๐ TCP/IP & Troubleshooting
1) What is the TCP 3-way handshake?
Ans:-The TCP 3-way handshake is the process used to establish a reliable connection between a client and a server before data transfer
2) What are common ports and protocols (e.g., HTTP, HTTPS, FTP)?
Ans:- Common ports are HTTP (80), HTTPS (443), FTP (21), SSH (22), DNS (53), SMTP (25), and RDP (3389), each mapped to a specific protocol for communication
3) What is ICMP and what is it used for?
Ans:- ICMP(Internet Control Message Protocol) is used for network diagnostics, like ping and traceroute, to test connectivity and report errors
4) What is the use of ping and traceroute commands?
Ans:- Ping checks connectivity and response time between devices, while traceroute shows the path and hops taken to reach a destination for troubleshooting.
5) What is TTL (Time to Live)?
Ans:-TTL (Time to Live) is a value in an IP packet that defines how many hops (routers) the packet can pass through before being discarded. Each router decreases the TTL by 1, and if it reaches 0, the packet is dropped. This prevents packets from looping endlessly in the network.
6) What is MTU and how does it affect packet transmission?
Ans:-MTU (Maximum Transmission Unit) is the largest size of a packet (in bytes) that can be transmitted over a network link without needing fragmentation
7) How do you troubleshoot high latency?
Ans:- I troubleshoot high latency by first checking local resource usage(top, htop)., then using ping and traceroute to find where the delay occurs. Next, I check for packet loss(Run ping -M do -s <size> to test MTU issues.), MTU issues, bandwidth usage(iftop, nload, netstat), and interface errors. If the issue is outside my network, I escalate to the ISP.
8) What is the difference between packet filtering and stateful inspection?
Ans:- Packet filtering checks each packet independently using IP/port, while stateful inspection tracks the state of connections and allows or blocks packets based on session context
9) What is DNS and how does it work?
Ans:-DNS (Domain Name System) is like the phonebook of the internet. It translates human-readable domain names (like www.google.com) into IP addresses (like 142.250.183.36) so computers can communicate.
10) What is DHCP and its process?
Ans:-DHCP(Dynamic Host Configuration Protocol) automatically assigns IP addresses. The process is called DORA: Discover, Offer, Request, Acknowledge
๐ Firewall & Security
11) What is a firewall and how does it work?
Ans:-A firewall is a network security device/software that monitors and controls incoming and outgoing traffic based on predefined rules.It acts like a security guard between trusted (internal) and untrusted (external) networks.
12) What is the difference between stateful and stateless firewalls?
Ans:-A stateless firewall checks each packet independently using IP/port, while a stateful firewall tracks the state of connections and allows or blocks traffic based on session context
13) What is a DMZ?
Ans:-A DMZ(Demilitarized Zone) is a buffer zone network between the internal LAN and the Internet, used to host public services like web and mail servers, while protecting the internal network.
14) What is port forwarding?
Ans:-Port forwarding is the process of redirecting traffic from a public IP/port to a private IP/port, commonly used to allow external access to internal serverss
15) What is an access control list (ACL)?
Ans:-An Access Control List (ACL) is a set of rules used to control access to resources.
16) What are the differences between standard and extended ACLs?
Ans:- Standard ACL: Filters traffic based only on source IP.Extended ACL: Filters traffic based on source + destination IP, protocol, and port number โ more flexible and powerful.
17) What is NAT vs PAT?
Ans:- NAT(Network Address Translation): Converts private IPs to public IPs.PAT(Port Address Translation): A type of NAT that allows many private IPs to share one public IP using ports.
18) What is VPN and how does it work?
Ans:- A VPN (Virtual Private Network) creates a secure, encrypted tunnel over the internet, allowing safe communication and remote access to private networks while hiding the userโs real IP.
19) What are IPSec and its components?
Ans:- IPSec is a set of protocols used to secure IP communication by authenticating, encrypting, and ensuring integrity of data packets over IP networks (commonly used in VPNs).
