Cisco/CSS Corp TAC Interview Questions


Interview process:
Round One:
They will be talking very casual things such as your education or about the current organization etc. This is just for checking your communication skills. Also, they look into your confidence level and your interest in the Cisco TAC position
Round Two:
In this round, They will be checking your technical knowledge.in order to clear technical round in Cisco or any other OEM TAC you should be thorough in TCP/IP concepts.this is very important.
We have given important questions which they usually ask.all the question below is prepared based on getting into a Security TAC role.in this role mostly you will be working Cisco ASA, Cisco ISE, etc.
Please understand that if you sound very good in TCP/IP concepts and you have fare knowledge in Cisco ASA troubleshooting. mostly they may select you.suppose you are very weak in TCP/IP concepts then they will reject you for sure. once you are selected they will be giving training on their product .so you don't have to worry about that
Round 3:
This will be a managerial round where you can expect both technical and nontechnical questions.

Questions:

1. Explain the OSI Ref Model/TCP-IP Model. You need to explain each layer in detail properly along with protocols used at each layer
2. Explain about ARP, GARP, Proxy ARP, inverse ARP. You need to explain with packet structure of ARP, GARP also how the packet flow happens
3. Explain about Ethernet Frame.you have to explain fields in Ethernet frame, size of Ethernet, LLC, and MAC sublayer
4. Explain Fields in IP header
5.Explain Importance of Identification field, Flags, Fragment Offset
6.Explain the Importance of Fragmentation
7 Explain in details how the packet is reassembled
8.Explain Path MTU Discovery
9. Explain the TCP 3 way handshake. you need to explain in a way parameters informed/negotiated during the handshake
10. Explain Fields in TCP header
11. Explain Windowing in TCP
12. Explain Purpose of Sequence, Ack number
13.Explain about Window Size, MSS, Windows Scale Factor, SACK, Zero Window
14. What is the difference between MSS & MTU
15.Explain about various flags in TCP SYN, ACK, FIN, RST, PSH, URG
16. What is the Diff between Push & Urg
17. What is the Purpose of RST bit
18.Explain TCP Segmentation
19.Explain TCP 4 way close
20.Explain TCP Flow Control –Sliding Window
21.Explain about TCP retransmissions
22. Explain How Traceroute, Ping works. How we can use utilize this troubleshooting
23.Explain various ICMP Type & Code (Type 8, Type 0, Type 3, Type 11)
24.Explain the working of layer 2 switch
25.Explain MAC Table, CAM Table, ARP Table
26.Explain Static & Default Route
27.Differentiate between the stateful and stateless firewall
28. What are all the parameters found inside a firewall session table
29.Explain NAT, PAT
30.Explain SYN Flood Attack & Mitigation
31.Explain IP spoofing & Mitigation
32.Explain Packet flow through Firewall
33.Explain FTP packet flow through Firewall and how to Troubleshoot
34.Explain about firewall high availability Active/Standby, Active/Active
35. Explain How Standby knows whether Active is down or not
36.Why VPN is required
37.Explain types of VPN
38.Explain phase 1 and phase 2 messages
39.diffreentiate between main mode and aggressive mode
40.Explain Symmetric, Asymmetric keys, HMAC, DH group
41.Troubleshooting if various messages not received in IPsec (Msg1,Msg2,Msg3,Msg4,Msg5,Msg6)
42.Explain the Reasons why VPN Phase 1 does not come up
43.VPN Phase 1 up, Phase 2 down – Troubleshoot
44.VPN Phase 1 up, Phase 2 up, Traffic not flowing – Troubleshoot
45.VPN Tunnel is up but Traffic Flowing but Latency Issue-Troubleshoot
46.Explain Tunnel mode and Transport mode
47. How do we manage overlapping subnets in IPsec VPN
48.NAT-T(NAT Discovery) –VPN msgs for NAT-T Negotiation & Discovery
49. Explain ESP, AH
50.Explain about Replay Attack & Mitigation
60.Explain ports needs to be allowed in Firewall for VPN
61.Explain DHCP -Dora process with the packet flow