Network Kings


$999 $499 only For All Access Pass Today! USE PROMO CODE : LIMITED

d :
h :

Most Asked CCIE Interview Questions – Answered with Examples

ccie interview questions

Hereby, we present you with the simplest CCIE Interview Questions and answers. We hope you find this helpful. We have covered the following topics in our blog. These include 

  • CCIE Routing and Switching 
  • IP Routing 
  • OSPF 
  • BGP 
  • Quality of Service (QoS)  

We have often heard and are aware that getting Cisco Certified Internetwork Expert (CCIE) certification is an uphill task.  Although the list of things one needs to know is long,  do not worry. We have tried to simplify the same for you.

Firstly, contrary to popular belief you don’t  need a hefty number of questionnaires to ace the CCIE exam. Yet, you do need to prepare well for the exam. This blog is all about the basic concepts involved in the CCIE examination. We have included mostly the CCIE enterprise questions. You can get the help of this guide to get going. 

At times, it becomes really difficult to keep up with all the concepts. Hence we have made it easy for you here. 

Most of the time people run after complex concepts and forget about the basic ones.  

We are mostly focusing on the basic concepts in the early part of this blog. Followed by it will be some higher-level questions. If your basics are not clear, you cannot do anything about the difficult concepts. Even the interviewers ask basic questions in a CCIE interview. 

1. What is a Firewall?

A firewall is a protection wall (a device) present between a trusted and a non-trusted network. 

  •  It is a network security device that filters incoming and outgoing traffic. 
  • It does so by checking out the previous activity on a particular website based on the security policies of that website. 
  • Firewall protects an inside network from unauthorized access by users present outside a network. 
  • It also protects inside networks from each other. 
  • For example, it keeps a management network away from a user network. 

2. What are the security levels in Cisco ASA?

  • The Cisco ASA uses ‘security levels’ to estimate how much can it trust a particular network that is attached to a respective interface. 
  • It looks at the security levels that can be configured anywhere between 0-100. 
  • The higher the number, the higher the trust in that network. 
  • The lower the number, the lesser the trust in that network is. 
  • ASA allows the flow of traffic from higher security level to a lower security level only, ny default. 

3. What is DMZ (Demilitarized Zone) Server?

  • Demilitarized zone (DMZ) is a separate network behind the firewall. 
  • It allows you to access some network resources such as Web server or FTP server that are available to outside users. 
  • These are placed in the DMZ server.  
  • DMZ only includes public servers. An attack there can only affect the servers but not the inside network. 
  • The firewall allows limited access to DMZ. 

4. What is a Transparent Firewall and what is the need for it?

ASA acts as a Layer 2 device in Transparent Mode like a bridge or switch. It forwards Ethernet frames based on destination MAC-address. 

The need of Transparent firewall: 

  • It is difficult to deploy a new firewall in an already existing network. 
  • The process needs address reconfiguration, network topology changes, current firewall, etc. 
  • But transparent firewall can be easily inserted in an existing network. 
  • Transparent firewall insertion does not need any changes. 
  • It does not need to readdress or reconfigure the devices.

5. What features are not supported in Transport mode?

The following features are not supported in Transport mode: 

  • Dynamic routing 
  • Multicasting 
  • QOS 
  • VPNs like IPsec and WebVPN cannot be exited. 
  • ASA cannot act as a DHCP relay agent. 

6. What is Unit Health Monitoring in Failover? How does failover happen?

The health of a unit is measured by the ASA unit. It does so by monitoring the failover link. When a unit does not receive three continuous ‘hello’ messages on the failover link, it sends hello messages on each interface.  

These interfaces include failover interface. It checks if the other unit responses or not. 

On the basis of the responses from other units, it takes the following actions: 

  • If ASA receives a response on the failover interface, then it does not failover. 
  • If the ASA does not receive a response on the failover link, but if it does receive a response on another interface, then the unit does not failover. The failover linked is marked ‘failed’. 
  • If the ASA does not receive a response on any interface, then the standby unit changes to active mode and separates the other unit as failed. 

7. Tell us some of the commands that are not replicated to standby unit.

All types of copy commands except for # copy running-config startup-config. 

All types of the write command except for # write memory. 

8. What is the difference between Stateful failover and Stateless failover?

Stateful failover    Stateless failover 
  • After a failover happens, the same connection information is available at the new active unit. 
  • When a failover happens, all active connections are exited. 
  • Clients do not need to reconnect to keep the same connection session. 
  • Clients need to re-establish connections when the new active unit takes over. 

9. What are the various types of ACL in Firewall?

The different types of ACL in Firewall include: 

  • Standard ACL 
  • Extended ACL 
  • Ethertype ACL (Transparent Firewall) 
  • Webtype (SSL VPN) 

10. Name some of the concepts that are not possible to configure on ASA.

  • Line VTY can’t be configured on ASA. 
  • Wildcard mask concept is not present in ASA. 
  • Loopback can’t be configured on ASA. 

