104 Questions to Cracked WCDMA

7/31/2019 104 Questions to Cracked WCDMA

1/42

104 Questions to Cracked WCDMA/3G Interview

1)What are the RRC states?

a.Cell DCH

b.Cell FACH

c.Cell PCH

d.URA PCH

2)Describe different RRC States?

a. Cell DCH:

When UE is switched ON, it assumes the CELL_DCH State by default.

It exists when UE really requires UL/DL dedicated resource.

UE is characterized at cell level according to its current Active set.

Logical channels DCCH+DTCH are mapped to transport channel DCH.

E.g. Voice call(CS), Video telephony(CS+PS)

b.Cell FACH:

This happens when,

(1) UE doesnt require continuous circuit connection with n/w, but DL packets

will work.

(2) UE is forced to release the n/w resources to decrease the congestion

problems (flip-flop between DCH and FACH).

(3) Eventual location updates to support CELL_PCH and URA_PCH states (flip-

flop between FACH and PCH).

E.g. Call on hold(CS), File downloading(PS)


2/42

No dedicated UL/DL is provided. However, UE will keep monitoring to DL

common transport channel FACH continuously and receives packet data

meant for UE itself.

When UL transmission is required, it uses RACH for 1-2 frames or CPCH for few

more frames, depending on common access procedures; still UL transmissionwill be discontinuous.

UE is known on cell level, but this time its based on the last cell update it

made.

c.Cell PCH:

This happens when UE doesnt require an active

connection(common/dedicated). But still needs to be connected, as itsexpecting a n/w initiated or terminated call(CS or PS) in future.

So, no UL transmission is allowed. Selects a PCH(based on algo.) and keep

monitoring (receiving) it in discontinuous mode(DRX).

Can commute only into CELL_FACH state.

E.g. No outgoing call or data receive for long time

UE is still identified on cell level, but now in the cell where UE made its last

update, when it was in CELL_FACH state.

At regular time interval, UE would have to move in CELL_FACH state to update

the location area. If UE is traveling, this update will become frequent because

of changing cells.

In some cases UE can have the transition from CELL_DCH to CELL_PCH, but not

vice versa; it has to go via CELL_FACH.

d.URA PCH:

This can be considered as a general case of CELL_PCH state. Because all thecharacteristics are same except one.

That is, UE is known on URA(UTRAN Registration Area) level rather than cell

level. It listens to PCH(and updates URA when required).

If UE is traveling continuously from one cell to another. It would have to transit

multiple time to CELL_FACH state for location update. By assigning URA_PCH


3/42

state, this condition is avoided, since 1 URA contains one or more cells and

vice versa.

3)In which conditions UE will be in Cell FACH state?

This happens when,

UE doesnt require continuous circuit connection with n/w, but DL packets will

work.

UE is forced to release the n/w resources to decrease the congestion problems

(flip-flop between DCH and FACH).

Eventual location updates to support CELL_PCH and URA_PCH states (flip-flop

between FACH and PCH).

E.g. Call on hold(CS), File downloading(PS)

4)What is the difference between Cell PCH and URA PCH state?

UE is known on URA(UTRAN Registration Area) level rather than cell level

If UE is traveling continuously from one cell to another. It would have to transit



vice versa

5)What is U-RNTI?

URNTI is a 32bit identity.

SRNC identifier + SRNTI makes URNTI

6)Describe the CELL search procedure?

The Cell Search procedure can be summarised into the following steps:

a.Cell Selection: Determine the cell whose received carrier power is the

strongest


4/42

b.Slot Synchronisation: the UE reads the P-SCH of the strongest carrier and

feeds the received signal through a matched filter (that is matched to the

Primary Synchronisation Code). The slot timing is detected via detection of

peaks in the output of the matched filter.

c.Frame Synchronisation and Scrambling Code Group Identification: the UEreads the S-SCH of the strongest carrier, and correlates the received signal

with all the possible 64 Secondary Synchronisation Codes. The output that

gives maximum correlation gives the group of the Primary Scrambling Code

used in the cell. This process also gives the frame timing since the Secondary

Synchronisation Code is different for each slot and the group tells the mapping

between slots and SSCs.

d.Scrambling Code Identification: The UE attempts then to read the P-CPICH so

as to extract the Primary Scrambling Code used in the cell. The P-CPICH is

always scrambled by the Primary Scrambling Code of the cell and is spread afactor 256 and an OVSF whose index is zero. Since the Primary Scrambling

