when electrical isolation is required.
6. What is the proper termination rate for UTP cables?
UTP cables should be terminated at both ends with 100 Ohm impedance to match the characteristic impedance of the cable and prevent signal reflections. Improper termination causes signal reflections that interfere with data transmission and reduce network reliability. This is handled automatically by the RJ-45 connectors and proper crimping technique in standard Ethernet installations.
7. What happens when you use cables longer than the prescribed length?
Exceeding the maximum cable length (100m for UTP Ethernet) causes signal attenuation — the signal weakens as it travels further. This leads to: increased bit error rates, dropped packets, intermittent connectivity, and potential complete communication failure. The network may appear to work at first but will degrade under load or show CRC errors. The solution is to add a switch or repeater at the 100-meter mark to regenerate the signal.
8. What is the number of network IDs in a Class C network?
A Class C network uses the first 3 octets (24 bits) for the network ID. With the first 3 bits fixed as 110, there are 2,097,152 (2^21) possible Class C network IDs. Each Class C network supports 254 usable host addresses (2^8 - 2, subtracting network and broadcast addresses). Class C is commonly used for small networks like home and small office networks (e.g., 192.168.1.x).
9. What is multiplexing in networking?
Multiplexing is a technique that combines multiple signals or data streams over a single shared communication channel, maximizing bandwidth utilization. Types include: TDM (Time Division Multiplexing) — each signal gets a fixed time slot. FDM (Frequency Division Multiplexing) — each signal uses a different frequency band (used in cable TV, radio). WDM (Wavelength Division Multiplexing) — multiple light wavelengths on one fiber. Statistical Multiplexing — bandwidth is allocated dynamically based on demand (used in packet networks).
10. What is the network ID of a Class A, B, and C network?
Class A: First octet is the network ID (8-bit network, 24-bit host). Range: 1.0.0.0 – 126.255.255.255. Default mask: 255.0.0.0. Class B: First two octets are the network ID (16-bit network, 16-bit host). Range: 128.0.0.0 – 191.255.255.255. Default mask: 255.255.0.0. Class C: First three octets are the network ID (24-bit network, 8-bit host). Range: 192.0.0.0 – 223.255.255.255. Default mask: 255.255.255.0.
11. What is a router and how does it differ from a switch?
A router operates at Layer 3 (Network Layer) and routes packets between different networks based on IP addresses. It maintains routing tables and makes forwarding decisions using routing protocols. A switch operates at Layer 2 (Data Link Layer) and forwards frames within the same network segment based on MAC addresses. Routers connect different networks (your LAN to the internet); switches connect devices within the same network.
12. What is a firewall?
A firewall is a network security system that monitors and controls network traffic based on predefined security rules. It acts as a barrier between a trusted internal network and untrusted external networks. Firewalls can be hardware appliances or software. Types include packet-filtering (inspects headers), stateful inspection (tracks connection state), application-layer (deep packet inspection), and next-generation firewalls (NGFW) that combine all of the above with threat intelligence.
Networking Configuration & Commands
1. What is ipconfig?
ipconfig is a Windows command-line utility that displays the current IP configuration of network interfaces — including IP address, subnet mask, and default gateway. ipconfig /all shows detailed info including MAC address, DHCP server, and DNS servers. ipconfig /release releases the DHCP lease; ipconfig /renew requests a new IP from the DHCP server; ipconfig /flushdns clears the DNS resolver cache.
2. What is the difference between a straight-through and crossover cable?
A straight-through cable has identical wiring on both ends (T568B–T568B) and connects dissimilar devices — PC to switch, switch to router. A crossover cable has different wiring on each end (T568A on one end, T568B on the other) and connects similar devices — PC to PC, switch to switch. It crosses the transmit and receive pairs so each device's transmitter connects to the other's receiver. Modern NICs with auto-MDI/MDIX detect and adjust automatically, making crossover cables largely obsolete.
3. What is netstat?
netstat (network statistics) is a command-line tool that displays active network connections, listening ports, routing tables, and protocol statistics. Common uses: netstat -an shows all connections and ports with numeric addresses; netstat -r shows the routing table; netstat -s shows per-protocol statistics. It is useful for diagnosing which ports are open, what connections are established, and detecting suspicious network activity.
4. What is tracert?
tracert (Windows) / traceroute (Linux/Mac) traces the path packets take from the source to a destination, showing each hop (router) along the way and the round-trip time for each. It works by sending packets with incrementally increasing TTL (Time to Live) values. When TTL expires at a router, that router sends an ICMP "Time Exceeded" message back, revealing its IP address. It's used to diagnose routing issues and identify where latency or packet loss occurs.
