CompTIA Network+

CompTIA Network+ interview questions [2022 update]

February 28, 2022 by Daniel Brecht

The CompTIA Network+ is a vendor-neutral exam used to gauge an IT professional’s knowledge about installing, configuring and managing network infrastructure. Obtaining a Network+ certification can open up a path to numerous job types, including:

  • Systems administrator
  • Information technology manager
  • Network administrator
  • Network engineer
  • Information technology specialist
  • Helpdesk technician

When preparing for interviewing for one of these or related positions, you must research and understand the duties you will be assigned in that role. Your interview will revolve around the tasks and technology listed in the position description. Still, you will likely be asked several questions devised to gauge your soft skills and the ability to fit well in the preexisting team.

Questions will differ from job to job but below are some basic technical questions you may be asked during an interview that reflect some of the topics you studied while preparing for your Network+ certification.

Define a network

A network is a group of computers, routers, cables, and other hardware that connect users to share files, email and connect to the Internet. This is a basic question used to gauge your understanding of networking basics.

What is a node?

Nodes are any electronic device, desktop, server or virtual machine on the network. A cable or wireless connection connects these devices, but each device on the network is considered a node.

What does a router do?

A router directs traffic from one section of the network to another. Routers are different than hubs because they direct traffic rather than broadcast signals across the entire network.

What protocol can you use to automatically assign IP addresses?

The DHCP protocol automatically assigns IP addresses to desktops, servers or printers. However, your servers and printers should have a static IP address. You can still assign these addresses in the DHCP server settings.

What is a protocol?

A protocol is a set of instructions that guide the communication of networks. The Internet uses the TCP/IP protocol, which is mostly used in private networks. The TCP/IP protocol allows devices to communicate with a specific “language,” or set of rules, that allow each device to read and reply to network messages.

If your users cannot access a server, what things can you do to test server connectivity?

You can use the “ping” command to see if packets are returned. Ping will tell you that the server is turned on and connected. You can also remote into the computer to see if it’s running slow. Use custom tools to check for server resources.

What is the physical layer in the OSI model?

The physical layer is the ones and zeros that transport information across the network’s cables.

What is the network layer of the OSI model?

The network layer performs two types of functions: routing and assigning addresses. Routing is assigning traffic to a different segment of the network. Assigning addresses assign IP addresses to each node on the network to be found and communicated.

What is the process used to protect the company from losing massive data?

Disaster recovery (DR) is used to make backups, store data safely and secure data from hackers. DR also makes sure users can work even after a disaster.

What is a subnet?

A subnet is a segmented part of the network separated by a router. You use subnets to reduce traffic and congestion on the network and add security through the router.

In subnetting, mask /24 has how many addresses and hosts? How is the netmask represented?

/24 has 256 addresses and 254 hosts. The netmask is 255.255.255.0.

Name some open-source network analysis/scanning tools that could be used to discover weaknesses?

Nmap, Metasploit and Nessus.

Describe the TCP three-way handshake process.

Syn – Syn/Act – Ack – the client node sends an SYN packet to the server. The server has an open port to accept new connections. When the SYN is received, it sends a confirmation SYN/ACK. Once the client receives the SYN/ACK, it sends an acknowledgment ACK packet back. Once complete, the client and server can communicate freely.

What is seen in a typical CISCO router configuration?

Interface information, static routes, VPN connections, ACLs, IOS, time zones, users and password hashes.

Name a protocol analyzer.

Wireshark, Ettercap.

Name some routing protocols.

Border gateway protocol (BGP), external gateway protocol (EGP), routing information protocol (RIP), open shortest path first (OSPF) and enhanced Internet gateway routing protocol (EIGRP); Cisco no longer supports the Internet gateway routing protocol, which was a RIP alternative. The EIGRP is its replacement.

What is the difference between TCP and UDP?

TCP is connection-oriented, and UDP is connectionless.

Name some mail protocols and their port numbers?

SMTP (25), Pop (110) and IMAP (143).

How do you determine the type of web server used on a certain site?

By performing a banner grab.

What is port 53?

DNS.

What happens in the backend when you type www.google.com or any URL into the browser bar?

The address goes to the DNS server to resolve the domain name to the IP address. (The interviewer may follow up with the following question: Which DNS server? The answer is specified in your network config, which then contacts the authoritative name server for the IP address.).

If you ping a site, like www.google.com, and the TTL says 123, what does that tell you?

Windows uses a TTL of 128 by default, suggesting the target host was five hops away. This is because each hop decreases the TTL by one.

What command would you use to get the local routing table listing?

Netstat –r.

How many layers are in the OSI model, and what are they?

There are seven layers to the OSI model: physical, data link, network, transport, session, presentation and application.

What are the benefits of subnetting?

It makes network administration and routing more efficient by reducing network traffic and the size of routing tables. Subnetting allows the admin to divide a network into virtually defined segments. Isolating part of the network also adds a layer of security.

What are the benefits of SD-WANs?

The Software-Defined Wide Area Network (SD-WAN) solution allows the connection of multiple sites using software rather than hardware in each location. It allows for a scalable approach, lowers costs, and increases visibility within the network. This gives administrators better control over the traffic. 

What are common features of Next-Generation Firewalls?

NGFWs offer many additional features in addition to the traditional stateful inspection of network traffic. They integrate intrusion prevention systems, threat prevention features, deep packet inspection, sandboxing, and geolocation.

In client-to-site VPNs, what are full tunnels and split tunnels mode?

When routing your traffic, you can decide to send all of it through a VPN (full tunneling) or split it between the VPN and the regular open network (split tunneling). Full tunneling allows higher security with the possibility to apply full security controls. Still, split tunneling gives more flexibility, saves bandwidth and allows you to connect to other sites faster without going through a company network.

What type of attack is switch spoofing, and what action can you take to mitigate it? 

Switch spoofing is a VLAN hopping attack. Some of the possible measures are disabling DTPs and not putting access ports in “dynamic desirable,” “dynamic auto,” or “trunk” mode.

Preparing for Network+ interview questions 

If you are granted an interview based on your Network+ certification, the interviewer will ask many networking-related questions. Make sure you understand subnetting, how to configure firewalls, routers, switches, hubs, iptables, TCP and UDP and memorize the most popular network protocols and port numbers. Often interviewers will ask about FTP, DNS, Telnet, email protocols, HTTP or HTTPS. Know and understand the OSI model, the netstat command, tcpdump, ping and telnet.

If you had originally certified before the release of exam N10-008 on September 15, 2021, make sure to review all the new topics covered in the latest version of the exam, from Software-Defined Wide Area Networks (SD-WANs) to new VPN solutions, voice VLANs, new cabling options and tools, the latest technology for troubleshooting wireless connections and ensuring their security, and concepts related to high availability.

Good Luck!

Posted: February 28, 2022
Author
Daniel Brecht
View Profile

Daniel Brecht has been writing for the Web since 2007. His interests include computers, mobile devices and cyber security standards. He has enjoyed writing on a variety of topics ranging from cloud computing to application development, web development and e-commerce. Brecht has several years of experience as an Information Technician in the military and as an education counselor. He holds a graduate Certificate in Information Assurance and a Master of Science in Information Technology.

Leave a Reply

Your email address will not be published.