Codes are grouped into 64 groups of 8 Scrambling Codes and the S-SCH has

given the Scrambling Code group only 8 possibilities remain. So the P-CPICH is

unscrambled separately withevery possible Scrambling Code (8) in the group

and only one output will produce correct results and the Primary Scrambling

Code of the cell is determined.

e.Read Broadcast Information: Since the P-CCPCH is always scrambled by the

Primary Scrambling Code of the cell (which has now been determined) and isalways spread using SF=256 with OVSF index=1, The UE can read the P-

CCPCH without any problem. The P-CCPCH carries the BCH where system

information blocks are broadcast throughout the entire cell. The UE can

acquire at this stage various information (e.g. Spreading Factors, OVSF

indexes and Scrambling Codes used in other downlink channels, important

parameters for PRACH transmission, Measurement Parameters, Transport

Formats etc.) and can then decodeother downlink channels, initiate a PRACH

procedure, performs some specific measurements etc.

7)Radio bearer configuration mappings?

Signalling radio bearer RB0 shall be used for all messages sent on the CCCH

(UL: RLC-TM, DL: RLC-UM).


5/42

Signalling radio bearer RB1 shall be used for all messages sent on the DCCH,

when using RLC unacknowledged mode (RLC-UM).

Signalling radio bearer RB2 shall be used for all messages sent on the DCCH,

when using RLC acknowledged mode (RLC-AM), except for the RRC messages

carrying higher layer (NAS) signalling.

Signalling radio bearer RB3 and optionally Signalling radio bearer RB4 shall be

used for the RRC messages carrying higher layer (NAS) signalling and sent on

the DCCH in RLC acknowledged mode (RLC-AM).

Additionally, RBs whose identities shall be set between 5 and 32 may be used

as signalling radio bearer for the RRC messages on the DCCH sent in RLC

transparent mode (RLC-TM).

8)What are the types of RNTI s? In Which context C-RNTI and U-RNTI used?

9)What are the types of hand over?

Here are following categories of handover (also referred to as handoff):

Hard Handover

Hard handover means that all the old radio links in the UE are removed beforethe new radio links are established. Hard handover can be seamless or non-

seamless. Seamless hard handover means that the handover is not

perceptible to the user. In practice a handover that requires a change of the

carrier frequency (inter-frequency handover) is always performed as hard

handover.

Soft Handover

Soft handover means that the radio links are added and removed in a way that

the UE always keeps at least one radio link to the UTRAN. Soft handover is

performed by means of macro diversity, which refers to the condition that

several radio links are active at the same time. Normally soft handover can be

used when cells operated on the same frequency are changed.

Softer handover


6/42

Softer handover is a special case of soft handover where the radio links that

are added and removed belong to the same Node B (i.e. the site of co-located

base stations from which several sector-cells are served. In softer handover,

macro diversity with maximum ratio combining can be performed in the Node

B, whereas generally in soft handover on the downlink, macro diversity with

selection combining is applied.

Generally we can distinguish between intra-cell handover and inter-cell

handover. For UMTS the following types of handover are specified:

Handover 3G -3G (i.e. between UMTS and other 3G systems)

FDD soft/softer handover

FDD inter-frequency hard handover

FDD/TDD handover (change of cell)

TDD/FDD handover (change of cell)

TDD/TDD handover

Handover 3G - 2G (e.g. handover to GSM)

Handover 2G - 3G (e.g. handover from GSM)

The most obvious cause for performing a handover is that due to its

movement a user can be served in another cell more efficiently (like less

power emission, less interference). It may however also be performed for

other reasons such as system load control.

10)Handover procedures?

11)What are types of measurements?

Intra-frequency measurements: measurements on downlink physical channels

at the same frequency as the active set. A measurement object correspondsto one cell. Detailed description is found in subclause 14.1.

Inter-frequency measurements: measurements on downlink physical channels

at frequencies that differ from the frequency of the active set and on downlink

physical channels in the active set. A measurement object corresponds to one

cell. Detailed description is found in subclause 14.2.


7/42

Inter-RAT measurements: measurements on downlink physical channels

belonging to another radio access technology than UTRAN, e.g. GSM. A

measurement object corresponds to one cell. Detailed description is found in

subclause 14.3.