11. Which routing protocols are application layer protocols?

The application layer is the topmost layer of the OSI model. The users interact through this layer of the OSI model. It is layer 7 and sits at the top of the Open Systems Interconnection (OSI) communication model. 

The application layer is NOT an application. It is a component within an application that takes care of the communications to other devices. It is an abstract layer of services that allows the application from the transmission process. 

 Application Layer protocol: 


  • Telnet means TELetype NETwork. 
  •  It helps in terminal emulation, that is, it makes one PC look like another.  
  • It is used for managing files on the Internet. 
  • The TELNET command uses the TELNET protocol to talk with a remote device/system. 
  • The port number of telnet is 23. 

Steps to enable Telnet server: 

  1. switch# configure terminal  
  2. switch(config)# feature telnet  
  3. switch(config)# show telnet server  
  4. (Optional) switch(config)# show telnet server  
  5. (Optional) switch(config)# copy running-config startup-config 

2. FTP: 

  • FTP stands for File Transfer Protocol. 
  • It is a standard Internet protocol provided by TCP/IP. 
  • It is used for transmitting files from one host to another. 
  • It is used to transfer web page files from their creator to the computer. 
  • Port number is 20 for data and 21 for control. 

Steps to turn on FTP server on Cisco router: 

  • Connect the Cisco router using a telnet client. 
  • Type IP address for the router. 
  • Press the client’s connect button. 
  • Type in the password for the router to complete the connection. 
  • Type “ftp-server enable” on the command line of the terminal. 
  • Tap “Enter” key to enable server capability. 
  • Type “ftp-server topdir <directory>” on the next terminal. 
  • Add directory name for ftp files in place of <directory> to limit ftp access to directory only. 
  • Press “Enter”. 

3. TFTP: 

  • TFTP stands for Trivial File Transfer Protocol. 
  • It is the stock version of FTP. 
  • It is a technology for transferring files between network devices. 
  • It is a simplified version of FTP. 
  • The port number is 69. 

Steps to start TFTP using commands: 

To start TFTP server from the command line, type the tftpd command 

tftpd [-l] [-p port] [-t timeout] [-r maxretries] [-c concurrency_limit] [-s maxsegsize] [-f file] [-a archive directory [-a …]] [-b IP address] [directory …]  

4. NFS: 

  • It stands for Network File System. 
  • It allows remote hosts to mount file systems over network. 
  • It allows to collect resources onto centralized servers on the network. 
  • The port number for NFS is 2049. 

Command to start NFS: 

Service nfs start  

5. SMTP: 

  • It stands for Simple Mail Transfer Protocol. 
  • It is a part of the TCP/IP protocol. 
  • The port number for SMTP is 25. 

Command to start SMTP: 


6. LPD: 

  • It stands for Line Printer Daemon. 
  • It is made for printer sharing. 
  • It is the part that receives the request and then processes it. 
  • Daemon means a server/agent. 
  • The port number is 515. 

Starting the LPD remote subsystem: 

  • You can start the lpd remote subsystem with startsrc or mkitab command, or SMIT. 
  • Your system must be configured to communicate with a remote print server. 
  • You need to have root authority. 
  • At the system prompt, you need to type smit mkitab_lpd 
  • You can use the following command to start lpd remote subsystem now; 

startsrc –s lpd 

7. X window: 

  • It is the base protocol of X Window system. 
  • It is used on Unix, Linux and BSD systems. 
  • It can also be used on Microsoft Windows, Mac OS X and many other systems. 
  • It can be used on any modern operating system. 
  • It can cause versions and distributions of Linux to separate. 
  • The port number starts from 6000 and increases by 1 for every server. 

The command used to run it: 

Run sdm in runlevel 5 

8. DNS: 

  • It stands for Domain Name System. 
  • It translates a domain name into the corresponding IP address. 
  • The port number for DNS is 53. 

The command used for DNS: 

ipconfig/ flushdns 

9. DHCP: 

  • It stands for Dynamic Host Configuration Protocol (DHCP). 
  • It provides IP addresses to hosts. 
  • Port numbers for DHCP are 67, 68. 

The command used for DHCP: 

Clear ip dhcp binding {address | *} 

10. SNMP: 

  • It stands for Simple Network Management Protocol. 
  • It collects data by polling the devices on the network from a management station. 
  • The port number of SNMP is 161 (TCP) and 162 (UDP). 

The command used for SNMP: 

Snmpget –mALL  -vl  -cpublic snmp_agent_Ip_address sysName.0 

10. SNMP: 

  • It stands for Simple Network Management Protocol. 
  • It collects data by polling the devices on the network from a management station. 
  • The port number of SNMP is 161 (TCP) and 162 (UDP). 

