1. What is Computer Network?

Ans: A computer network is a collection of interconnected devices that can communicate and share
resources with each other.
2. Difference between router, switch.
Ans: The router is a networking device that works at the network layer i.e., a third layer of the ISO-OSI
model, and is the multiport device. It establishes a simple connection between the networks to provide
the data flow between the networks. Router transfers data in the form of packets is used in LAN as well as
MAN.

It is a point-to-point communication device. Basically, it is a kind of bridge that provides better

connections. It is a kind of device that sets up and stops the connections according to the requirements
needed at that time. It comes up with many features such as flooding, filtering, and frame transmission.
3. What is a Broadcast Domain?
Ans: A logical subdivision of a computer network known as a “broadcast domain”.

A broadcast domain is a section of a network where any broadcast message sent by a device is received by
all other devices within that segment. It is limited by network devices like routers, which stop broadcast
traffic from spreading to other networks.
4. OSI model with complete details and protocols on each layer.
Ans:

5. DHCP DORA process

Ans: DORA is the process that is used by DHCP. DORA helps in providing an IP address to hosts or client
machines. DORA is the process that follows some steps between the server and client. It gets the IP
address from the centralized server. It consists of four-stage:
 Discover
 Offer
 Request
 Acknowledge
6. DNS - detailed explanation. TCP/UDP and why?
 Ans: Domain Name System (DNS) is a system that translates human-readable domain names, like
www.google.com, into machine-readable IP addresses, such as 142.250.190.14, enabling computers to
locate and communicate with each other on the internet. It operates as a distributed database, working
through a hierarchical structure of servers.
When a user requests a domain, the query passes through multiple levels—starting with the Root server,
then the Top-Level Domain (TLD) server and finally the authoritative server that holds the specific IP
address for the domain.
DNS: TCP or UDP?
DNS (Domain Name System) primarily uses UDP (User Datagram Protocol) but can also use TCP under
certain conditions.

1️⃣ DNS Typically Uses UDP (Port 53)

🔹 UDP is preferred for DNS queries because it is faster and has lower overhead than TCP.
🔹 DNS is generally used for small query/response pairs (like converting a domain name to an IP address),
and UDP works well for this because:
 No connection establishment: UDP doesn't require a handshake like TCP does, so queries and responses
are quicker.
 Small message size: DNS queries and responses usually fit within a single UDP packet (typically less than
512 bytes, unless using DNS extensions like EDNS0).
When does DNS use UDP?
 When the DNS query and its response fit within the maximum size limit of a UDP packet (512 bytes), which
is typically sufficient for standard DNS lookups.

2️⃣ DNS Uses TCP (Port 53) When...

While UDP is the default, DNS switches to TCP in certain scenarios:
Reasons for DNS to Use TCP:
 Truncated responses: If the response from the DNS server exceeds 512 bytes, DNS truncates the UDP
response and asks the client to retry using TCP. This happens when large resource records (like DNSSEC or
large lists of IP addresses) are involved.
 Zone transfers: DNS uses TCP for zone transfers (AXFR/IXFR), which are large data transfers between DNS
servers to synchronize domain information.
 Reliability: TCP is reliable and ensures that all data is received correctly. This is important for zone transfers
or when larger datasets need to be transferred.

Summary:

Protocol Usage in DNS Reason

UDP Primary for queries and responses Faster, lower overhead, small messages

TCP For large responses and zone transfers Reliability, handling large data

3️⃣ Example Scenario

 DNS Query (UDP): When you type google.com in your browser, a DNS query is sent to resolve the domain
to an IP address (typically using UDP).
 Large DNS Response (TCP): If the response is too large (e.g., DNSSEC records), the DNS server might
instruct the client to retry the request using TCP to receive the full response.

