Network Fundamentals

Question 1

What is the “client-server” model?

Answer 1

The Client-Server model is a distributed application structure that manages tasks and
workloads by sharing them among providers of resources and services (servers) and
delivers responses to service requesters (clients).
An alternative method is to use broadcast or multicast channels to distribute
information.

Question 2

Identify several common network protocols

Answer 2

HTTP (110), HTTPS (443), DNS (53), DHCP (67, 68), FTP (20,21), SMTP (25), SSH (22), ICMP (143)

Question 3

What is the function of a “network model”?

Answer 3

Set standards that allow devices to communicate without requiring continuous configuration in
different device platforms.

Question 4

Name the 7 layers and their functions in the OSI Model.

Answer 4

Physical, Data Link, Network, Transport, Session, Presentation, Application

Question 5

Name a protocol associated with each of the OSI layers

Answer 5

Physical - Ethernet (IEEE802.3), Wi-Fi (IEEE 802.11), FDDI, RJ45
Data Link - Ethernet, Frame relay EEE 802.5/ 802.2,
Network - IP IPv4, IPv6, ICMPv4, ICMPv6, IPX
Transport - TCP, UDP, RTP, SCTP
Session - Tunneling. SQL NFS, NetBios names, RPC,
Presentation - Encryption, Encoding, SSL/TLS, ASCII, EBCDIC, TIFF, GIF, PICT,JPEG, MPEG, MID
Application - DNS, DHCP, SSH, HTTPS, FTP, SNMP, SMTP, POP3

Question 6

What is data “encapsulation”?

Answer 6

Data encapsulation refers to sending data where the data is augmented with successive layers of control information before transmission across a network. The reverse of data encapsulation is decapsulation, which refers to the successive layers of data being removed (essentially unwrapped) at the receiving end of a network.

Question 7

Identify the 4 layers of the TCP/IP model?

Answer 7

Network Access, Internet, Transport, Application

Question 8

What are TCP and UDP?

Answer 8

TCP and UDP are protocols that operate in Layer 4 (Transport Layer) and are used to
transmit data over the network.

Question 9

What is TCP?

Answer 9

Transport Layer Protocol - TCP is trusted and more commonly used than UDP and is fully described in RFC 793.
It verifies the availability of all parties before initiating a connection by performing a
three-way handshake. It then marks packets and makes sure they are received in the
correct order

Question 10

What is UDP

Answer 10

UDP is less strict about data integrity and is more speed oriented. It simply sends
packets, without checking the data, even if no device is ready to receive them.
UDP is fully described in RFC 768.

Question 11

What is the function of the 3-way handshake?

Answer 11

Communication between network devices that
use TCP.
The handshake is known as “3-way” because it includes 3 steps:
1. The client sends “SYN”.
2. The server responds with “SYN-ACK”.
3. The client finalizes with “ACK

Question 12

What is checksum?

Answer 12

Checksum is a piece of data that is calculated and represented as a number and is
used for data integrity and error detection.

Question 13

What is a logical port?

Answer 13

Logical port is a number assigned to a “logical” connection, which
is used to represent a service or protocol on the end device.

Question 14

What is a “well-known” or “known” port?

Answer 14

Well-Known Ports (0-1023) - Port numbers in the “well-known” range are assigned to
commonly used and essential protocols. The port numbers are permanent,

Question 15

What is the range of registered ports?

Answer 15

Registered Ports (1024-49151) - IANA assigned these ports for IT companies that want
to register them for proprietary applications.

Question 16

What is the function of private ports?

Answer 16

Dynamic and Private Ports (49152-65535) - This group covers the remaining logical
ports that are available for any application. The port range is known as “client ports”
and is usually used for logical client connection.

Question 17

What is the function of “netstat -ab”?

Answer 17

To inspect open ports, use the command netstat –ab, where: a represents ‘all’, and b
represents the names.

Question 18

What functions does Wireshark provide?

Answer 18

Wireshark is a free application that enables the capture and viewing of data traveling
back and forth on the network. It is able to read the contents of each packet and apply
different filters.
Wireshark is commonly used to troubleshoot network problems and develop and test
software.

Question 19

What is the function of ARP?

Answer 19

ARP (Address Resolution Protocol),
that resolves a logical address (IP) to a physical address (MAC) and saves the results in
the host ARP cache.
ARP operates in Layers 2 and 3 of the OSI model.
Every Layer 3 device uses ARP

Question 20

What is the command to display an ARP table?

Answer 20

arp –a and arp –g displays the host ARP table.

Question 21

What is the relationship between ARP and encapsulation?

Answer 21

It adds header and trailers to the data to encapsulate

Question 22

What does OSI Stand for?

Answer 22

OSI (Open Systems Interconnection)

Question 23

What does SLIP stand for?

Answer 23

Serial Line Internet Protocol. SLIP is an Internet protocol that allows users to gain Internet access using a computer modem

Question 24

What is PPP?