5. How can you manage a network using a router?
A router can be managed via: Web interface (browser-based GUI — most common for home routers), CLI (Command Line Interface) via console port, Telnet, or SSH (for enterprise routers like Cisco IOS), SNMP (Simple Network Management Protocol) for automated monitoring, NETCONF/YANG for modern programmatic management, and Network Management Systems (NMS) like SolarWinds or PRTG. Enterprise routers support VLAN configuration, ACLs, QoS, and routing protocol setup.
6. What is the difference between ipconfig and ifconfig?
ipconfig is a Windows command-line tool for viewing and managing IP configuration. ifconfig is the Linux/Unix equivalent — it displays and configures network interface parameters (IP address, netmask, broadcast). On modern Linux systems, ip addr (from the iproute2 package) has replaced ifconfig as the preferred tool, offering more features. Both perform similar functions but are specific to their respective operating systems.
7. How are IP addresses arranged and displayed?
IPv4 addresses are 32-bit numbers displayed in dotted-decimal notation — four octets (8-bit groups) separated by dots, each ranging from 0 to 255 (e.g., 192.168.1.100). IPv6 addresses are 128-bit numbers displayed in colon-hexadecimal notation — eight groups of 4 hex digits separated by colons (e.g., 2001:0db8:85a3:0000:0000:8a2e:0370:7334), with consecutive zero groups compressed as ::.
8. What is the function of the OSI Session Layer?
The Session Layer (Layer 5) establishes, manages, and terminates communication sessions between applications. It handles session setup (authentication, authorization), maintenance (keeping sessions alive, handling session failures), and teardown (gracefully closing sessions). It also manages dialog control (half-duplex vs full-duplex) and synchronization (checkpointing for recovery). Examples: NetBIOS, RPC (Remote Procedure Call), and session management in web applications.
9. What is the difference between TCP and UDP?
TCP (Transmission Control Protocol) is connection-oriented, reliable, and ordered. It establishes a connection via three-way handshake, guarantees delivery with acknowledgments, retransmits lost packets, and ensures data arrives in order. Used for HTTP, FTP, email, SSH. UDP (User Datagram Protocol) is connectionless, fast, and unreliable. It sends data without establishing a connection, no acknowledgments or retransmission. Used for DNS, video streaming, online gaming, VoIP — where speed matters more than perfect reliability.
10. What is the difference between a client/server model and a peer-to-peer model?
In a client/server model, dedicated servers provide resources/services and clients request them. The server is always on, clients may connect anytime. Centralized control simplifies management and security. Examples: web servers, email servers, databases. In a peer-to-peer (P2P) model, all nodes are equal — each can act as both client and server. Decentralized, scales naturally with more peers. Examples: BitTorrent, blockchain networks. P2P is harder to manage and secure but highly resilient.
Advanced Networking
1. What is the RSA algorithm?
RSA (Rivest–Shamir–Adleman) is a widely used asymmetric (public-key) encryption algorithm based on the mathematical difficulty of factoring the product of two large prime numbers. It uses a public key (for encryption or signature verification) and a private key (for decryption or signing). RSA is used in SSL/TLS handshakes, digital signatures, and secure key exchange. Common key sizes are 2048 and 4096 bits. RSA is slower than symmetric algorithms and is typically used only to exchange symmetric keys.
2. What is the difference between CSMA/CD and CSMA/CA?
CSMA/CD (Carrier Sense Multiple Access with Collision Detection) is used in wired Ethernet. Devices listen before transmitting; if a collision is detected during transmission, they stop, wait a random backoff time, and retry. CSMA/CA (Collision Avoidance) is used in wireless networks (Wi-Fi/802.11). Since collisions can't be reliably detected in wireless, devices try to avoid them by using random backoff before transmission and optionally using RTS/CTS (Request to Send/Clear to Send) handshakes.
3. What are gateways?
A gateway is a network device that serves as an entry/exit point between two networks — often translating between different protocols or architectures. The default gateway in your network is typically a router that connects your LAN to the internet. In enterprise contexts, application gateways can translate between email protocols, VoIP protocols, or cloud services. Gateways operate at higher OSI layers (up to Layer 7) than routers, which work at Layer 3.
