1. How does TCP handshake work? Transmission Control Protocol/Internet Protocol. There are 3 steps.
1. Local device sends sequence number and maximum segment size.
2. Destination device responds by sending its sequence number and maximum segment size back to local device.
3. Local device acknowledges receipt of the sequence number and segment size information.
2. How does SSL handshake work? Secure Sockets Layer. There are 4 steps.
1. Browser checks the certificate to make sure that the site you are connecting to is the real site and not someone intercepting.
2. Determine encryption types that the browser and web site server can both use to understand each other.
3. Browser and Server send each other unique codes to use when scrambling (or encrypting) the information that will be sent.
4. The browser and Server start talking using the encryption, the web browser shows the encrypting icon, and web pages are processed secured.
3. What is the difference between passive FTP and active FTP?
FTP is an unusual protocol in that it uses two ports, one for commands and the other for data. (This is one of the reasons it is superior to HTTP for transferring large files.) Active FTP was invented first. The client initiates a connection on the server’s command port. The server then initiates a connection with the client from its data port. In Passive FTP, the client initiates both connections with the server, which remains “passiveâ€Â.
Active FTP may cause problems if your client is behind a firewall. From the firewall’s point of view, the FTP server that is trying to initiate a connection with your client looks like an intruder and is usually blocked. This is why many users have difficulty using FTP to download files from behind a firewall.
Passive FTP solves this problem, but creates other problems, notably where FTP server security is concerned. The server must listen on a large number of ports. This requires the firewall to let a lot of unqualified traffic through. Most firewall administrators do not like this.
As a rule, you do not need to be concerned about passive and active FTP unless you administer an FTP server or a firewall. If you experience difficulty using your FTP client from behind a firewall, this is likely the reason. Perhaps you should discuss the matter with your firewall administrator.
4. What is the difference between socket and session?
1. An SSL session is a mechanism through which connections can be established by re-using previously negotiated handshakes.
2. A socket is one endpoint of a two-way communication link between two programs running on the network. A socket is bound to a port number so that the TCP layer can identify the application that data is destined to be sent.
5. How does network management station work? Network management stations execute management applications which monitor and control network elements. Network elements are devices such as hosts, gateways, terminal servers, and the like, which have management agents responsible for performing the network management functions requested by the network management stations. The Simple Network Management Protocol (SNMP is used to communicate management information between the network management stations and the agents in the network elements. There are a few network management features that may be used to provide network monitoring for this advisory.
1. Device Availability Monitoring
2. SNMP MIB object monitoring
3. Cisco Service Assurance Agent (Cisco SAA)
4. RMON Alarm and Events
5. Event-MIB
6. CiscoWorks RME Network Show Commands and CLI scripting
6. What are the different phases in VPN establishment? Successful VPN establishment consists of two levels of SA’s known as phases. Phase 1 authentication establishes session keys. Using the Xauth feature, the client waits for a “username/password” challenge after the IKE Phase 1 SA has been established. When the end user responds to the challenge, the response is forwarded to the IPsec peers for an additional level of authentication completing Phase 2.
1. Phase 1 of a 2 phase VPN tunnel establishment process. Phase 1 negotiates the security parameter agreement.
2. Phase 2 of 2 phase VPN tunnel establishment process. Phase 2 uses the agreed parameters from Phase 1 to bring the tunnel up.
7. How does DH (deffie helman) work? Diffie-Hellman key agreement was invented in 1976 during a collaboration between Whitfield Diffie and Martin Hellman and was the first practical method for establishing a shared secret over an unprotected communications channel. Based on Ralph Merkle’s public key cryptosystem. Public key cryptography is a form of cryptography which generally allows users to communicate securely without having prior access to a shared secret key, by using a pair of cryptographic keys, designated as public key and private key, which are related mathematically.
8. What is TCP window sizing? The window size is the maximum number of bytes of data that can be transmitted in one segment. Increasing the window size for a TCP-based file transfer would increase throughput until the slowest link in the path saturates. It would be preferable to have a window size appropriate to the size of the link. There would be less buffering, the ACKs would return more quickly and more of the bandwidth would be used. Ideally you are looking for a Window Size >= Bandwidth * RTT.