Conclusion:
 UDP is used because it's faster and works well for most DNS queries.
 TCP is used for situations requiring larger responses or more reliability, like zone transfers or DNS
responses over the typical UDP size.
Let me know if you'd like a detailed breakdown of DNS operations or how to troubleshoot DNS issues! 😎
7. Subnetting
Ans: A subnet is like a smaller group within a large network. It is a way to split a large network into
smaller networks so that devices present in one network can transmit data more easily. For example, in a
company, different departments can each have their own subnet, keeping their data traffic separate from
others. Subnet makes the network faster and easier to manage and also improves the security of the
network.
8. MSS/MTU
Ans: MSS is a TCP header field of data bits that are used for indicating the device with the maximum
amount of data capacity in it. MSS stands for Maximum TCP Segment Size. MSS follows the TCP/IP
handshake which takes place using three-way handshaking that satisfies all the basic networking
protocols. MSS is similar to the MTU, but instead, it is used with the help of TCP protocol using layer 4.
Whenever a new device in the network remains connected to the server, then the three-way handshaking
operation takes place by inserting their header payload file into the TCP header of the networking
protocol. The MSS is the more advanced and secure version of MTU. It is responsible for deciding the
factor by which the fragmentation of the segments present in the TCP header will take place at the
transport and tunnel mode of the TCP/IP protocol.

MTU stands for maximum transmission unit. The data transmission that takes place in a network is
responsible for calculating the largest data packet which is unique and can be transferred as a single
distinct entity across the network during the transmission. It basically states that an increase in the ratio of
the MTU during the transmission phase will result in a single and strong connection to the network which
reduces the payload present on each data packet in the network transmission. MTU decides the ability of
the host machine in the computer network to transmit and receive large blocks of data and files all at once
at a particular time. It is responsible for deciding the ability of the computer to determine and compute
the optimal and the most effective data size of the packets in the network.

1️⃣ MTU (Maximum Transmission Unit)

🔹 MTU is the maximum size of a packet (including all headers) that can be transmitted over a particular
network link.
🔹 MTU is defined at the network layer (Layer 3) and is typically set on devices like routers, switches, and
network interfaces.
🔹 Standard MTU size for most Ethernet networks is 1500 bytes.
Example of MTU
 Ethernet (Wi-Fi or Wired) typically has an MTU of 1500 bytes.
 PPP (Point-to-Point Protocol) links, like in DSL, often have a smaller MTU.

2️⃣ MSS (Maximum Segment Size)

🔹 MSS is the maximum amount of data (excluding headers) that can be sent in a single TCP segment.
🔹 MSS is related to the transport layer (Layer 4) and is used by TCP to determine the maximum size of the
data portion of a TCP packet.
🔹 MSS ensures that the data within the segment doesn’t exceed the MTU of the network, preventing
packet fragmentation.

9. Complete flow when you trigger amazon.com

 Ans: When we type a website like https://www.geeksforgeeks.org in our browser, our computer tries to
find the IP address.
 First, it checks the local cache (our browser, operating system, or router) to see if it already knows the IP
address.
 If the local cache doesn’t have the IP, the query is sent to a DNS resolver to find it.
 DNS resolver may check host files (used for specific manual mappings), but usually, it moves on.
 Resolver sends the query to a Root DNS server, which doesn’t know the exact IP address but points to the
TLD server (e.g., .org server for this example).
 TLD server then directs the resolver to the authoritative nameserver for geeksforgeeks.org.
 Authoritative nameserver knows the exact IP address for geeksforgeeks.org and sends it back to the
resolver.
 Resolver passes the IP address to our computer.
 Our computer uses the IP address to connect to the real server where the website is hosted.
 The website loads in our browser.

10. TLS and SSL handshake

Ans: The SSL/TLS Handshake is a process wherein a client and server set up a secure connection prior to
exchanging data.
The SSL and TLS handshake establishes a system for SSL/TLS clients and servers to start communication
between them in other words it is a negotiation between two parties on a network. Handshake Protocol is
used to establish sessions. This protocol allows the client and server to verify each other by transferring a
series of messages to each distance. Handshake protocol uses four phases to finalize its circle.
Steps enable the SSL or TLS client and server to communicate with each other:

