This section will provide you the most commonly asked CCNA interview questions and answers.
CCNA Interview Questions and Answers
1. What are the different layers of the TCP/IP model?
TCP/IP model has four different layers namely:
- Application layer
- Transport layer
- Internet layer
- Network interface layer
The application layer is the topmost layer. It provides network access to the users and applications. The different protocols and services used in this layer are HTTP, Telnet, FTP, DNS, DHCP, SMTP etc.
The transport layer is responsible for the process to process communication between the two hosts. It provides the functionalities such as Segmentation and reassembly, Service point addressing, Connection control. TCP and UDP are the two major protocols of the transport layer.
The Internet layer is responsible for the delivery of packets from source to destination across the communication network. IP (Internet Protocol) is the major protocol in this layer that provides a logical addressing scheme for data packets from source to destination. Every node in a network is uniquely identified by its respective IP address.
The network interface layer is responsible for encapsulating IP packets received from the internet layer to data frames. The data framing is done by adding a physical address of the host. The frame is further transmitted over the physical link on the same network.
2. Compare the TCP and UDP protocols.
TCP stands for transmission control protocol. It is a connection-oriented protocol. It establishes the TCP connection between the two hosts before exchanging the data between them. It waits for the acknowledge message for every segment sent to the destination. Hence, it is also called the reliable protocol.
UDP stands for user datagram protocol. it is called unreliable because it does not guarantee the delivery of the segment to the destination. It is also called a connectionless protocol. UDP is faster than TCP. Hence is used in real-time communication such as live streaming.
3. What do you understand by IP routing and mention different types of routing?
IP routing is the process of finding the best possible path to send IP packets from source to destination in an IP network. IP routing occurs at layer 3 of the OSI model. Hence, the router is a device that processes IP routing.
The different types of IP routing are:
- Static routing
- Dynamic routing
- Default routing
4. What is the function of a router in networking?
The router is a network device that operates at layer 3 of the OSI model. The main function of a router is :
- It interconnects different IP networks.
- It routes IP packets from source to destination on the basis of the destination IP address.
- It maintains the IP routing table and forwards the incoming packet to the destination host by analysing the destination IP address on the routing table.
- It acts as a traffic cop and controls the network traffic congestion efficiently.
5. Differentiate between layer 2 and layer 3 switches
| Layer 2 Switch | Layer 3 Switch |
| Operates at layer 2 of OSI model. | Operates at layer 2 as well as layer 3 of the OSI model. |
| Forward frame to the destination host on the basis of the destination mac address. | Routes packets from source to destination on the basis of the destination IP address. |
| Layer 2 switch may be manageable and unmanageable. | Layer 3 switch is purely manageable. |
| Layer 2 switch can be used to segment LAN. | Layer 3 switch can be used as an alternative to the router to interconnect different LAN segments as well as WAN. |
6. What is NGFW and its advantage over the traditional firewall?
NGFW stands for Next-gen firewall. NGFW is a network security device that has functionalities and capabilities beyond a traditional firewall. It functions exactly similar to the stateful inspection firewall. Howver it has many other additional features such as integrated IPS (intrusion prevention system, application awareness and control, deep packet inspection (DPI), advanced malware protection (AMP) and so on.
The major advantages of NGfw over a traditional firewall are:
- NGFW provides application-level security functions
- It provides multilayered protection
- Single access control for the entire network.
- Capability to tackle modern-day cyberthreats.
- Capability to implement role-based access.
- NGFW is available with a complete package of antivirus, spam and ransomware protection and endpoint security.
7. What is virtual LAN?
Virtual LAN or simply VLAN is a logical grouping of different devices within the single broadcast domain, even if they are distributed over different geographic locations. VLAN helps to break a single broadcast domain into multiple broadcast domains.
8. What is STP?
STP stands for spanning tree protocols.
- STP is a Layer 2 network management protocol.
- The purpose of implementing STP in the layer 2 device is to address broadcast storms.
- STP avoids switching loops that occur due to redundant links.
- It also restores the redundant links, in case of the main link fails.
- STP uses a spanning tree algorithm to detect redundancy and eliminate the switching loops.
- The spanning-tree protocol was first introduced by DEC (Digital Equipments Corporation) in 1985.
- Later on, it has become the open-source standard and was defined as IEEE 802.1d standard.
- STP is enabled by default in Cisco Catalyst Switch.
- The working of STP involves series of processes to avoid looping conditions. The process of STP is discussed in detail in the later section.
