| 1 - Physical |
What are the differences between single-mode and multi-mode fiber in terms of distance and bandwidth? |
Single-mode fiber (SMF) supports longer distances (up to 40 km) using a small core and a laser light source, while multi-mode fiber (MMF) is limited to shorter distances (typically up to 550m) using an LED light source. |
SMF is preferred for long-haul and metro networks, whereas MMF is used in short-range applications like data centers. |
| 1 - Physical |
How does signal attenuation affect network performance, and how can you mitigate it in fiber and copper cabling? |
Signal attenuation weakens signals over distance. In copper, use repeaters or shorter cables. In fiber, use higher-quality optics and proper splicing. |
Attenuation leads to packet loss and slower speeds; fiber is less prone to interference than copper. |
| 2 - Data Link |
What is the difference between VLANs and VXLANs, and how do they impact network segmentation? |
VLANs segment Layer 2 traffic within a local network, while VXLANs extend Layer 2 segments over Layer 3 using encapsulation (UDP port 4789). |
VXLANs allow scalability beyond traditional VLANs (4094 limit) and support multi-tenant cloud environments. |
| 2 - Data Link |
Explain how Spanning Tree Protocol (STP) prevents network loops and describe one alternative protocol that can replace STP. |
STP detects and disables redundant links to prevent loops, using a root bridge election. Alternative: RSTP (Rapid STP) provides faster convergence, or TRILL/SPB eliminates the need for STP by using shortest-path forwarding. |
Without STP, broadcast storms can cripple networks. Modern alternatives improve convergence and efficiency. |
| 3 - Network |
How does BGP determine the best route to a destination, and what factors can influence its decision? |
BGP selects the best path using attributes like AS-Path (shortest route wins), Local Preference (higher is better), MED (lower is preferred), and Next-Hop reachability. |
BGP is a path-vector protocol used for inter-domain routing and is critical for internet and ISP-level routing. |
| 3 - Network |
Explain the difference between NAT, PAT, and how they impact IPv4 addressing in a corporate environment. |
NAT (Network Address Translation) maps private IPs to a public IP; PAT (Port Address Translation) allows multiple private IPs to share one public IP using port numbers. |
PAT is widely used in enterprises to conserve public IPs, enabling many devices to access the internet using a single IP. |
| 4 - Transport |
Compare and contrast TCP and UDP. In what scenarios would you choose one over the other? |
TCP is reliable (error checking, retransmissions) and used for HTTP, SSH, etc. UDP is faster but unreliable, used for VoIP, DNS, and video streaming. |
TCP is preferred for critical applications, while UDP is used when low latency is required. |
| 4 - Transport |
Explain the significance of the TCP three-way handshake and how it impacts security vulnerabilities such as SYN floods. |
The handshake (SYN → SYN-ACK → ACK) establishes a connection. SYN flood attacks exploit this by sending repeated SYNs without completing the handshake. |
Firewalls and SYN cookies can help mitigate SYN flood attacks by preventing resource exhaustion. |
| 5 - Session |
How does SSL/TLS establish a secure session between a client and a server? |
It uses asymmetric encryption for key exchange (handshake) and symmetric encryption for data transfer (AES, ChaCha20). |
TLS ensures confidentiality, integrity, and authentication using certificates (X.509). |
| 5 - Session |
What is the role of session persistence (sticky sessions) in load balancing, and how does it affect performance? |
It ensures requests from the same client go to the same backend server, improving user experience. |
While helpful for stateful applications, it can cause uneven load distribution if not managed properly. |
| 6 - Presentation |
How do encryption and compression impact network performance at the presentation layer? |
Encryption secures data but increases CPU usage. Compression reduces data size, improving transmission speeds. |
Balancing security (encryption) and efficiency (compression) is key in optimizing network performance. |
| 6 - Presentation |
Explain the difference between Base64 encoding and actual encryption. In what scenarios would you use each? |
Base64 encodes data for safe transport but is reversible. Encryption (AES, RSA, etc.) secures data by making it unreadable without a key. |
Use Base64 for data encoding (e.g., email attachments). Use encryption for security (e.g., passwords, confidential data). |
| 7 - Application |
What are the differences between HTTP/1.1, HTTP/2, and HTTP/3 in terms of performance and security? |
HTTP/1.1 uses sequential requests; HTTP/2 introduces multiplexing and header compression; HTTP/3 uses QUIC for lower latency and better security. |
HTTP/3 improves web performance by reducing round-trip delays and mitigating TCP head-of-line blocking. |
| 7 - Application |
How does DNS caching work, and what are the security risks associated with DNS cache poisoning? |
DNS caching stores query results locally to speed up lookups. Cache poisoning injects malicious IP mappings into caches, redirecting users to fraudulent sites. |
Mitigations include DNSSEC (signing records) and validating responses to prevent tampering. |
| 7 - Application |
What is the role of an API gateway in modern cloud networking, and how does it impact microservices architectures? |
It manages API traffic, enforcing authentication, rate limiting, and load balancing for microservices. |
API gateways help decouple services, improve security, and enable scalable architectures. |
No Comments