4. What is the difference between a gateway and router?
A router operates at Layer 3 and routes packets between networks using IP addresses — it connects networks using the same protocol family. A gateway is a more general term for a device that connects two networks that may use different protocols and performs protocol translation. All routers can be called gateways in the sense that they are the exit point from one network, but a true protocol gateway translates between incompatible systems (e.g., connecting a TCP/IP network to an IBM SNA network).
5. What is IP addressing? What is an IPv4 address?
IP addressing is the system of assigning unique numerical identifiers to every device on a network, enabling routing of packets across the internet. An IPv4 address is a 32-bit number displayed in dotted-decimal notation (e.g., 192.168.0.1), divided into a network portion (identifying the network) and a host portion (identifying the device within that network). Subnet masks or CIDR notation (e.g., /24) define where the network portion ends.
6. What is the criteria to check the network reliability?
Network reliability is measured by: Uptime/availability (percentage of time the network is operational, e.g., 99.99%), packet loss rate (percentage of packets that don't reach their destination), latency (round-trip time), jitter (variation in latency — critical for VoIP), mean time between failures (MTBF), mean time to repair (MTTR), bandwidth consistency, and error rates. Reliable networks use redundant paths, quality hardware, and proactive monitoring.
7. What is subnetting and why is it important?
Subnetting divides a large IP network into smaller sub-networks (subnets) by borrowing bits from the host portion of the IP address. Importance: Efficient IP allocation (avoid wasting large address blocks), security (isolate different departments or user groups), reduced broadcast traffic (broadcasts are contained within subnets), improved performance (smaller broadcast domains), and easier network management. CIDR notation (e.g., /24) indicates the number of bits in the subnet mask.
8. How does dynamic host configuration protocol aid in network administration?
DHCP eliminates the need for manual IP configuration on each device. When a device joins the network, it automatically receives an IP address, subnet mask, default gateway, and DNS server from the DHCP server. This reduces configuration errors, simplifies management of large networks, enables devices to move between networks easily, and allows IP addresses to be reused when devices leave. DHCP servers maintain lease tables showing which IP is assigned to which device and for how long.
9. What is the difference between the IP address and the MAC address?
An IP address is a logical, software-assigned address (Layer 3) used for routing across networks — it can change when a device moves to a different network. A MAC address is a physical, hardware-burned address (Layer 2) used for communication within a local network segment — it stays with the NIC regardless of network. ARP bridges the two: it maps IP addresses to MAC addresses so that Layer 3 routing decisions can be translated to Layer 2 frame delivery.
10. What is a subnet mask?
A subnet mask is a 32-bit number that separates the network portion from the host portion of an IP address. Written in dotted-decimal (e.g., 255.255.255.0) or CIDR notation (/24). ANDing an IP address with the subnet mask gives the network address. Example: IP 192.168.1.100 with mask 255.255.255.0 → network 192.168.1.0, host .100. A /24 mask means 24 bits for network, 8 bits for hosts (256 addresses, 254 usable).
11. What is NAT (Network Address Translation)?
NAT modifies IP address information in packet headers as traffic crosses a router, typically translating private internal IP addresses to a single public IP address for internet access. Static NAT: one-to-one fixed mapping. Dynamic NAT: maps from a pool of public IPs. PAT (Port Address Translation / NAT Overload): many-to-one mapping using different port numbers to distinguish connections — this is how most home routers work. NAT conserves IPv4 addresses and hides internal network topology.
12. What is the function of the OSI Session Layer?
The Session Layer (Layer 5) is responsible for establishing, maintaining, and terminating sessions between two communicating applications. It manages: session establishment (authentication and authorization), session maintenance (keeping a session alive, handling network interruptions with reconnection), dialog control (managing who can transmit when), and synchronization (placing checkpoints in data streams to allow recovery from failures without restarting the entire transfer).
13. What are proxy servers and how do they protect computer networks?
Proxy servers sit between clients and servers, forwarding requests on clients' behalf. Protection mechanisms: they hide internal IP addresses (clients appear to external servers as the proxy), filter content (blocking malicious sites, inappropriate content), cache content (reducing load and bandwidth), log activity (for security auditing), and can enforce access policies. Reverse proxies protect web servers by absorbing incoming traffic, providing load balancing, and shielding backend servers from direct exposure.
14. What is the concept of a subnet mask and how is it used in IP addressing?
A subnet mask defines which portion of an IP address identifies the network and which identifies the host. Binary 1 bits mark the network portion; 0 bits mark the host portion. A device performs a bitwise AND of its IP address and subnet mask to determine its network address, then checks if a destination is on the same network (direct delivery) or a different network (send to gateway). CIDR notation like /24 means the first 24 bits are the network portion.
