Well, its been a while. I’ve been amazingly busy. Worked my tail off. Had issues with migraines from studying which I was able to get resolved by using a neti pot twice a day to relive sinus pressure. Worked on a network with something like 60-80 thousand clients on it (Delta Airlines). And now have an interview with Microsoft tomorrow. I don’t think I know anyone that has interviewed with them before. This is probably the apex of my career to be honest. Simply getting the interview lol. It’s basically working escalations from network admins to Microsoft, as I understand the job description. Which is interesting because that’s basically the job I’ve been doing for the last 3 years or so. Also I have yet to actually finish my CCNA, I got a noticed to re cert my Sec+ and Net+ which costs about 200 each and I learned to speak Japanese by messing with electronics (guitar pedals), reading the news and watching Gundam Wing. So that’s where we are at. Most of this stuff I was familiar with but its a good idea to review materials. Especially in what will turn out to be the absolute apex of my professional career, interviewing with Microsoft. I have “no idea how this happened”
1. What is the primary difference between TCP and UDP?
Response: UDP is connectionless and works with things like streaming content, TCP/IP in essence, based on header content, normal website traffic that’s connection oriented and sends sequenced packets based on task.
2. What layer of the OSI model is responsible for connection-oriented behavior?
Response: Short answer, OSI model, the transport layer is only connection-oriented. Now Lets cover this whole OSI model thing because its absolute horseshit if you use any kind of tools to look at what’s going out over the network. Ok, maybe horseshit is too strong of a phrase for those lacking in ability to digest local linguistic flavors however, I think the TCP model may work better. I’m also not presenting this case to institutions that provide standardized testing.
|OSI Model||TCP/IP model|
|OSI model provides a clear distinction between interfaces, services, and protocols.||TCP/IP doesn’t offer any clear distinguishing points between services, interfaces, and protocols.|
|OSI uses the network layer to define routing standards and protocols.||TCP/IP uses only the Internet layer.|
|OSI model use two separate layers physical and data link to define the functionality of the bottom layers||TCP/IP uses only one layer (link).|
|OSI model, the transport layer is only connection-oriented.||A layer of the TCP/IP model is both connection-oriented and connectionless.|
|In OSI model, data link layer and physical are separate layers.||In TCP data link layer and physical layer are combined as a single host-to-network layer.|
|The minimum size of the OSI header is 5 bytes.||Minimum header size is 20 bytes.|
The TCP/IP is a lot more logical. Honestly, I’m not clear on how the transport and network layers differ. Possibly adding in VLAN/Subnets with transport.
Disadvantages of OSI Model
Here are some cons/ drawbacks of using OSI Model:
- Fitting of protocols is a tedious task.
- You can only use it as a reference model.
- It doesn’t define any specific protocol.
- In the OSI network layer model, some services are duplicated in many layers such as the transport and data link layers
- Layers can’t work in parallel as each layer need to wait to obtain data from the previous layer.
Here is the reference citation TCP/IP vs OSI Model: What’s the Difference? I’m not copying “The Disadvantages” of the TCP/IP info here lol
01 Scenario: An administrator approaches you with a network monitor trace of what he describes as a failure to connect to another server. What clarifying questions would you ask to enable you to assist with analysis of the failure?
Response: first of all, do I have access to the network? Can I see this real time?
1. You gather the details and begin analyzing the trace. You have been advised that the admin could ping the destination server successfully. How would you validate the successful ping result?
Response: First check to make sure that DNS records are not stale and then have him remote into whatever box is on that IP if the DNS records seem Ok to verify that the box is up and correctly labeled in DNS and then check the service they are trying to connect to.
2. You continue the analysis and see that the source machine is sending sync requests, but no replies are coming back from the destination server which is on the same subnet as the source server. What action would you take next?
Response: Where is the box in your infrastructure? Are the ports on the machine open to the web? Does it have a public IP, I would assume that it does but you never know. How did you register the FQDN and where did you purchase it from? The IP of the site, can you resolve that publicly?
3. Is the web server directly connected to the Internet, or is it behind a firewall?
Response: This would be a question asked in the answer above. That’s not information I would have normally and would request of the client.
Interview Prep: (cont)
Need someone with WIRESHARK or netmon or networkmonitor experience
I’m fairly familiar with these, which is why I have trouble with the OSI model. Anyway, here is some info on each, in video form. With the exception of wireshark because it looks about the same as the other one (netmon is the command used to open windows network monitor). In addition Wireshark, great not normally deployed in production and without partnering with dev to know exactly what the application is supposed to be sending, not normally much more helpful that traceroute or tracert.
Need someone with strong DNS/DHCP TCP/IP experience (specifically server message block or DFSN)
Adding SMB1 protocol support to Windows Server 2019