Interview Questions for System Engineer / Network Engineer
Q. Describe the network environments of the organizations that you have supported in the past.
A. This general question provides you with an opportunity to start the conversation regarding the technologies that you have experience with. Be descriptive in your answer. Include the number of users, number of remote sites, types of systems, type of connectivity between sites, network configuration, ISP used, routers/switches used, and the size of the overall engineering team. Also include who you reported to and the management style of that manager.
Q. What’s the difference between the WWW and the Internet?
A. This question will throw a lot of people off, but it is absolutely valid. The Internet is a collection of computers and networks that can all talk to each other, while WWW is an application that runs on the Internet.
Q. What is TCP/IP?
A. This is a great question in that it forces the candidate to display their knowledge of the protocol.
Q. What is TCP? UDP? How do they differ?
A. This is another question to determine the level of knowledge that the candidate possesses. TCP is a slower/authenticated protocol, while UDP is faster in theory, requiring less overhead but without the ability to verify that the data was delivered correctly or at all.
Q. Describe the seven-layer OSI reference model.
A. As an engineer, you must know the OSI model inside and out. TCP/IP is the standard protocol for the Internet and it strictly follows the rules set forth in this reference model. As a quick refresher, here is the OSI model:
1. Application Layer Responsible for end-user–friendly protocols like HTTP, FTP, and telnet.
2. Presentation Layer Responsible for isolating different data formats from each other.
3. Session Layer Responsible for maintaining a registry of all current active connections.
4. Transport Layer Responsible for transparent flow of data between devices, without consideration to hardware details. This layer is concerned with the reliable transfer of data packets from point to point.
5. Network Layer Responsible for providing logical paths for data packets to pass through; provides switching and routing facilities.
6. Link Layer Responsible for encoding and subsequent decoding of data packets at various network points.
7. Electrical/Physical Responsible for defining various electrical standards such as cables and bitstream sizes for communicating between devices.
Q. How do you approach a technical problem? Give an example.
A. This question is a necessary evil to ask a network engineer and one that you are guaranteed to be asked. Everyone has a different system. What’s important is that you have a system. Describe your method and also provide a recent example that demonstrates it in action from start to finish.
Q. What role does network planning play in successful project implementation?
A. This question shows the necessity of having a solid foundation for any project. Any infrastructure is only as good as the basic network that it’s built on.
Q. Have you ever been in a situation where you found yourself without the specific technical knowledge to perform a task essential to your project? What did you do?
A. This question is one that every engineer should have an answer for. It should be relatively easy to answer—be truthful without showing a weakness in ability. This is when a good researching talent comes in handy. No one expects an engineer to have memorized all of the information necessary to perform his job, but you need to have the skills to find the correct information quickly.
Q. Describe what a password policy is and the reasons for having one. Give an example of a policy and its rule set.
A. This is one of the most important and overlooked details in a secure network. You’ll get pushback from the users, but they will adjust. An engineer must be well versed in security and the policies required to implement and maintain it.
Q. What is offsite storage and why is it important to a disaster recovery plan?
A. This is a subject that no one ever pays much attention to until it’s needed. It is also one of the biggest reasons engineers lose their jobs. Offsite data storage guarantees that no matter what happens to your data center or servers, you will always have a copy of your data elsewhere. This is just a small part of an overall plan, but one of the most critical.
Q. How (and how often) should you test your disaster recovery plan?
A. Again, disaster recovery plans are a critical part of a network engineer’s job. A disaster recovery plan should be tested by doing an actual rebuild and restore of critical systems at least once every six months (or when major data or infrastructure changes occur).
Q. How often do you change the administrator passwords and accounts on local machines and domains?
A. Here is another area that doesn’t seem to get the attention it deserves. These passwords should be changed as part of a global password policy, and immediately upon any change of personnel who have knowledge of or access to the accounts and/or passwords.
Q. How often should a server be accessed to have the logs and drive space checked?
A. Although there is no set rule for this, it is a good idea to physically access each server at least once a week to check its overall health. There are a variety of applications that will alert you to errors and error conditions, but nothing replaces actually being logged into the server itself to get a good look at its performance.
Q. How many servers were you responsible for monitoring, maintaining, upgrading, and handling disaster recovery?
A. For effective coverage, an engineer should be able to manage 20–25 servers. There are often times when this number is much higher. This is when a good knowledge of the third-party tools available is handy. Certain systems, such as SQL, require more attention more frequently.
