Preparing for a CCNA interview requires more than just memorizing definitions. Interviewers expect you to demonstrate concept clarity, practical understanding, and real-world troubleshooting skills.

This guide covers 100 carefully selected CCNA interview questions, categorized from beginner to advanced level, with clear and elaborated answers to help you crack your networking interview confidently.

1. What is a computer network?

A computer network is a collection of interconnected devices that communicate with each other to share resources such as data, applications, and hardware. Networks can be wired or wireless and are essential for modern communication systems.

2. What is an IP address?

An IP address is a unique numerical identifier assigned to each device on a network. It helps in identifying the source and destination of data packets. IPv4 uses 32-bit addressing, while IPv6 uses 128-bit addressing to support a larger number of devices.

3. What is a subnet mask?

A subnet mask is used to divide an IP address into network and host portions. It helps devices determine whether another device is on the same network or a different one.

4. What is a MAC address?

A MAC address is a unique physical address assigned to a network interface card (NIC). It operates at the Data Link layer and is used for communication within a local network.

5. What is DNS?

DNS (Domain Name System) translates domain names into IP addresses, allowing users to access websites without remembering numerical IPs.

6. What is DHCP?

DHCP automatically assigns IP addresses and other network configurations to devices, reducing manual configuration effort and avoiding IP conflicts.

7. What is the OSI model?

The OSI model is a 7-layer framework used to understand how data flows in a network. Each layer performs specific functions, from physical transmission to application-level communication.

8. What is TCP/IP model?

The TCP/IP model is a practical networking model with four layers: Application, Transport, Internet, and Network Access.

9. What is TCP?

TCP is a connection-oriented protocol that ensures reliable data delivery through acknowledgments, sequencing, and error checking.

10.  What is UDP?

UDP is a connectionless protocol that provides faster data transmission but does not guarantee delivery.

11. What is HTTP and HTTPS?

HTTP is used for web communication, while HTTPS is a secure version that uses encryption (SSL/TLS).

12. What is FTP?

FTP is used to transfer files between systems over a network.

13. What is ARP?

ARP maps an IP address to its corresponding MAC address within a local network.

14.  What is ICMP?

ICMP is used for error reporting and diagnostics, such as the ping command.

15. What is a port number?

A port number identifies specific services running on a device, enabling multiple services to operate simultaneously.

16. What is a router?

A router connects different networks and forwards data packets based on IP addresses.

17. What is a switch?

A switch connects devices within a LAN and forwards data using MAC addresses.

18. What is a hub?

A hub is a basic networking device that broadcasts data to all connected devices.

19. What is a firewall?

A firewall is a security device that monitors and filters incoming and outgoing network traffic.

20. What is NAT?

NAT translates private IP addresses into a public IP address for internet access.

21. What is VLAN?

A VLAN logically separates networks within the same physical infrastructure.

22. What is a default gateway?

A default gateway is the device that forwards traffic from a local network to external networks.

23. What is latency?

Latency is the delay in data transmission over a network.

24. What is packet loss?

Packet loss occurs when data packets fail to reach their destination.

25. What is bandwidth?

Bandwidth refers to the maximum data transfer rate of a network.

26. What is encapsulation?

Encapsulation is the process of adding headers to data as it moves through OSI layers.

27. What is decapsulation?

Decapsulation is the removal of headers at the receiving end.

28. What is ping?

Ping is a tool used to test connectivity between devices.

29. What is traceroute?

Traceroute shows the path taken by packets to reach a destination.

30. What is IPv6?

IPv6 is the next-generation IP addressing system with a larger address space.

31. What is a broadcast domain?

A broadcast domain is a network segment where broadcast traffic is forwarded.

32. What is a collision domain?

A collision domain is a network segment where data collisions can occur.

33.  What is a NIC?

A Network Interface Card connects a device to a network.

34. What is full duplex?

Full duplex allows simultaneous two-way communication.

35. What is half duplex?

Half duplex allows communication in one direction at a time.

36. What is an access point?

An access point provides wireless connectivity to devices.