Traffic volume measurements: measurements on uplink traffic volume. Ameasurement object corresponds to one cell. Detailed description is found in

subclause 14.4.

Quality measurements: Measurements of downlink quality parameters, e.g.

downlink transport block error rate. A measurement object corresponds to one

transport channel in case of BLER. A measurement object corresponds to one

timeslot in case of SIR (TDD only). Detailed description is found in subclause

14.5.

UE-internal measurements: Measurements of UE transmission power and UEreceived signal level. Detailed description is found in subclause 14.6.

UE positioning measurements: Measurements of UE position. Detailed

description is found in subclause 14.7.

12)What is paging? Why paging is required?

Paging: This procedure is used to transmit paging information to selected UEs

in idle mode, CELL_PCH or URA_PCH state using the paging control channel(PCCH).

Paging can be initiated :

Upper layers in the network may request paging, to e.g. establish a signaling

connection.

UTRAN may initiate paging for UEs in CELL_PCH or URA_PCH state to trigger a

cell update procedure.

UTRAN may initiate paging for UEs in idle mode, CELL_PCH and URA_PCH stateto trigger reading of updated system information.

UTRAN may also initiate paging for UEs in CELL_PCH and URA_PCH state to

release the RRC connection.

13)Type of Paging?


8/42

Paging Type 1

Paging Type 2(UE dedicated paging)

14)When dedicated paging is used?

a.This procedure is used to transmit dedicated paging information to one UE in

connected mode in CELL_DCH , CELL_FACH or CELL_PCH (FDD only) state.

Upper layers in the network may request initiation of paging.

b.For a UE in CELL_DCH, CELL_FACH or CELL_PCH (FDD only) state, UTRAN

initiates the procedure by transmitting a PAGING TYPE 2 message on the

DCCH using AM RLC. When not stated otherwise elsewhere, the UTRAN may

initiate the UE dedicated paging procedure also when another RRC procedure

is ongoing, and in that case the state of the latter procedure shall not be

affected.

c.UTRAN should set the IE "Paging cause" to the cause for paging received

from upper layers. If no cause for paging is received from upper layers, UTRAN

should set the value "Terminating cause unknown".

15)In what situation UE goes to CELL PCH and URA PCH states?

a.Cell PCH:

This happens when UE doesnt require an active

Connection(common/dedicated). But still needs to be connected, as its

expecting a n/w initiated or terminated call(CS or PS) in future

b.URA PCH:

In Cell PCH UE is still identified on cell level, but now in the cell where UE

made its last update, when it was in CELL_FACH state.At regular time interval,

UE would have to move in CELL_FACH state to update the location area. If UE

is traveling, this update will become frequent because of changing cells. If UE

is traveling continuously from one cell to another. It would have to transit



9/42


vice versa

16)What is Cell Update Procedure? What are various Cell Update causes?

1> Uplink data transmission:

2> for FDD, if the variable H_RNTI is not set, and for TDD:

3> if the UE is in URA_PCH or CELL_PCH state; and

3> if the UE has uplink RLC data PDU or uplink RLC control PDU on RB1 or

upwards to transmit:

4> perform cell update using the cause "uplink data transmission".

1> Paging response:

2> if the criteria for performing cell update with the cause specified above.

are not met; and

2> if the UE in URA_PCH or CELL_PCH state, receives a PAGING TYPE 1

.message fulfilling the conditions for initiating a cell update procedure.

3> perform cell update using the cause "paging response".

1> Radio link failure:

2> if none of the criteria for performing cell update with the causes specified

above in the current subclause is met:

3> if the UE is in CELL_DCH state and the criteria for radio link failure are ,or

3> if the transmission of the UE CAPABILITY INFORMATION message fails.

4> perform cell update using the cause "radio link failure".

1> MBMS ptp RB request:


above in the current subclause is met; and

2> if the UE is in URA_PCH, Cell_PCH or Cell_FACH state; and


10/42

2> if the UE should perform cell update for MBMS ptp radio bearer request,

3> perform cell update using the cause "MBMS ptp RB request".

1> Re-entering service area:



2> if the UE is in CELL_FACH or CELL_PCH state; and

2> if the UE has been out of service area and re-enters service area before

T307 or T317 expires:

3> perform cell update using the cause "re-entering service area".

1> RLC unrecoverable error:



2> if the UE detects RLC unrecoverable error [16] in an AM RLC entity:

3> perform cell update using the cause "RLC unrecoverable error".