9. What is MTU? Maximum Transmission Unit. The greatest amount of data or “packet” size that can be transferred in one physical frame on a network. This packet also contains the header and trailer information, which are like addresses for each packet that are required by the routers on the network.
1. What is MIB..
MIB is Management Information Base - just a database which contains the information of all the managed objects of the particular device.
2. What is OID ….
A MIB contains many object what are know as OID (Object Identifier) to identify that particular object.
eg: RFC1213-MIB have many objects which gives you the basic information of the device, like system name, system location etc.. sysName, sysLocation are all known as OID.
1. How does TCP handshake work? It’s a 3 way handshake. The client sends a SYN packet to the server. The server replies with a SYN packet and acknowledges the client’s SYN packet by sending an ACK packet. The client acknowledges the SYN packet sent by the server. SYN-SYN/ACK-SYN.
2. How does SSL handshake work? The SSL handshake protocol helps determine the session key, a symmetrical key used to encrypt data after a connection has been established. The protocol sends browser’s SSL version number, encryption settings, and other crypto information to the remote host. The remote host sends back its own SSL number and cipher settings back to the client. The server may verify the client’s certificate. The client verifies the server’s CA to make sure the server is authentic. The client creates a premaster secret, a SSL session encrypted using the server’s public key and sent to the server. When the server receives the encrypted premaster secret, the server uses it to verify the client’s identity optionally. Then the premaster secret is decrypted and used to determine the session key.
3. What is the difference between passive FTP and active FTP?
With active FTP, a client connects to server’s command port 21 from any port n > 1023. Server responds from port 21 to client’s control port. The server initiates a connection from the server data port 20 to the client’s data port n+1. Client sends ACK to the server’s data port. In passive mode, both connections are initiated by the client. The client opens 2 random ports locally, n>1023 and n+1, sending PASV to the server’s command port 21. The server opens port m >1023 and then the client initiates the connection from port N+1 to the server’s data port m.
6 Comments on Network developer interview questions
What is TCP window sizing
1. How does TCP handshake work? Transmission Control Protocol/Internet Protocol. There are 3 steps.
1. Local device sends sequence number and maximum segment size.
2. Destination device responds by sending its sequence number and maximum segment size back to local device.
3. Local device acknowledges receipt of the sequence number and segment size information.
2. How does SSL handshake work? Secure Sockets Layer. There are 4 steps.
1. Browser checks the certificate to make sure that the site you are connecting to is the real site and not someone intercepting.
2. Determine encryption types that the browser and web site server can both use to understand each other.
3. Browser and Server send each other unique codes to use when scrambling (or encrypting) the information that will be sent.
4. The browser and Server start talking using the encryption, the web browser shows the encrypting icon, and web pages are processed secured.
3. What is the difference between passive FTP and active FTP?
FTP is an unusual protocol in that it uses two ports, one for commands and the other for data. (This is one of the reasons it is superior to HTTP for transferring large files.) Active FTP was invented first. The client initiates a connection on the server’s command port. The server then initiates a connection with the client from its data port. In Passive FTP, the client initiates both connections with the server, which remains “passiveâ€Â.
Active FTP may cause problems if your client is behind a firewall. From the firewall’s point of view, the FTP server that is trying to initiate a connection with your client looks like an intruder and is usually blocked. This is why many users have difficulty using FTP to download files from behind a firewall.
Passive FTP solves this problem, but creates other problems, notably where FTP server security is concerned. The server must listen on a large number of ports. This requires the firewall to let a lot of unqualified traffic through. Most firewall administrators do not like this.
As a rule, you do not need to be concerned about passive and active FTP unless you administer an FTP server or a firewall. If you experience difficulty using your FTP client from behind a firewall, this is likely the reason. Perhaps you should discuss the matter with your firewall administrator.
4. What is the difference between socket and session?
1. An SSL session is a mechanism through which connections can be established by re-using previously negotiated handshakes.
2. A socket is one endpoint of a two-way communication link between two programs running on the network. A socket is bound to a port number so that the TCP layer can identify the application that data is destined to be sent.