37. What is a protocol stack?

A protocol stack is a set of protocols working together in layers.

38. What is a private IP range?

Private IP ranges are reserved for internal use (e.g., 192.168.x.x).

39. What is a public IP?

A public IP is accessible over the internet.

40. What is a DNS server?

A DNS server resolves domain names into IP addresses.

41.  What is subnetting and why is it used?

Subnetting divides a network into smaller segments to improve performance, security, and IP management.

42.  What is CIDR?

CIDR (Classless Inter-Domain Routing) allows flexible IP allocation using prefix notation (e.g., /24).

43. What is a routing table?

A routing table stores routes used by routers to forward packets.

44. What is static routing?

Static routing is manually configured and does not change automatically.

45. What is dynamic routing?

Dynamic routing uses protocols to automatically update routes.

46. What is RIP?

RIP is a distance-vector routing protocol based on hop count.

47. What is OSPF?

OSPF is a link-state routing protocol that calculates the shortest path using cost.

48. What is EIGRP?

EIGRP is a hybrid routing protocol combining distance-vector and link-state features.

49. What is STP?

STP prevents loops in a network by blocking redundant paths.

50. What is a trunk port?

A trunk port carries traffic from multiple VLANs.

51. What is STP (Spanning Tree Protocol)?

Spanning Tree Protocol (STP) is used to prevent Layer 2 network loops in switched networks. Loops can cause broadcast storms and bring the network down.

STP works by:

1. Identifying redundant paths
2. Blocking unnecessary links
3. Keeping one active path
4. It dynamically recalculates paths if a link fails, ensuring network stability.

52.  What is RSTP?

RSTP (Rapid Spanning Tree Protocol) is an improved version of STP that provides faster convergence.

Unlike STP, which takes time to reconfigure, RSTP quickly adapts to topology changes, making networks more efficient.

53.  What is VTP?

VTP (VLAN Trunking Protocol) is used to manage VLAN configurations across multiple switches in a network.

It helps:

1. Reduce manual configuration
2. Ensure VLAN consistency

VTP modes include:

• Server
• Client
• Transparent

54.  What is Inter-VLAN Routing?

Inter-VLAN routing allows communication between different VLANs.

Since VLANs are separate networks, a Layer 3 device (router or Layer 3 switch) is required to route traffic between them.

55.  What is a Layer 3 Switch?

A Layer 3 switch performs both:

1. Switching (Layer 2)
2. Routing (Layer 3)

It is faster than routers for internal routing and is commonly used in enterprise networks.

56.  What is Port Security?

Port security is a feature that restricts access to a switch port by allowing only specific MAC addresses.

It helps prevent:

1. Unauthorized access
2. MAC flooding attacks

57.  What is EtherChannel?

EtherChannel combines multiple physical links into a single logical link.

Benefits:

1. Increased bandwidth
2. Redundancy
3. Load balancing

58.  What is a Routing Protocol?

Routing protocols are used by routers to exchange routing information and determine the best path for data.

Examples:

1. RIP
2. OSPF
3. EIGRP

59.  What is Administrative Distance?

Administrative Distance (AD) is a value used to determine the trustworthiness of a routing source.

Lower AD = More preferred route

Example:

1. Connected: 0
2. Static: 1
3. OSPF: 110

60. What is Metric in Routing?

A metric is a value used by routing protocols to determine the best path.

Different protocols use different metrics:

1. RIP → Hop count
2. OSPF → Cost
3. EIGRP → Bandwidth + Delay

61.  What is OSPF and how does it work?

OSPF (Open Shortest Path First) is a link-state routing protocol.

It works by:

1. Sharing link-state information
2. Building a complete network topology
3. Calculating shortest path using Dijkstra algorithm

62.  What are OSPF Areas?

OSPF divides networks into areas to improve scalability.

1. Area 0 → Backbone
2. Other areas connect to Area 0
3. This reduces routing overhead and improves efficiency.

63.  What is EIGRP?

EIGRP is a hybrid routing protocol combining features of both distance-vector and link-state protocols.