1> Cell reselection:


above in the current subclause is met:

3> if the UE is in CELL_FACH or CELL_PCH state and the UE performs cell re-

selection; or

3> if the UE is in CELL_FACH state and the variable C_RNTI is empty:

4> perform cell update using the cause "cell reselection".

1> Periodical cell update:



2> if the UE is in CELL_FACH or CELL_PCH state; and

2> if the timer T305 expires; and

2> if the criteria for "in service area" and


11/42

2> if periodic updating has been configured by T305 in the IE "UE Timers and

constants in connected mode" set to any other value than "infinity":

3> perform cell update using the cause "periodical cell update".

1> MBMS reception:



2> if the UE is in URA_PCH, Cell_PCH or Cell_FACH state; and

2> if the UE should perform cell update for MBMS counting ,

3> perform cell update using the cause "MBMS reception".

17)What is Active set?

Active Set is defined as the set of Node-Bs the UE is simultaneously connected

to (i.e., the UTRA cells currently assigning a downlink DPCH to the UE

constitute the active set).

18)What is Virtual Active Set?

19)What is Monitor set and detected set Cells?

a.Cells, which are not included in the active set, but are included in the

CELL_INFO_LIST belong to the Monitored Set.

b.Cells detected by the UE, which are neither in the CELL_INFO_LIST nor in the

active set belong to the Detected Set. Reporting of measurements of the

detected set is only applicable to intra-frequency measurements made by UEs

in CELL_DCH state.

20)Call and session set up procedure?

Call set up procedure for mobile terminating circuit switched calls:

Step


12/42


13/42

6

PAGING RESPONSE

RR

7

AUTHENTICATION REQUEST

MM

8

AUTHENTICATION RESPONSE

MM

9

SECURITY MODE COMMAND

RRC

10

SECURITY MODE COMPLETE

RRC

11

SET UP

CC (see note)

12


14/42

CALL CONFIRMED

CC

13

RADIO BEARER SETUP

RRC RAB SETUP

14

RADIO BEARER SETUP COMPLETE

RRC

15

ALERTING

CC (this message is optional)

16

CONNECT

CC

17

CONNECT ACKNOWLEDGE

CC

NOTE: The "Signal" information element is not included in the SETUP message.


15/42

Call set-up procedure for mobile originating circuit switched calls:

Step

Direction

Message

Comments

UE

SS

1

SYSTEM INFORMATION (BCCH)

Broadcast

2

RRC CONNECTION REQUEST (CCCH)

RRC

3

RRC CONNECTION SETUP (CCCH)

RRC

4

RRC CONNECTION SETUP COMPLETE (DCCH)

RRC

5


16/42

CM SERVICE REQUEST

MM

6


MM

7


MM

8


RRC

9


RRC

10

SET UP

CC

11


17/42

CALL PROCEEDING

CC

12

RADIO BEARER SETUP

RRC RAB SETUP

13


RRC

14

ALERTING

CC

15

CONNECT

CC

16

CONNECT ACKOWLEDGE

CC

Session set up procedure for mobile terminating packet switched sessions:


18/42

Step

Direction

Message

Comments

UE

SS

1


Broadcast

2

PAGING TYPE1 (PCCH)

Paging

3


RRC

4


RRC

5



19/42


20/42

12

ACTIVATE PDP CONTEXT REQUEST

SM

13

RADIO BEARER SETUP

RRC RAB SETUP

14


RRC

15

ACTIVATE PDP CONTEXT ACCEPT

SM

Session set up procedure for mobile originating packet switched sessions:

Step

Direction

Message

Comments

UE

SS


21/42

1


Broadcast

2


RRC

3


RRC

4


RRC

5

SERVICE REQUEST

GMM

6

AUTHENTICATION AND CIPHERING REQUEST

GMM

7


22/42

AUTHENTICATION AND CIPHERING RESPONSE

GMM

8


RRC

9


RRC

10

ACTIVATE PDP CONTEXT REQUEST

SM

11

RADIO BEARER SETUP

RRC RAB SETUP

12


RRC

13


23/42

ACTIVATE PDP CONTEXT ACCEPT

SM

21)What are the different parameters in the measurement control message?

22)What are the various types of RNC?

a.Serving RNC

b.Drift RNC

c.Controlling RNC

23)What is the use and difference between CRNC, Drift RNC and SRNC?