The command used for SNMP: 

Snmpget –mALL  -vl  -cpublic snmp_agent_Ip_address sysName.0 

12. What is Unicast Reverse Path Forwarding (uRPF)?

  • A unicast reverse-path-forwarding (RPF) is a tool that lowers down the forwarding of IP packets. 
  • It takes care of the IP packets that might be copying an address. 
  • It checks the performance of a forwarding table lookup on an IP packet’s source address. 
  • It also checks its incoming interface. 
  • It follows RFC 2827 for ingress filtering.

13. Name the modes of unicast Reverse Path Forwarding.

There are two modes of unicast RPF: 

  • Strict mode 
  • Loose mode 

Strict mode is the default mode. This means that the switch forwards a packet only if the receiving interface is the best return path. 

14. What is Virtual Routing and Forwarding (VRF)?

  • Virtual routing and forwarding (RF) is an IP technology. 
  • It allows users to configure multiple routing tables to co-exist within the same router. 
  • These multiple routing instances are independent and can choose different outgoing interfaces. 

15. How does OSPF calculate its metric or cost?

The Open Shortest Path First (OSPF) uses “cost” as a value of metric. It uses a Reference Bandwidth of 100 Mbps for cost calculation. 

The formula to calculate the cost is: 

Cost = Reference Bandwidth / Interface Bandwidth 

For example, if the Ethernet is 10 Mbps, OSPF metric cost value is: 

100 Mbps/ 10 Mbps = 10. 

16. What is the function of the variable IP-OSPF-Transmit-Delay?

  • The IP-OSPF-Transmit-Delay variable adds a specific time to the age field of an update. 
  • If the delay is not added before reaching over a link, the time in which the link-state advertisement (LSA) reaches over the link is not considered. 
  • The transmit-delay is the estimated time needed for OPSFv2 to send link-state update packets to the connected interface. 

17. How often does OSPF send out link-state advertisements (LSAs)?

  • OSPF sends out LSAs when the LSA that are originated by OSPF itself. 
  • It sends out LSAs when LSA age reaches link-state refresh time, that is 1800 seconds. 

18. How does OSPF use two Multilink paths to transfer packets?

  • OSPF uses the metric costs. 
  • The metric cost is related to the bandwidth. 
  • If there are equal cost paths, OSPF installs both routes in the routing table. 
  • If one of the links fails out of multilink, OSPF does not send all the traffic to the second multilink. 
  • If the first multilink reaches 100% of its bandwidth, OSPF does not send any traffic to the second multilink. 
  • OSPF tries to use both the links equally without any interface use. 
  • The second multilink is only used when the first multilink is down. 

19. What are the debugging abilities of EIGRP?

There are two types of debug commands: 

  • Protocol-dependent debug commands 
  • Protocol-independent debug commands 

There are also a bunch of show commands that show us the table status, topology table status and EIGRP traffic statistics. 

Some of these commands are: 

  • show ip eigrp neighbors 
  • show ip eigrp interfaces 
  • show ip eigrp topology 
  • show ip eigrp traffic 

20. What does the EIGRP stuck in active message mean?

  • EIGRP is a trustworthy protocol. 
  • Any query sent by EIGRP to its neighbors must get a reply within 3 minutes. 
  • If no response is received to all its outstanding queries, it will put the route in Stuck in Active (SIA) state. 
  • This will kill the adjacent neighbors. 
  • The SIA is caused by two events: 
  • The route reported by the SIA has disappeared. 
  • An EIGRP neighbor has not responded to that route’s query. 

21. How do you configure BGP?

This is how to configure device as a node in BGP network: 

  • Configure network interfaces. 
  • Configure point-to-point peering sessions. 
  • Configure IBGP sessions between peers. 
  • Configure BGP session attributes such as the autonomous systems for the BGP peers. 
  • Configure routing policy to advertise BGP routes. 

There are also some optional steps to follow. Yet these are the necessary steps to configure BGP. 

22. What is Quality of Service (QoS)?

Quality of Service (QoS) is the use of technologies that work on a network to regulate traffic. It makes sure that the performance of critical applications does not suffer with the limited network capacity. 

It also allows organizations to adjust their network traffic by serving high-performance applications first. 

23. What is MQC?

Cisco Modular Quality of Service (MQC) gives a modular and highly extensible framework for deploying QoS. It does so by standardizing the CLI and semantics for QoS features across all platforms. It uses all those platforms that are supported by Cisco IOS software. 

Wrapping it Up!

So, we have summed up all the basic concepts that are included in Cisco Certified Internetwork Expert (CCIE) exam. You can easily prepare for your interview exam with these questions. All these topics are very important. As already mentioned, you cannot skip to the difficult concepts without clearing your basic concepts. 

You can also check out our other interview questions and answers in our blog section. The questions mentioned are not exhaustive. Please do not rely on these questions to clear your interview. These are the basic answers you need to know. 

Also, this blog is all free with answers. You do need to download any pdf and waste your time. We wish you all the best for your interview. 

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.