CLOUD SUPPORT

ASSOCIATE/ENGINEER
Technical interview round-2
computer network
& troubleshooting
 HIRING PROCESS
->Online assessment
->2 technical interviews
a. Operating system round
b. Computer Network Round
->1 managerial round
 TECHNICAL ROUND 2
Computer Network (CN) Round
Pattern we must use:

S: Situation
T: Task
A: Action
R: Result
 CN SAMPLE QUESTIONS:

1. What is Computer Network.

2. Difference between router, switch.
3. What is a Broadcast Domain?
4. OSI model with complete details and protocols on each layer.
5. DHCP DORA process
6. DNS – detailed explanation. TCP/UDP and why?
7. Subnetting
8. MSS/MTU
 CN SAMPLE QUESTIONS:
9. Complete flow when you trigger amazon.com
10. TCP and SSL handshake
11. Flow/error control
12. What is a firewall, why do you need it?
13. What is APIPA?
14. Will my computer get the same IP address allocated every
time?
15. DNS Query Process.
 CN SAMPLE QUESTIONS:
16. What happens if we type www.amazon.com. This time, the
interview went into depth about the process of questioning various
aspects.
17. What are ports and port numbers?
18. Do different tabs making queries in the browser use
different port numbers?
19. TCP handshake in detail.
20. How do PING and TRACERT commands work?
 CN SAMPLE QUESTIONS:
21. Problem on IP Addressing at the sender, gateway and
destination.
22. Detail discussion on ipv4 and ipv6.
23. How do we check IP address and Gateway and DNS Server
addresses of our device.
24. How https secure our connection.
25. Know about header(TCP, IP etc)
26. Linux command (ping, traceroute, dig, curl, mpstat etc)
 CN SAMPLE QUESTIONS:
27. What is SSL. Explain about Digital Certificates and TLS
Handshake.
28. 3- way handshake?
29. What are few methods of HTTP, what is HTTPs, is the port
number different for HTTPs, how is SSL related to HTTPs, explain
SSL
30. What methods are available to us in flow control and error
detection/correction?
 CN SAMPLE QUESTIONS:

30. What is public IP? How is it different from private IP? Can I
connect to the internet using private IP? What is NAT?
31. System automation – cron, batch jobs, windows startup
tasks
32. Firewall in detail with all types
(advantages/disadvantages)
33. Scenerio based questions
 CN SAMPLE QUESTIONS:
34. Differentiate OSI Reference Model with TCP/IP Reference
Model
35. What is HTTP status code.
36. Port and most used port number HTTP-80

TIPS: Learn every topic of CN including all Linux network

troubleshooting command.
 LINUX MOST IMPORTANT COMMANDS
Important Linux Commands:
1. $ ifconfig. 10. $ ip
2. $ ping 11. $ ss
3. $ traceroute 12. $ curl & $ wget
4. $ netstat 13. $ mtr
5. $ dig 14. $ whois
6. $ nslookup 15. $ tcpdump
7. $ route 16. $ arch
8. $ host 17. $ uname -ar
9. $ hostname 18. $ uptime
 LINUX MOST IMPORTANT COMMANDS
Important Linux Commands:
19. $ who 27. $ dmesg
20. $ lsof –i 28. $ vmstat
21. $ lscpu 29. $ pidstat
22. $ free –h 30. $ mpstat
23. $ df –h 31. $ iostat
24. $ ps aux 32. $ sar
25. $ top many more…..
26. $ journalctl. [+]
 FEW IMPORTANT LINKS
• Few Links:

[1] https://www.youtube.com/playlist?list=PLlwYhh6ZczhGGyHYQaN-rcR-
5BNP5xLsb

[2]
https://www.youtube.com/playlist?list=PLlwYhh6ZczhHY5dOvARoisrpu1X4xM
qkh

[3] https://youtu.be/t3gXEk3789s?si=PbxiVKHbVPFT3DSc

[4] https://youtu.be/qKwA-OmFAs8?si=teEUNkCQDMcvwG7W
 CN SAMPLE QUESTIONS:

Scenario Based Questions

 CN SAMPLE QUESTIONS:
1. Scenario: DNS Resolution Issues
1. Question: A customer is unable to reach a specific domain (e.g., example.com).
How would you troubleshoot this issue?
• Answer:
• Step 1: Check the DNS resolution on the client machine using the nslookup or dig command:
$ nslookup example.com
• Step 2: Verify the DNS server the client is using by checking /etc/resolv.conf (Linux) or ipconfig /all
(Windows).
• Step 3: If DNS fails to resolve, try using a public DNS like Google’s DNS (8.8.8.8) to isolate the issue.
• Step 4: If the DNS resolves, but the website is unreachable, perform a ping or traceroute to the domain
to identify any network issues.
• Step 5: Check for any network blocks or firewalls preventing DNS queries.
• Step 6: If DNS is misconfigured on the server side, recommend checking the domain’s nameservers
and records (A, CNAME, MX, etc.).
 CN SAMPLE QUESTIONS:
2. Scenario: High Latency Between EC2 Instances
Question: A customer is reporting high latency between two EC2 instances in the same VPC. How would you investigate this?
• Answer:
• Step 1: Verify if both EC2 instances are in the same Availability Zone and VPC subnet. Network performance can degrade.
between different zones
• Step 2: Use the ping command to measure round-trip time between the instances. $ ping <other_instance_ip>
• Step 3: Check Network Interface (ENI) metrics for any packet loss or errors.
• Step 4: Verify instance type and ensure they are not network-constrained based on their instance class (some instance
types have network performance limits).
• Step 5: Check for any security group or Network ACL that might be throttling traffic.
• Step 6: Use CloudWatch metrics to monitor network performance (e.g., NetworkIn/NetworkOut).
 CN SAMPLE QUESTIONS:
3. Scenario: Subnet Configuration Issues
Question: A customer has launched an EC2 instance in a new VPC but cannot access it via SSH. What could be the issue?
Answer:
• Step 1: Verify if the instance has a public IP or Elastic IP assigned. Without it, external access is impossible.
• Step 2: Check the route table for the subnet. Ensure there is a default route (0.0.0.0/0) pointing to an Internet
Gateway (IGW).
• Step 3: Review the security group attached to the instance to ensure inbound rules allow SSH (port 22) from the
desired IP range.
• Step 4: Verify Network ACLs are not blocking SSH traffic.
• Step 5: Confirm that the instance is in a public subnet with an appropriate IGW association.
• Step 6: Ensure the private key used for SSH matches the key pair associated with the instance.
 CN SAMPLE QUESTIONS:
4. Scenario: Slow Network Performance
Question: A customer is experiencing slow download speeds from their S3 bucket when accessing it from an EC2 instance. How would you
troubleshoot?
Answer:
• Step 1: Check the network bandwidth of the EC2 instance. If the instance is network-constrained, upgrading to a
larger instance type might help.
• Step 2: Measure download speeds using tools like wget or curl
$ wget https://s3-region.amazonaws.com/bucket_name/file
• Step 3: Use VPC Flow Logs to check for any abnormal traffic behavior or packet loss between the instance and S3.
• Step 4: If the instance and the S3 bucket are in different regions, cross-region latency could be the issue.
Recommend creating the S3 bucket in the same region as the EC2 instance.
• Step 5: For large files, ensure multipart upload is being used for better performance and fault tolerance..
 CN SAMPLE QUESTIONS:
5. Scenario: IP Conflict in VPC
Question: A customer is reporting connectivity issues between two EC2 instances within the same VPC.
What could be causing this?
Answer:
• Step 1: Check if both instances have unique private IP addresses. If there is an IP conflict (both instances sharing the same
IP), this could cause connectivity issues.
• Step 2: Verify the subnet CIDR block to ensure there’s enough IP range allocated for the instances.
• Step 3: Review the route table to ensure the routes are configured correctly for communication between the subnets.
• Step 4: Check Network ACLs and security groups for any overlapping rules that might be causing traffic blocking or
routing issues.
• Step 5: If an IP conflict is found, reassign a new private IP to one of the instances or adjust the VPC/subnet configuration.
 CN SAMPLE QUESTIONS:
6. DNS Fails After EC2 Instance Restart
Question: After restarting an EC2 instance, the customer is unable to resolve domain names. What might
have happened?
Answer:
• Step 1: Check if the DHCP option set in the VPC is correctly configured with the DNS server IP (typically Amazon-provided
DNS: 169.254.169.253).
• Step 2: Ensure that DNS resolution is enabled in the VPC settings.
• Step 3: Verify the resolv.conf file (on Linux) or DNS settings (on Windows) to ensure the correct DNS servers are listed.
• Step 4: If using a custom DNS, check if the custom DNS server is operational.
• Step 5: Test DNS resolution by using a command like:
• nslookup example.com
 CN SAMPLE QUESTIONS:
7. Slow Access to an S3 Bucket from an EC2 Instance
Question: A customer reports slow access when downloading files from an S3 bucket to their EC2 instance. What steps would you
take to troubleshoot this issue?
Answer:
• Step 1: Confirm the region of both the S3 bucket and the EC2 instance. Slow performance could be due to cross-region data
transfers. Recommend keeping the EC2 instance and S3 bucket in the same region to reduce latency.
• Step 2: Measure download speed using wget or curl to assess the transfer rate:
$ wget https://bucket-name.s3.amazonaws.com/file
• Step 3: Check the instance's network performance. If it's a small instance type, upgrade to an instance with higher network
bandwidth.
• Step 4: Use VPC Flow Logs to check for any potential network issues or high latency in the data transfer.
• Step 5: For large files, suggest using S3 Transfer Acceleration or multipart uploads for faster performance.
• Step 6: Analyze CloudWatch metrics for S3 requests to ensure the bucket is not being throttled.
 CN SAMPLE QUESTIONS:
8. AWS Load Balancer Health Checks Failing
Question: A customer is using an Application Load Balancer (ALB) in front of several EC2 instances, but the health checks
are failing. What could be causing this?
Answer:
• Step 1: Verify that the EC2 instances are running, and their applications are responding on the specified health check path.
• Step 2: Ensure the security group attached to the EC2 instances allows inbound traffic from the Load Balancer’s security group on the required
port.
• Step 3: Check the health check configuration on the ALB, including the target group’s path and port. Ensure the health check path matches a
valid endpoint on the instance (e.g., /health or /status).
• Step 4: Test the application manually from inside the VPC using a command like curl to ensure it’s responding correctly:
$ curl http://instance-ip:port/health
• Step 5: If the health check is set to HTTPS, confirm that the SSL/TLS certificate is valid and that the ALB can communicate with the instance
using the correct protocol.
• Step 6: Use CloudWatch metrics to observe any failed health checks or connectivity issues with the instances.
 THANKS FOR WATCHING

Like, subscribe and share

With your friends.
For more such contents…
☺☺☺