RNC from which the UE is currently getting Served or connected to is called

SRNC or Serving RNC.

During a soft handover procedure the RNC UE is moving to, is called Drift RNC.

The RNC which controls the movement of UE from Serving RNC to the DriftRNC is called Controlling RNC.

24)What is initial direct transfer message? What is the use?

The initial direct transfer procedure is used in the uplink to establish a

signaling connection. It is also used to carry an initial upper layer (NAS)

message over the radio interface.

25)Difference between initial direct transfer message and the Uplink directtransfer message?

26)What is security mode command? Why it is used?

Security mode command is a RRC Message,


24/42

The purpose of this procedure :

To trigger the start of ciphering or to command the restart of the ciphering

with a new ciphering configuration, for the radio bearers of one CN domain

and for all signalling radio bearers.

It is also used to start integrity protection or to modify the integrity protection

configuration for all signalling radio bearers

27)What is Ciphering and Integrity?

28) What is CCTrCH?

A Coded Composite Transport Channel is the result of combining

(multiplexing) several Transport Channels of the same type; i.e.: we can have

a CCTrCh made up of one or several DCHs, a CCTrCh made up of DSCHs. One

exception is that we can have one or several FACHs multiplexed with a PCH on

the same CCTrCh.

A better notation would be for example:

CCTrCh4DCH: A CCTrCh consisting of 4 DCHs

CCTrCh3FACH: A CCTrCh consisting of 3 FACHs

CCTrChPCH,2FACH: A CCTrCh consisting of the PCH and 2 FACHs

29)What is compressed mode?

Higher layers can request a UE to monitor cells on other frequencies (FDD,TDD), or other systems (GSM). This implies that the UE has to perform

measurements, on the other frequencies/systems and thus higher layers

command the UE to enter Compressed Mode. The UTRAN need to send to the

UE all the parameters for the Compressed Mode.

Compression Methods:


25/42


26/42

TGPL2 (Transmission Gap Pattern Length): Duration of transmission gap

pattern 2. If this parameter is not explicitly set by higher layers, then TGPL2 =

TGPL1.

The following two parameters (integers) control the transmission gap pattern

sequence start and repetition:

TGPRC (Transmission Gap Pattern Repetition Count): Number of transmission

gap patterns within the transmission gap pattern sequence; From Figure 10 it

seems TGPRC is even, therefore the number of slots in TG Sequence is:

0.5*TGPRC (TGPL1+TGPL2)

TGCFN (Transmission Gap Connection Frame Number): CFN of the first radio

frame of the first pattern 1 within the transmission gap pattern sequence.

30) What is FACH measurement occasion?

GAPs in S-CCPCH to perform measurement on Different Frequencies or Interrat

resection.

31) What is idle update procedure? (CS/PS)

Registration on CS:

Step

Direction

Message

Comments

UE

SS

1



27/42

NW Broadcast

2


RRC

3


RRC

4


RRC

5

LOCATION UPDATING REQUEST

MM

6


MM

7


MM


28/42

8


RRC

9


RRC

10

LOCATION UPDATING ACCEPT

MM

11

TMSI REALLOCATION COMPLETE

MM

12

RRC CONNECTION RELEASE

RRC

13

RRC CONNECTION RELEASE COMPLETE

RRC


29/42

Registration on PS:

Step

Direction

Message

Comments

UE

SS

1


NW Broadcast

2


RRC

3


RRC

4


RRC


30/42

5

ATTACH REQUEST

GMM

6

AUTHENTICATION AND CIPHERING REQUEST

GMM

7

AUTHENTICATION AND CIPHERING RESPONSE

GMM

8


RRC

9


RRC

10

ATTACH ACCEPT

GMM

11


31/42

ATTACH COMPLETE

GMM

12

RRC CONNECTION RELEASE

RRC

13

RRC CONNECTION RELEASE COMPLETE

RRC

32)Physical/Transport/Logical channel mapping?

33) Features of Rel99/Rel5/Rel6/7?

Release '99

Bearer services

64 kbit/s circuit switched

384 kbit/s packet switched

Location services

Call services: compatible with Global System for Mobile Communications

(GSM), based on Universal Subscriber Identity Module (USIM)

Release 4


32/42

Edge radio

Multimedia messaging

MeXe levels

Improved location services

IP Multimedia Services (IMS)

Release 5

IP Multimedia Subsystem (IMS)

IPv6, IP transport in UTRAN

Improvements in GERAN, Mexe, etc

HSDPA

Release 6

WLAN integration

Multimedia broadcast and multicast

Improvements in IMS

HSUPA

34) MIB/SB/SIB details?