20) What are the different types of VPNs?
Ans:- The main types of VPNs are:
- Remote Access VPN (individual users connect securely),
- Site-to-Site VPN (connects two networks),
- Intranet & Extranet VPNs (for internal sites or partners),
- SSL VPN (browser-based remote access).
21) How do you troubleshoot high CPU usage?1)if you are unable to access server through putty what you will do?
Ans:-If I cannot access a server via PuTTY, I will first check network connectivity, then verify SSH port 22 is open, firewall/security rules, and whether the sshd service is running. If still not accessible, Iโll use console access to troubleshoot further.
22) If server is down what you will do?
Ans:-If a server is down, first I check network connectivity. If not reachable, I take console access to check power, hardware, and logs. Then I verify disk space, CPU/memory, and service status. If OS is corrupted, I use rescue mode to recover it
23) What Backup tools you are using?
Ans:-I mostly use rsync and tar for file-level backups, and mysqldump/pg_dump for databases. In cloud, I use AWS Backup and snapshots for EC2 and RDS
24)Tell the recent troubleshoot ?
Ans:-Example 1:Recently, I faced an issue where one of our web servers was not reachable. First, I checked the network connectivity using ping and telnet, which was fine. Then I used console access and saw that the root partition was 100% full. Because of that, the services had stopped responding. I identified the large log files using du -sh * and find / -size +500M, archived old logs, and freed up space. After restarting the services, the server was back online. This solved the issue and I also configured log rotation to prevent the same problem in the future
Example 2: SSH Not Working :One time, I was unable to SSH into a Linux server. First, I checked ping and telnet to port 22, but port 22 was blocked. I took console access and found that the sshd service was stopped due to a misconfigured sshd_config file.
I corrected the configuration, restarted sshd, and SSH access was restored. To prevent future issues, I tested configuration changes with sshd -t before restarting the service.
25) If the service is not able to install .what you do ?
Ans:-If a service is not installing, I first check if the repository(yum repolist) is enabled and reachable, then verify the package name(yum search <package>), dependencies, and available disk space. Finally, I check logs for detailed errors and fix accordingly(/var/log/yum.log).
26) If the disk is mounted and not able to create a file/folder .what could be the reason?
Ans:-If a disk is mounted but I cannot create a file, the common reasons could be: disk is full, inodes(df -i) are exhausted, the mount is read-only, or I donโt have permissions. I will check with df -h, df -i, mount, and permissions to identify the root cause.
27) what is the difference between FTP vs SFTP?
Ans:-FTP(File Transfer Protocol) is an old protocol that transfers files in plain text over port 21, which is not secure. SFTP(SSH File Transfer Protocol) runs over SSH on port 22 and provides encryption, making it the secure alternative. Thatโs why SFTP is mostly used in production
28) Unabe to create file or folder on particular partition everything is fine what will be the issue ?
Ans:-If I cannot create a file on a partition even though space and permissions look fine, the common causes are inode exhaustion, read-only mount, user quota exceeded, or filesystem corruption. I would check with df -i, mount, quota, and filesystem health
29) How do you set environment variables?
Ans:-We can set environment variables temporarily using export VAR=value, but for permanent use we add them in ~/.bashrc (user level) or /etc/profile (system-wide)
30) What is the `PATH` variable?
Ans:-The PATH variable is an environment variable that defines the directories the shell searches for executables. It allows you to run commands without specifying their full path
31) How do you make environment variables persistent?
Ans:-To make environment variables persistent, I add them in ~/.bashrc or ~/.bash_profile for a user, and in /etc/environment or /etc/profile for system-wide use. For services, I configure them in systemd unit files
32) What is the difference between `export` and `set`?
Ans:-set defines shell variables available only in the current shell, while export makes variables available to sub-shells and child processes.
33) How do you view all environment variables in Linux?
Ans:-Use printenv or env to list all environment variables.Use set to list shell variables along with environment variables.Use export -p to list only exported environment variables.