 Phase-1: Deciding which version of the Protocol to use. The system decides which protocol to use. Client
and Server exchange hello-packets with each other to confirm. In this IP session, cipher suite, and Agree on
which version of the protocol to use.
 Phase-2: Server sends his certificate and Server-key-exchange. The server end phase-2 by exchanging the
hello packet.
 Phase-3: Verification, in this phase, the Client replies to the server by sending his certificate and Client-
exchange-key.
 Phase-4: In this phase, the Change Cipher suite is passed and all the verifications and security checks are
done after this Handshake Protocol ends.
11. Flow/error control
Ans:
12. What is a firewall, why do you need it?
Ans: A firewall is a security system designed to prevent unauthorized access into or out of a computer
network. Firewalls are often used to make sure internet users without access are not able to interface with
private networks, or intranets, connected to the internet.
Firewalls provide protection against outside cyber attackers by shielding your computer or network from
malicious or unnecessary network traffic.
13. What is APIPA?
Ans: APIPA comprises Automatic Private IP Addressing, a networking functionality that enables computers
to automatically assign themselves an IP address when they are unable to acquire one from a DHCP server.
APIPA will be employed when a device that is intended to use DHCP for obtaining an IP address fails to
connect with the DHCP server. In this case, it assigns itself an IP address range within APIPA, usually
between the limits of 169.254.0.1 and 169.254.255.254 having a subnet mask of 255.255.0.0.

14. Will my computer get same IP address allocated everytime?

Ans: It depends on whether your IP address is static or dynamic.
1️⃣ Dynamic IP (Most Common) – Changes Over Time
🔹 Most home and office networks use Dynamic IPs, assigned by a DHCP server (usually your router or ISP).
🔹 These IPs can change when:
 You restart your router.
 Your lease time (set by DHCP) expires.
 Your ISP reassigns a different IP.
🔹 Example: Your Wi-Fi router gives your laptop 192.168.1.100, but after a reboot, it might get
192.168.1.101.
📌 To check if your IP is dynamic
1. Restart your router.
2. Visit WhatIsMyIP before and after restarting. If it changes, your ISP assigns dynamic IPs.

2️⃣ Static IP – Always the Same

🔹 A Static IP is manually assigned and never changes unless modified by an admin.
🔹 Used for:
✅ Web servers
✅ Remote access (RDP, CCTV, etc.)
✅ Corporate networks
🔹 ISPs charge extra for public static IPs.
📌 Check If Your Local IP is Static or Dynamic
Run in Command Prompt (Windows) or Terminal (Linux/macOS):
ipconfig /all (Windows)
ifconfig (Linux/macOS)
If DHCP is enabled, your IP is dynamic.

3️⃣ Private vs. Public IP – Do Both Change?

🔹 Private IP (Local) – Assigned by your router (e.g., 192.168.1.x). Can change unless reserved.
🔹 Public IP (Internet) – Assigned by ISP; usually dynamic, but some ISPs provide static ones on request.
📌 To Make Your Local IP Static (Prevent Router from Changing It)
1. Reserve the IP in your router settings (DHCP Reservation).
2. Manually set it in network settings (192.168.1.X with correct subnet/gateway).
Would you like a guide on setting a static IP for your device? 😊

15. DNS Query Process

16. What happens if we type www.amazon.com. This time, the interview went into depth about the process of
questioning various aspects.
17. What are ports and port numbers?
Ans: Port is a logical address of a 16-bit unsigned integer that is allotted to every application on the
computer that uses the internet to send or receive data.

Whenever any application in one computer sends data to another application of a different computer then
it sends using IP Address and MAC Address but how does our computer know that this data is for a specific
application and this data is sent by any specific application? There comes the concept of Port.
 For instance, imagine your MAC Address or IP Address as the PIN code of the nearest Post Office and your
house address as a Port. Whenever any parcel is sent to you it gets received by the nearest post office and
then it is identified by your address where to deliver that parcel. Similarly in a computer data is first
received using their IP or MAC address then it is delivered to the application whose port number is with
the data packets.
Now every time any application sends any data, it is identified by the port that which the application sent
that data and the data is to be transferred to the receiver application according to its port. We often call
port as port number.
18. Do different tabs making queries in the browser use different port numbers?
Ans: Yes! When different tabs in your browser make network requests (e.g., HTTP/HTTPS requests to
websites), they use different port numbers on your computer. Here's why:
How It Works
 Your computer (client) communicates with a web server using a source port and a destination port.
 Destination Port: This is typically 80 (HTTP) or 443 (HTTPS) for web requests.
 Source Port: Your computer assigns a random ephemeral port (e.g., 40000-65535) for each connection.
Multiple Tabs = Different Source Ports
 Each browser tab (or even each request within a tab) gets a unique source port to keep connections
separate.
 Example:

Tab Source Port Destination (Server) Destination Port

Tab 1 50231 google.com 443

Tab 2 50312 google.com 443

Tab 3 50467 google.com 443

 Even though all tabs access google.com:443, the browser differentiates connections using unique source
ports.
Why Use Different Ports?
 Avoid conflicts: If all connections used the same source port, responses would get mixed up.
 Allow multiple requests: Browsers can send multiple requests in parallel (e.g., images, scripts, API calls).
 Security & Tracking: Some firewalls and security tools track connections using source ports.

19. TCP Handshake in detail

Ans: The TCP 3-Way Handshake is a fundamental process that establishes a reliable connection between
two devices over a TCP/IP network. It involves three steps: SYN (Synchronize), SYN-ACK (Synchronize-
Acknowledge), and ACK (Acknowledge). During the handshake, the client and server exchange initial
sequence numbers and confirm the connection establishment. In this article, we will discuss the TCP 3-Way
Handshake Process.
20. How do PING and TRACERT commands work?
Ans: ping (Packet Internet Groper) is used to test network connectivity between two devices.
tracert (or traceroute) shows the route a packet takes to reach a destination.
21. Problem on IP Addressing at the sender, gateway and destination.
22. Detail discussion on ipv4 and ipv6
Ans:

IPv4 IPv6

IPv4 has a 32-bit address length IPv6 has a 128-bit address length
 IPv4 IPv6

It Supports Manual and DHCP address It supports Auto and renumbering address
configuration configuration

In IPv4 end to end, connection integrity is In IPv6 end-to-end, connection integrity is

Unachievable Achievable

Fragmentation performed by Sender and In IPv6 fragmentation is performed only by

forwarding routers the sender

23. How do we check IP address and Gateway and DNS Server addresses of our device.
24. How HTTPS secure our connection.
25. Know about header(TCP,IP,etc).
Ans: A header in the TCP/IP model is a set of metadata added to a data packet at each layer to help with
routing, delivery, and error handling. Each protocol (TCP, IP, UDP, etc.) has its own header format.
When data is sent over a network, it is encapsulated with headers at different layers:
1. Application Layer – Adds protocol-specific headers (e.g., HTTP headers).
2. Transport Layer (TCP/UDP) – Adds port numbers, sequence numbers, etc.
3. Network Layer (IP) – Adds source & destination IP addresses.
4. Data Link Layer (Ethernet) – Adds MAC addresses for local delivery

26. Linux commands (ping,traceroute,dig,curl,mpstat,etc)

27. What is SSL. Explain about Digital Certificates and TLS Handshake.
Ans: SSL (Secure Sockets Layer) is a cryptographic protocol that provides secure communication over the
internet. It ensures that data transmitted between a web browser and a web server is encrypted,
authenticated, and protected from tampering.
A Digital Certificate is an electronic document issued by a Certificate Authority (CA) that verifies the
identity of a website or organization.
🔹 It contains:
 Public key (used for encryption)
 Website owner details
 Certificate Authority (CA) signature
 Expiration date
The TLS Handshake is the process where a client (browser) and server establish a secure encrypted
connection.
Steps of the TLS Handshake:
1. Client Hello:
o The browser requests a secure connection and sends a list of supported encryption algorithms.
2. Server Hello:
o The server selects an encryption algorithm and sends its digital certificate (containing its public
key).
3. Certificate Verification:
o The browser checks if the certificate is valid and trusted.
4. Key Exchange:
o The client and server exchange keys to establish a shared secret key (used for symmetric
encryption).
5. Session Established:
 o Both sides use the shared key to encrypt and decrypt data.
o Secure communication begins.