15. What is BGP (Border Gateway Protocol)?
BGP (Border Gateway Protocol) is the routing protocol of the internet — it manages how packets are routed between autonomous systems (AS), the large networks operated by ISPs, cloud providers, and enterprises. BGP is a path-vector protocol that chooses routes based on policies and path attributes rather than just distance. iBGP operates within an AS; eBGP operates between AS. BGP is responsible for the global internet routing table and is critical infrastructure for internet stability.
16. What is BGP (Border Gateway Protocol)?
Already covered in question 15 above.
Miscellaneous
1. What is the purpose of the OSI Physical Layer?
The Physical Layer (Layer 1) is responsible for transmitting raw bits over a physical medium. It defines the electrical, optical, or wireless signals used to represent 0s and 1s, the physical connectors and cables (RJ-45, fiber, coax), voltage levels, bit timing, and transmission modes (simplex, half-duplex, full-duplex). Examples: Ethernet cables, fiber optic, Wi-Fi radio waves, and hubs all operate at the Physical Layer.
2. What is the main job of ARP?
ARP (Address Resolution Protocol) resolves an IP address to its corresponding MAC address within a local network. When a device needs to communicate with another device on the same subnet and knows only the IP address, it broadcasts an ARP request. The device with that IP responds with its MAC address. This mapping is cached in the ARP table. ARP is essential because data link layer frames (Ethernet) use MAC addresses, not IP addresses, for local delivery.
3. What is DNS forwarder?
A DNS forwarder is a DNS server configured to forward DNS queries it cannot resolve locally to another DNS server (typically the ISP's DNS or a public DNS like 8.8.8.8). This is used to reduce the load on a local DNS server, improve resolution speed, and maintain a hierarchy. An organization's internal DNS server resolves internal names itself and forwards all other queries to an external DNS forwarder, keeping internal network topology hidden from external resolvers.
4. What is the difference between the ipconfig and ifconfig?
ipconfig is used on Windows to display and manage network interface configuration. ifconfig is used on Linux/Unix systems for the same purpose. Both show IP address, subnet mask, and other interface parameters. On modern Linux systems, ifconfig has been deprecated in favor of the ip command (e.g., ip addr show). The syntax and output format differ, but functionally they serve the same purpose of inspecting and configuring network interfaces.
5. What is a congested switch?
A congested switch occurs when the total incoming traffic across its ports exceeds the switch's backplane capacity or when a single output port is overwhelmed by traffic from multiple input ports. When congested, the switch must buffer packets or drop them (tail drop or RED). Signs include increased latency, packet loss, and retransmissions. Solutions include upgrading to higher-capacity switches, implementing QoS (Quality of Service) to prioritize critical traffic, and optimizing network design.
6. What is the importance of VLANs in networking?
VLANs (Virtual Local Area Networks) logically segment a physical network into multiple isolated broadcast domains without requiring separate physical switches. Benefits: Security — isolates sensitive segments (finance, HR) from general users. Reduced broadcast traffic — broadcasts are contained within each VLAN. Flexibility — users in different physical locations can be in the same VLAN. Simplified management — logical grouping by function rather than physical location. VLANs are configured on switches using 802.1Q tagging.
7. What is the role of IEEE in computer networking?
The IEEE (Institute of Electrical and Electronics Engineers) develops and maintains international standards that ensure interoperability of networking equipment from different vendors. Key IEEE 802 networking standards: 802.3 (Ethernet — wired LAN), 802.11 (Wi-Fi — wireless LAN, including 802.11a/b/g/n/ac/ax), 802.15 (Bluetooth, Zigbee — personal area networks), 802.1Q (VLANs), and 802.1X (port-based network access control). Without IEEE standards, devices from different manufacturers would be incompatible.
8. What are the different factors that affect the performance of a network?
Key performance factors: Bandwidth (total capacity of the link), latency (delay in transmission — affected by distance and propagation speed), jitter (variation in latency), packet loss (corrupted or dropped packets trigger retransmissions), congestion (too much traffic for available capacity), hardware quality (switches, NICs, cables), protocol overhead (headers, acknowledgments consume bandwidth), interference (for wireless networks), and number of hops (each router adds processing delay).
Struggling to Find a Job? These Startups Are Hiring ✅ Startup lits