It uses:

1. DUAL algorithm
2. Fast convergence
3. Multiple metrics

64.   What is RIP?

RIP is a distance-vector routing protocol that uses hop count as its metric.

Limitations:

1. Maximum 15 hops
2. Slow convergence

65.   What is a Default Route?

A default route is used when no specific route is available for a destination.

It is often configured as:

1. 👉 0.0.0.0/0
2. It directs traffic to a default gateway.

66.  What is ACL (Access Control List)?

ACLs are used to filter network traffic based on rules.

They can:

1. Allow traffic
2. Deny traffic

Types:

1. Standard ACL
2. Extended ACL

67.  Difference between Standard and Extended ACL?
    1. Standard ACL → Filters based on source IP
    2. Extended ACL → Filters based on source, destination, port, protocol
    3. Extended ACLs provide more control and security.

68.  What is PAT?

PAT (Port Address Translation) is a type of NAT where multiple devices share a single public IP using different port numbers.

Also called: NAT Overload

69.  What is DHCP Relay?

DHCP Relay forwards DHCP requests from clients to a DHCP server located on a different network.

Without relay, DHCP works only within the same subnet.

70.  What is CDP?

CDP (Cisco Discovery Protocol) is used to discover directly connected Cisco devices.

It provides information like:

1. Device ID
2. IP address
3. Platform

71.  What is LLDP?

LLDP (Link Layer Discovery Protocol) is similar to CDP but is vendor-neutral.

It works across devices from different manufacturers.

72.  What is SNMP?

SNMP (Simple Network Management Protocol) is used for monitoring and managing network devices.

It collects data like:

1. CPU usage
2. Bandwidth usage
3. Device status

73.  What is Syslog?

Syslog is used to record system messages and logs from network devices.

It helps in:

1. Troubleshooting
2. Monitoring
3. Security analysis

74.  What is NTP?

NTP (Network Time Protocol) synchronizes time across network devices.

Accurate time is important for:

1. Logs
2. Security
3. Troubleshooting

75.  What is QoS?

QoS (Quality of Service) is used to prioritize network traffic.

76. What is BGP?

BGP is a path-vector routing protocol used for routing between autonomous systems on the internet.

77. What is HSRP?

HSRP provides network redundancy by using a virtual IP address for failover.

78. What is VRRP?

VRRP is similar to HSRP and provides gateway redundancy.

79. What is load balancing?

Load balancing distributes traffic across multiple servers to improve performance and reliability.

80. What is QoS?

QoS prioritizes network traffic to ensure performance for critical applications.

81. What is network convergence?

Convergence is the time taken for all routers to update routing tables after a change.

82. What is a broadcast storm?

A broadcast storm occurs when excessive broadcast traffic overwhelms a network.

83. What is port security?

Port security restricts access to a switch port based on MAC addresses.

84. What is a VPN?

A VPN creates a secure encrypted connection over the internet.

85. What is AAA?

AAA stands for Authentication, Authorization, and Accounting.

86. What is SNMP?

SNMP is used for network monitoring and management.

87. What is NetFlow?

NetFlow collects IP traffic data for analysis.

88. What is ACL?

ACLs filter traffic based on rules.

89. What is a DMZ?

A DMZ is a network segment that exposes services to the internet while protecting the internal network.

90. What is network automation?

Network automation uses scripts and tools to manage networks efficiently.

91. What is SDN?

Software Defined Networking separates control and data planes.

92. What is virtualization?

Virtualization allows multiple virtual systems on a single physical device.

93. What is VXLAN?

VXLAN extends VLANs over large networks.

94. What is spine-leaf architecture?

A modern data center design for scalability and performance.

95. What is a failover?

Failover ensures backup systems take over during failure.

96. What is redundancy?

Redundancy provides backup paths to avoid downtime.

97. What is network segmentation?

Segmentation divides networks for security and performance.

98. What is cloud networking?

Cloud networking involves managing networks in cloud environments.

99. What is Zero Trust security?

Zero Trust assumes no device is trusted by default.

100. What is network troubleshooting methodology?

A structured approach: identify → isolate → fix → verify.