Q. How do you balance customer service skills and technical skills?
A. IT is a service organization. As such, customer service skills are just as important as technical skills, particularly in panic situations when systems are down or the user has just deleted their board presentation that’s due in 30 minutes. At these times, staying calm and being empathetic to the user are just as important as being able to quickly bring up the system or recover the file.
Q. What is a router?
A. A router is a device that connects more than one physical network, or segments of a network, using IP routing software
. As packets reach the router, the router reads them and forwards them to their destination.
Q. Discuss wireless networking.
A. This is a network configured to use communication techniques such as infrared, cellular, or microwave, so that cable connections are not required.
Q. Discuss WAN (wide area network).
A. A WAN is extended over longer distances that a LAN (local area network). It can range from a few miles to across the world. TCP/IP is the primary WAN protocol and was developed to provide reliable, secure data transmissions over long distances.
Q. What is OSPF?
A. Open Shortest Path First is a routing protocol that supports the concept of a core area to which everything attaches.
Q. What is BGP?
A. Border Gateway Protocol is used for routing between networks on the Internet core, and it supports many advanced routing features.
Q. What is an autonomous system?
A. An autonomous system is a community of interest. Used in conjunction with routing protocols, it breaks up parts of the network into manageable chunks.
Q. What is dial on demand?
A. Dial on demand is a technology that only activates network connection when “interesting” packets are to be sent across the infrastructure.
Q. What mask would you use to supernet two class C addresses?
A. The subnet would be 255.255.254.0.
Q. What is VLANing?
A. Virtual LAN is used on large LANs to break up the network into smaller broadcast domains. This creates communities of interest. These communities can be based around organizational structures.
Q. What is CIDR?
A. Classless Internet domain routing is used in conjunction with classless routing protocols to summarize the Internet into smaller routing tables.
Q. What is VLSM?
A. Variable Length Subnet Mask is used to allocate the amount of address space required by the end network.
Q. What is a class D IP address?
A. Class D addresses are multicast addresses.
Q. What addresses do multicasts start with?
A. Multicasts start with the address 126.96.36.199.
Q. Which name resolution system is implemented with TCP/IP by default?
A. Although WINS is a name resolution that is implemented by TCP/IP by default, it only works on Windows-based networks. The only true name resolution system that almost every TCP/IP networks uses is DNS.
Q. You are the administrator of a 100-station Ethernet network. Your users are complaining of slow network speeds. What could you replace your hub with to increase your network throughput?
A. A switch would increase performance by making virtual, direct connections between sender and receiver. A bridge and router would actually decrease performance because these devices introduce latency into the communication.
Q. Which TCP/IP utility is most often used to test whether an IP host is up and functional?
A. The Ping utility is the most often used TCP/IP utility because it allows you to test individual hosts.
Q. Which utility can you use to find the MAC and TCP/IP address of your Windows NT or 2000 workstation?
A. The ipconfig utility is available for both these operating systems. It displays information like the MAC and TCP/IP address of your workstation as well as other TCP/IP configuration information.
Q. Which utility can you use to verify a packet’s path?
A. The tracert utility traces the route from the source IP host to the destination host.
Q. Which WAN technology uses digital signaling from sender to receiver?
A. The T-series of WAN connection (such as T1, T3, and so on) uses digital signaling from sending hardware to receiving hardware.
Q. You are setting up a workstation for remote access to the office. The office has a modem pool configured, and it is working correctly. The required results are that the workstation and modem bank must establish a connection and that the server at the office must authenticate the workstation. Optionally, the workstation and office must be able to communicate by using a single protocol, and the workstation must be able to access all network devices at the office. The proposed solution is to install a POTS telephone line, modem cable, and modem connected to the workstation. How would you configure the protocols to achieve the desired results?
A. This question tests your ability to configure protocols and select the best one to meet the connectivity requirements. The recommended protocol here would be TCP/IP since it can be used across the different access methods.
Q. Which remote access protocol can run over both serial and parallel connections?
A. Because PPP doesn’t contain a physical layer specification as part of the protocol, it can run over any kind of medium.
Q. What Microsoft TCP/IP protocol can be used over the Internet to create a secure, virtual network?
A. The Point-to-Point Tunneling Protocol (PPTP) allows you to create a secure, virtual connection between two points by tunneling one protocol inside another. Usually, a PPP connection is opened over a TCP/IP link.
Q. Which type of firewall checks for a current communication and the next packet needed?
A. A proxy provides firewall services by keeping track of all communications sessions and “prefetching” the next packets.
Q. Which type of security uses a file that identifies predefined IP addresses that are allowed to send data through a router?
A. Access Control List security uses a file (the ACL) that identifies which addresses can send data through a particular firewall or router.