Answer 24

PPP (Point-to-Point Protocol), which provides enhanced error detection and automatic configuration

Question 25

What is ICMP?

Answer 25

Internet Control Message Protocol (ICMP) is used for reporting errors and performing network diagnostics. In the error reporting process, ICMP sends messages from the receiver to the sender when data does not come though as it should.

Question 26

What is FTP?

Answer 26

File Transfer Protocol FTP is a connection-oriented service as it uses TCP ports for secure file transfer. Port 20 and 21 FTP requires authentication, FTP needs more memory than TFTP. TFTP can fit into a diskless workstation also.

Question 27

What is TFTP?

Answer 27

Trivial File Transfer Protocol Client server port based on UDP port 69 for the TFTP server. TFTP is an unsecured protocol and does not support authentication. TFTP incorporates idle − RQ (stop and wait) error recovery mechanism. Every TFTP data unit bears a sequence number. Can only transfer bite size

Question 28

What is NTP?

Answer 28

NTP is an internet protocol that’s used to synchronise the clocks on computer networks to within a few milliseconds of universal coordinated time (UTC). It enables devices to request and receive UTC from a server that, in turn, receives precise time from an atomic clock.

Question 29

What is the characteristic of IMAP4?

Answer 29

Enables sending email messages from client devices and Enables email exchange between mail servers port 143
Offers improved functionality in comparison to POP3
Serves the same function as POP3

Question 30

What is Secure Shell?

Answer 30

Secure Shell is a secure command line protocol that allows the user to run remote
commands on a remote machine. Port 22 Data is encrypted

Question 31

What is ICMP?

Answer 31

Internet Control Message Protocol is used by network devices to generate error
messages when IP packets are not able to reach their destinations port

Question 32

What is SMTP?

Answer 32

Simple Mail Transfer Protocol is the standard protocol for mail transfer over the internet. port 25
Sending email messages between mail servers
Sending email messages from a client device

Question 33

What is SNMP?

Answer 33

SNMP is used to collect data related to network changes or to determine the status of network-connected devices. An application layer protocol

Question 34

What is LDAP?

Answer 34

Lightweight directory access protocol (LDAP) is a protocol that helps users find data about organizations, persons, and more. LDAP has two main goals: to store data in the LDAP directory and authenticate users to access the directory. Port 389

Question 35

What is HTTPS?

Answer 35

HTTPS uses an encryption protocol to encrypt communications. The protocol is called Transport Layer Security (TLS), although formerly it was known as Secure Sockets Layer (SSL). This protocol secures communications by using what’s known as an asymmetric public key infrastructure.

Question 36

What is SMB/CIFS?

Answer 36

Server Message Block (SMB) Protocol is a network file sharing protocol. The set of message packets that defines a particular version of the protocol is called a dialect. The Common Internet File System (CIFS) Protocol is a dialect of SMB
Provides shared access to files, directories, and devices
Used mainly by computers running Microsoft Windows operating systems

Question 37

What is SIP Protocol?

Answer 37

Session Initiation Protocol (SIP) is a signaling protocol used for initiating, maintaining, and terminating communication sessions that include voice, video and messaging applications. SIP is used in Internet telephony, in private IP telephone systems, as well as mobile phone calling over LTE (VoLTE).

Question 38

Which part of the IPsec protocol suite provides authentication and integrity?

Answer 38

Authentication Header (AH) is a protocol and part of the Internet Protocol Security (IPsec) protocol suite, which authenticates the origin of IP packets (datagrams) and guarantees the integrity of the data.

Question 39

Which part of IPsec provides authentication, integrity, and confidentiality?

Answer 39

IPSec contains the following elements: Encapsulating Security Payload (ESP): Provides confidentiality, authentication, and integrity. Authentication Header (AH): Provides authentication and integrity. Internet Key Exchange (IKE): Provides key management and Security Association (SA) management.

Question 40

Which of the IPsec modes provides entire packet encryption?

Answer 40

IPsec is used in tunnel mode or transport mode. Security gateways use tunnel mode because they can provide point-to-point IPsec tunnels. ESP tunnel mode encrypts the entire packet, including the original packet headers.

Question 41

What is the difference between tunnel mode and transport mode?

Answer 41

tunnel mode is better because it establishes a connection while transport mode simply encrypts packets. it creates a secure connection between two endpoints by encapsulating packets in an additional IP header. Tunnel mode also provides better security over transport mode because the entire original packet is encrypted. Requires a secure connection.

transport mode is that it is more compatible with certain firewalls and it offers higher levels of security but does not encrypt packets

Question 42

User Datagram Protocol (UDP) is a connection-oriented protocol using a three-way handshake, which is a set of initial steps required to establish network connection. UDP supports retransmission of lost packets, flow control (managing the amount of data that is being sent), and sequencing (rearranging packets that arrived out of order).

Answer 42

False it is connectionless

Question 43

Three characteristics of Telnet?

Answer 43

Provides username and password authentication
Transmits data in an unencrypted form
Enables remote login and command execution