MIB: The Scheduling of MIB is Static.

35) What is Channelisation / scrambling?

Spreading is applied to the Physical Channels (except SCH). It consists of two

distinct operations: a. Channelisation and b. Scrambling

Channelisation is performed before scrambling.

Channelisation:

The term spreading is also used to refer to channelisation. Channelisation is

the basis for Code Division Multiple Access (CDMA) encoding. This operation

transforms every data symbol of a signal into a number of chips. The


33/42

bandwidth of the resulting signal occupies a much larger bandwidth typically 5

MGHz and therefore the name Wideband-CDMA or W-CDMA. The number of

chips per data symbol is called the Spreading Factor (SF).

Scrambling:

36) When secondary scrambling code used?

When there is any conflict with the Primary Scrambling code then Secondary

Scrambling Code will be used.

37) Why we perform Channelisation or spreading before scrambling?

Before sending a data we need to identify the channel to send the data. A

particular Channelisation code is the identity for the channel.

Hence we use Channelisation code to select the channel and then scramble it

so as to send the identity of the UE over the channel

38) When TMSI , P- TMSI , IMSI , IMEI used?

TMSI (GSM-MAP): The TMSI (GSM-MAP) shall be chosen if available. The IE "LAI"

in the IE "Initial UE identity" shall also be present when TMSI (GSM-MAP) is

used, for making it unique.

P-TMSI (GSM-MAP): The P-TMSI (GSM-MAP) shall be chosen if available and no

TMSI (GSM-MAP) is available. The IE "RAI" in the IE "Initial UE identity" shall in

this case also be present when P-TMSI (GSM-MAP) is used, for making it

unique.

IMSI (GSM-MAP): The IMSI (GSM-MAP) shall be chosen if available and no TMSI(GSM-MAP) or P-TMSI is available.

IMEI: The IMEI shall be chosen when none of the above three conditions are

fulfilled.

39)What is Auto attached?


34/42

Auto Attach

Enabled

Disabled

When Power On

If

MNO I

It will perform a combined Attach

If NMOII

It will do a LAU and Attach.

If UE is Location updated i.e. SIM LAI is same as Cell LAI

Then it will do nothing.

If UE is not Location updated i.e.

SIM LAI differs from the Cell LAI then UE will perform Location Area Update

PS Call

Same RRC connection can be used for the PS call.

Will do a PS attach then the PS call.

40)What is the property of ABP (Anite Baseband Processor) which combined

with Agilent 8960 makes a 3G Cell?

41)Why we do a Combined Attach?

If the network operates in Network Mode Of Operation I i.e. NMO I and GPRS

MS that operates in Mode A or Mode B will do a simultaneous IMSI attach for

GPRS and non GPRS services and shall use the Combined GPRS attach,

combined and periodic routing area updating procedures instead of the


35/42

corresponding MM specific procedures IMSI attach and normal and periodic

Location area updating.

41)When UE triggers Event 3A Measurement Report?

Event 3A:The Estimated Quality of currently used UTRAN frequency is below a

certain threshold and the estimated quality of the other system is above a

certain threshold.


36/42

42) How many transport channels will be configured when a CSV and a PSD

call is simultaneously going on?

Five transport channels will be configured.

1 for 4 SRBs

3 for CSV

1 for PSD


37/42

42)When event 2A, 2B, 2C,2E occurs?

Event 2a: Change of best frequency

Event 2b: The estimated quality of the currently used frequency is below a

certain threshold and the estimated quality of a non-used frequency is above a

certain threshold.

Event 2c: The estimated quality of a non-used frequency is above a certain

threshold

Event 2d: The estimated quality of the currently used frequency is below a

certain threshold

Event 2e: The estimated quality of a non-used frequency is below a certain

threshold

43)When event 1A 1F Event occurs?

event 1A: A Primary CPICH enters the reporting range

event 1B: A primary CPICH leaves the reporting range

event 1C: A non-active primary CPICH becomes better than an active primary

CPICH

event 1D: Change of best cell

event 1E: A Primary CPICH becomes better than an absolute threshold

event 1F: A Primary CPICH becomes worse than an absolute threshold

42)Where CK and IK gets generated?