- Switches share BPDU (Bridge Protocol Data Unit) messages among themselves to discover loops.
9. What are the different types of routing protocols?
The routing protocol is responsible for sharing routing information among the neighbour routers and finds the best possible and reliable path to forward the packet from source to destination network.
10. What is NAT and its types
NAT stands for Network Address Translation. It is a process by which the private IP address of the internal network is converted or translated into a public IP address. The implementation of NAT on a network overcame the shortage of IP version 4 ( IPv4) addressing schemes. Because the accelerated growth of the Internet had lead to the rapid depletion of IP v4 addresses.
Types of NAT
- Static NAT
- Dynamic NAT
- NAT overloading or PAT
Static NAT provides one to one mapping of a local address to a global address.
Dynamic NAT allows the mapping of private IP with a public address from the pool of public addresses.
NAT overloading is the most prominent NAT. It is a type of dynamic NAT, however, it can map multiple private IP into single public IP. This makes use of Port numbers. Hence, it is also called PAT ( Port address translation).
11. What do you understand by DHCP?
DHCP stands for dynamic host configuration protocol. DHCP is a network management protocol that helps to assign an IP address to the host dynamically. In addition to the IP address, it also assigns a subnet mask, default gateway and DNS server. DHCP server automates and manages the allotment of IP address to the client or host centrally.
The main components of DHCP are DHCP server, DHCP client, DHCP relay agent, IP address pool, subnet mask, leased time and gateway address.
12. What is the difference between static routing and dynamic routing?
Difference between Static and Dynamic Routing
| S. No. | Static Routing | Dynamic Routing |
| 1 | The routing table is configured manually. | Automatic. |
| 2 | Routes are user-defined. | Routes are updated, as the topology changes. |
| 3 | It does not use any routing protocols. | It uses routing protocols. |
| 4 | It is more reliable. | Less reliable as compared to static routing. |
| 5 | It is more secure. | Less secure. |
| 6 | Suitable for smaller networks with limited numbers of routers. | Suitable for large networks. |
| 7 | It does not require additional resources. | It requires additional resources like memory, bandwidth for the routing process |
| 8 | Link failure obstructs the rerouting. | Link failure doesn’t affect the rerouting. |
13. What is VTP and its various modes?
VTP stands for VLAN Trunking Protocol. VTP is a Cisco proprietary protocol used to exchange VLAN information.
Each switch can use one of four different VTP modes:
- VTP client mode
- VTP server mode
- VTP transparent mode
- VTP mode off
14. What do you understand by administrative distance?
Administrative Distance or AD is the numerical value ranging from 0 to 255 that rates the trustworthiness of the routing information received from the adjacent router. The route with the least value of AD will be considered as the best path for routing and the same value of AD is updated in the routing table.
The different routing protocols have their won pre-defined AD value
| ROUTE SOURCE / ROUTING PROTOCOL | ADMINISTRATIVE DISTANCE |
| Directly Connected route | 0 |
| Static routing | 1 |
| External BGP | 20 |
| EIGRP | 90 |
| OSPF | 110 |
| RIP | 120 |
| External EIGRP | 170 |
| Internal BGP | 200 |
| Unknown destination | 255 |
15. What is the AD value of OSPF and EIGRP?
The AD value of OSPF is 110.
The AD value of EIGRP is as follows
Internal EIGRP = 90
External EIGRP = 170
16. What is the AD value of static routing?
The AD value of static routing is 1 (one).
17. What is the function of SNMP in network operation?
SNMP stands for Simple Network Management Protocol. It is used to manage different devices such as endpoints, servers routers and switches across the network.
18. What is the function of DNS with the network?
DNS stands for Domain Name System. DNS is an application layer protocol to resolve IP addresses to the domain names and vice versa. DNS is also called the phonebook of the internet. It is a directory service that provides the mapping of hostnames with their numerical address.
19. What is the difference between peer to peer and client-server network
In peer to peer network, there is no centralised server. All the nodes act as clients as well as servers. It is useful for the smaller network.
Whereas in a client-server architecture, there is a centralised mechanism called server. the server takes control over the entire network. The clients are connected to the server within the security domain. They cannot access the network resources without the prior permission of the server. This network architecture is useful for a large networks.
20. What is the range of private IP v4 address
- Class A : 10.0.0.0 to 10.255.255.255
- Class B : 172.16.0.0 to 172.31.255.255
- Class C :182.168.0.0 to 192.168.255.255