28. TCP Handshakes

Ans: The TCP 3-Way Handshake is a fundamental process that establishes a reliable connection between
two devices over a TCP/IP network. It involves three steps: SYN (Synchronize), SYN-ACK (Synchronize-
Acknowledge), and ACK (Acknowledge). During the handshake, the client and server exchange initial
sequence numbers and confirm the connection establishment
29. What are few methods of HTTP, what is HTTPs, is the port number different for HTTPs, how is SSL related to
HTTPs, explain SSL.
Ans: HTTP is an application layer protocol designed to transfer information between networked devices.
HTTP methods are : GET,POST,PUT,DELETE,PATCH.
HTTPS is just a secure version of HTTP it basically provides a encryption to the information to protect them
from hackers.

HTTP use port 80

HTTPs use port 443
SSL/TLS are cryptographical protocols that secure HTTPs connections. It encrypts the communication
between the web browsers and server using asymmetric(public/private keys) and symmetric
encryption(shared key).
30. What methods are available to us in flow control and error detection/correction?
Ans: Flow Control:
1. Stop and Wait
2. Go back N
3. Selective repeat

Error Detection:

1. Simple Parity
2. 2D parity
3. Checksum
4. CRC(Cyclic redundancy check)

Error Correction:

1. Hamming codes
31. What is public IP,Private IP? How is it different from private IP? Can I connect to the internet using private IP?
What is NAT?
Ans: Private IP Address: It is the IP address that is use to communicate within the same network .Using
private IP data or information can be sent or received within the same network.
Public IP Address: It is used to communicate outside a network. Public IP is basically assigned by ISP.

Yes, we can access the Internet with our Private IP Address. Router having both private and public IP
Addresses connection, becomes an intermediate in connecting or accessing Internet.

NAT(Network Address Translation) is a process in which one or more local IP address is translated to one or
more global IP addresses and vice-versa to provide Internet access to local hosts.

32. System automation – cron,batch jobs, windows startup task.

33. Firewall in detail with all types (advantages/disadvantages)
Ans: Firewall is a network security device which monitors all incoming and outgoing traffic on set of
defines rules and accept,rejects or drop that specific traffic.
34. VPN in detail with all types (advantages/disadvantages)
 Ans: VPN stands for "Virtual Private Network" and describes the opportunity to establish a protected
network connection when using public networks.
35. Proxy in detail with all types (advantages/disadvantages)
Ans: Proxy is server which makes the original IP address of the node hidden when the client is requesting
anything from the server. Every computer has its unique IP address which it uses to communicate with
another node. Similarly, the proxy server has its IP address that your computer knows. When a web
request is sent, your request goes to the proxy server first. The Proxy sends a request on your behalf to the
internet and then collect the data and make it available to you. A proxy can change your IP address So, the
webserver will be unable to fetch your location in the world. It protects data from getting hacked too.
36. Differentiate OSI Reference Model with TCP/IP Reference Model.
 Ans: OSI reference model has 7 layers but TCP/IP has 4.
 OSI made by ISO but TCP/IP by ARPANET
 OSI is a theoretical framework but TCP/ip is practically implemented model
 OSI model in independent of specific protocol, but this is built around TCP/IP

 Private Key: It is used for the decryption of the data that has been encrypted by the public key. It resides
on the server-side and is controlled by the owner of the website. It is private in nature.

 Public Key: It is public in nature and is accessible to all the users who communicate with the server. The
private key is used for the decryption of the data that has been encrypted by the public key.

 A Buffer is a part of memory which stores data temporarily while that data is being forwarded from one
location to another in a computer.

 A cache is a fast storage unit not much in size as compared to other memory units and is used to store
repeated data or instructions. The main rationale behind cache is to minimize the amount of time that is
taken in retrieving data from the main memory to facilitate operations to be performed faster thus
enhancing its speed.

 Network Time Protocol (NTP) is a protocol that helps the computers clock times to be synchronized in a
network. This protocol is an application protocol that is responsible for the synchronization of hosts on a
TCP/IP network.
