Uploaded by Shaju Afridi

20 Questions for Network Engg - Questions&ans

advertisement
20 Questions for Network Maintenance Specialist
1. How would you describe what a 1:1 NAT does?
Answer: This is for mapping one IP to another IP .
2. How would you check from Command Prompt to see what each IP address corresponds to each
device on a network?
Answer: sho ip interface brief .
3. A client has reported that SSL VPN is completely inoperable for all remote users, yet a check of
the firewall shows that the gateway is up and responsive to queries. What is a common cause
that would produce this issue?
Answer: I will check my firewall internet connectivity status .I will ping 8.8.8.8 from firewall
whether it’s reachable or not.
4. Remote users call in and report that sometimes the SSL VPN works and sometimes it doesn’t
with no given pattern to the behavior. You check the firewall and see there are two WAN ports
configured in failover. What would you need to check to see why the VPN is constantly going up
and down for everyone?
Answer: I will check firewall Wan port stability. I will make sure thre is no flap in interface.
5. You have two devices plugged into the same switch that can’t communicate with each other.
You’ve checked the cables and switch ports and verified that they are both functioning properly,
and each device has internet access. You’ve run ipconfig /all on both devices and verified that
they don’t have APIPA addresses. What would you need to check next to further isolate the
issue?
Answer:I will check both the switch ports are assign to vlan or not .I will subnet of ip being
assigned both the devices.
6. A client has scheduled to have new IP cameras installed on the network. The technician installs
them but says that they aren’t remotely visible from their phone app or their web portal. The
technician says that they usually need the IT people to do something to make a specific port
accessible on the firewall to get them to work. What is the technician referring to?
Answer: to make sure camera port are allowed in firewall rule or not.
7. A client submits a ticket saying that several users can’t get on the internal Wi-Fi network. You get
into the wireless controller and see that it is setup for RADIUS authentication. What is the next
thing you should check to see why authentication might be failing?
Answer: in our network we have ise deployed , so I used to check ise logs authentication is
getting success ir not .If it’s not getting success I used to verify the authentication policy created on ISe
and verify the AD server status associated with ISE.
8. You are troubleshooting a VPN authentication issue for a user and check the firewall to see that
VPN authentication is set to LDAP. You look on the server that LDAP authentication is set to and
verify that the Active Directory account is enabled and not locked. What is the next thing you
should check to isolate why the authentication is failing?
Answer: As a firewall engineer I will verify Ldap server connection status between the firewall
and Ldap is fine.If still user authentication is falling I will engage AD team to verify Ldap event logs that
user authentication logs.
9. A user calls in reporting that they have no internet access. You walk the user through accessing
command prompt and running the ipconfig command. You ask what their IP address and they
tell you that it is 169.254.3.68. What does this mean?
Answer: I will try in user command prompt to release and renew the ip as its apipa ip.
10. A client has reported that they are unable to access network shares on their network. You’ve
tested with a few of the users and verified that you get a “resource not found” error with no
prompt for domain login. Each user you test with has internet access. What would you need to
check next to further isolate this behavior?
Answer:
11. Two different users have contacted us to state that they have no internet or access to internal
resources. You’ve reached out to both users and checked their network settings and verified that
they both have the same IP address. You check the DHCP server, which is the primary domain
controller, and the DNS server entry for the IP address shows “BAD_ADDRESS”. What are some
likely causes of this behavior?
Answer: mostly this is part of window team work , I am not aware about this issue.
12. A client has opened a ticket stating that they recently moved their desk and computer
equipment to a new office, but that their internet is working while their network share access
and VoIP phone aren’t working. You remote in and verify that the workstation has a DHCP
address of 10.1.20.167 with a gateway of 10.1.20.1, but your documentation for the client shows
that they should be on an internal subnet of 10.1.10.X with a gateway of 10.1.10.1. What would
be the next thing to check and verify to isolate the issue?
Answer:I will verify the switch port are associated with correct vlan or not .
13. You are assigned a ticket where the user is complaining that everyone in the office gets 500
Mbps download and upload, but they only get 100 Mbps download and upload. You’ve traced
the port that their workstation is plugged into back to the switch and verified that the switch and
switch port are both Gigabit. You’ve checked the switch configuration since it’s layer 3 and
verified that there are no bandwidth limitations on the port. What should you check next to
isolate the issue?
Answer: I will check in firewall to make sure thre is no restrictions of bandwidth for internet
access.
14. One of your clients informs you that for some time users have been randomly experiencing
issues when accessing the network/internet for both wired and wireless clients. You check the
hardware (switches, WAP’s, workstations, etc.) and verify they are all properly configured and
healthy. There is no pattern to the behavior from what anyone who has experienced it can tell.
What is the next thing you should check to isolate the issue?
Answer:
15. You have a client that is reporting that several wireless users and devices have issues with their
connection speeds and signal strength. You check the wireless controller and see that the 2.4
GHz band is at 88% utilization while the 5 GHz band is only showing 4% utilization. You look at
the connected devices in the appropriate area of the controller and verify that most of them are
relatively new (manufactured within the past 3-4 years). What wireless setting should you check
to isolate why this is happening?
Answer:
16. A client has run out of DHCP addresses in their scope but needs to add many wireless handheld
scanners to their network. They were provided with a proposal and quote to change the IP
schema to increase their network subnet, but they rejected it due to budget constraints. They
don’t want to purchase any new hardware as they are already over budget due to the price of
the handheld scanners. You check the wireless controller and the DHCP server (the firewall) and
find that it is a flat setup with no VLAN’s. What is the best way to resolve their need for more IP
addresses without purchasing more equipment or restructuring the IP schema?
Answer:we can supernet the ip.
17. A client has signed up for a new cloud-based VoIP phone system and the technician has reached
out to you during installation. They are reporting that their phones are giving them an error that
they can’t reach the cloud servers, which is preventing them from working. You were provided
the firewall setup documentation beforehand and configured all the rules the VoIP provider
requested beforehand and have verified in the logs that the forward traffic is being routed
without denial. You check the ISP router and verify that there’s nothing that would block the
ports required by the phones to communicate. What should you check next to isolate the issue?
Answer:I will check in firewall that there sent and received packet available or not. I will run
wireshark between the two host to check communication.
18. What is the minimum amount of information necessary to set up a site-to-site VPN (IPSEC)
tunnel?
Answer:Required phase 1 and phase 2 information like Authentication, Hash ,DH group , life
time and Peer IP
19. How does the order of firewall policies impact enforcement upon network traffic?
Answer: Top to Bottoms
20. What is the best tool or process to isolate what is happening with traffic between two nodes on
a network?
Answer: Wireshark
Download