5. How does network management station work? Network management stations execute management applications which monitor and control network elements. Network elements are devices such as hosts, gateways, terminal servers, and the like, which have management agents responsible for performing the network management functions requested by the network management stations. The Simple Network Management Protocol (SNMP is used to communicate management information between the network management stations and the agents in the network elements. There are a few network management features that may be used to provide network monitoring for this advisory.
1. Device Availability Monitoring
2. SNMP MIB object monitoring
3. Cisco Service Assurance Agent (Cisco SAA)
4. RMON Alarm and Events
5. Event-MIB
6. CiscoWorks RME Network Show Commands and CLI scripting
6. What are the different phases in VPN establishment? Successful VPN establishment consists of two levels of SA’s known as phases. Phase 1 authentication establishes session keys. Using the Xauth feature, the client waits for a “username/password” challenge after the IKE Phase 1 SA has been established. When the end user responds to the challenge, the response is forwarded to the IPsec peers for an additional level of authentication completing Phase 2.
1. Phase 1 of a 2 phase VPN tunnel establishment process. Phase 1 negotiates the security parameter agreement.
2. Phase 2 of 2 phase VPN tunnel establishment process. Phase 2 uses the agreed parameters from Phase 1 to bring the tunnel up.
7. How does DH (deffie helman) work? Diffie-Hellman key agreement was invented in 1976 during a collaboration between Whitfield Diffie and Martin Hellman and was the first practical method for establishing a shared secret over an unprotected communications channel. Based on Ralph Merkle’s public key cryptosystem. Public key cryptography is a form of cryptography which generally allows users to communicate securely without having prior access to a shared secret key, by using a pair of cryptographic keys, designated as public key and private key, which are related mathematically.
8. What is TCP window sizing? The window size is the maximum number of bytes of data that can be transmitted in one segment. Increasing the window size for a TCP-based file transfer would increase throughput until the slowest link in the path saturates. It would be preferable to have a window size appropriate to the size of the link. There would be less buffering, the ACKs would return more quickly and more of the bandwidth would be used. Ideally you are looking for a Window Size >= Bandwidth * RTT.
9. What is MTU? Maximum Transmission Unit. The greatest amount of data or “packet” size that can be transferred in one physical frame on a network. This packet also contains the header and trailer information, which are like addresses for each packet that are required by the routers on the network.
i have doughts in snmp
1)what is mib,where they used
2)whai oids why they used
Hari,
To answer your queries.
1. What is MIB..
MIB is Management Information Base - just a database which contains the information of all the managed objects of the particular device.
2. What is OID ….
A MIB contains many object what are know as OID (Object Identifier) to identify that particular object.
eg: RFC1213-MIB have many objects which gives you the basic information of the device, like system name, system location etc.. sysName, sysLocation are all known as OID.
What is the difference betwenn Reno and new Reno algorithm in TCP?
1. How does TCP handshake work? It’s a 3 way handshake. The client sends a SYN packet to the server. The server replies with a SYN packet and acknowledges the client’s SYN packet by sending an ACK packet. The client acknowledges the SYN packet sent by the server. SYN-SYN/ACK-SYN.
2. How does SSL handshake work? The SSL handshake protocol helps determine the session key, a symmetrical key used to encrypt data after a connection has been established. The protocol sends browser’s SSL version number, encryption settings, and other crypto information to the remote host. The remote host sends back its own SSL number and cipher settings back to the client. The server may verify the client’s certificate. The client verifies the server’s CA to make sure the server is authentic. The client creates a premaster secret, a SSL session encrypted using the server’s public key and sent to the server. When the server receives the encrypted premaster secret, the server uses it to verify the client’s identity optionally. Then the premaster secret is decrypted and used to determine the session key.
3. What is the difference between passive FTP and active FTP?
With active FTP, a client connects to server’s command port 21 from any port n > 1023. Server responds from port 21 to client’s control port. The server initiates a connection from the server data port 20 to the client’s data port n+1. Client sends ACK to the server’s data port. In passive mode, both connections are initiated by the client. The client opens 2 random ports locally, n>1023 and n+1, sending PASV to the server’s command port 21. The server opens port m >1023 and then the client initiates the connection from port N+1 to the server’s data port m.