In RRC CK and IK gets generated.


38/42

43)Where CK and IK gets stored?

In USIM CK and IK will get stored.

44)Where the Security procedure will start?

Security Procedure will start in RRC but Ciphering will start for AM and UM data

security procedure will start at RLC layer. And for TM mode security procedure

start at MAC layer.

45)What are the mandatory SIBs which UE has to read before campign?

SIB 1,3,5,7,11(It contains neighbor cell Information.)

46) What are the important RACH parameters and which SIB contains this

information?

SIB 7/5

47) Which SIB contains S criteria information?

SIB 3

48) Basic things like MO,MT complete voice call flow, Packet call flow?

49) Which NAS message contains the information about Qos and where Qos is

been decide on the network side?

PDP context req.SGSN.

50) Different Measurement reporting criteria, like Event 1 series , Event 2

series?

51) What information does RRC connection setup contain and what RB setup

contain?

52) What is SHO and HHO? Which are the layers which are impacted with SHO

and HHO?


39/42

SHO - RRC,L1

HHO L1

53) What are the messages which flow for SHO and what are the messages

which gets exchanged with HHO?

54)Different modes of operation in RLC?

55)What do you mean by Special length indicator?

56) Header and payload structure for RLC?

57) Different Reset procedures of RLC?

58) LAI and RAI structure and where is it broadcasted?

MNC+MCC+LAC=LAI

LAI+RAC=RAI

SIB 1.Need to check on MNC can be 2 bit also.

59) Cell synchronization procedure? Channel mapping..

60) What is Multiple PDP and what is meant by MultiRAB and multicall?

2 PS - Multiple PDP

PS+CS MultiRAB

2CS MultiCall.

61) Different type of Paging procedures?

62) Different modes of network operation and different class of mobiles with

examples?

63) Different sync procedures? (Sync A and Sync B procedures)


40/42

64) What is the difference between 8480A,8480B and 8480C? How many Tx

and Rx are there in each of the equipment? How can we configure 8480B or

8480C for SHO?

65)Different SRBs and its functionality?

66) How would you define a real-time embedded system?

67)What is the purpose of an ISR?

68) What is mutual exclusion?

69)How would you avoid mutual exclusion problems?

70) What is re-entrant?

71) What is a context switch?

72) What does the watchdog timer do?

73) What is priority inversion?

74)What is a deadlock?

75)What is memory mapped I/O?

76)How would you debug a memory leak?

77) What method would you use for scheduling in a complex system like a

mobile phone which has L1, L2, L3, Applications?

78) Why are global variables bad?

79) What is the difference between Message based and Event based

processing?

80) How would you write the main processing function for a task?

81) How would you define a realistic software development lifecycle?

82) What debugging tools have you used to debug problems?

83) What source code control tools have you used?

84) What defect tracking tools have you used?

85) Describe the signaling that is required to setup a Mobile Originated GSM

Voice call.


41/42

86) What layers are involved for setting up a Mobile Originated voice GSM

voice call?

87) Describe the signaling that is required to setup a Mobile originated circuit

switched data call.

88) What layers are involved for setting up a Mobile Originated voice GSM

circuit switched data call?

89) Describe the signaling required to setup a Mobile Originated UMTS voice

call.

90) What layers are involved in setting up a Mobile Originated UMTS voice

call?

91) Describe the signaling required to setup a Mobile Originated Packet

Switched UMTS call.

92) What layers are involved in setting up a Mobile Originated Packet Switched

UMTS call?

93) What is the main responsibility for the RRC layer in UMTS?

94)What is the main responsibility for the RLC layer in UMTS?

95) What is the main responsibility for the MAC layer in UMTS?

96) What is the difference between an internal and external data call forUMTS?

PPP negotiation happens in case of External Data call. In case of internal data

call application handles packets directly.

97)Can you travel at least a few times a year?

98) Do you like working in group projects that incorporate multiple sites?

99)Tell me how your skill set that can benefit our organization?

100) What do you like doing, new feature development, bug fixes, architecture

or testing?

101) Do you like giving giving presentations to the group either live or via

NetMeeting?


42/42

102)How do like leading conference calls across cross-functional teams at

different sites?

103) If you have a problem with your co-worker, how do you resolve that

conflict?

104) Why should we hire you

104 Questions to Cracked WCDMA

Documents

Transcript of 104 Questions to Cracked WCDMA