Network Protocols

Question 1

An academic and military network that later became the Internet’s primary precursor

Answer 1

ARPANET

Question 2

What do the 1s represent in a Subnet Mask?

Answer 2

Network ID

Question 3

What do the 0s represent in a Subnet Mask?

Answer 3

Host ID

Question 4

What is the IP range and subnet for class A networks?

Answer 4

0.-127.255.255.255

Subnet Mask 255.0.0.0 /8

Question 5

What is the IP range and subnet for class B networks?

Answer 5

128. • 191.255.255.255

Subnet Mask 255.255.0.0 /16

Question 6

What is the IP range and subnet for class C networks?

Answer 6

192. • 223.255.255.255

Subnet Mask 255.255.255.0 /24

Question 7

What is the IP range for class D networks?

Answer 7

224. • 239.255.255.255

Question 8

What is the IP range for class E networks?

Answer 8

240. • 254.255.255.255

Question 9

A non-routable address which can either mean the current network, the default route, any address at all, or a specific error condition, depending on context.

Answer 9

0.0.0.0

Question 10

The broadcast address that addresses the entire subnet at once. Broadcasts aren’t generally routed, so any packet to this address is just sent through the local broadcast domain.

Answer 10

255.255.255.255

Question 11

Reserved for loopback addresses, which, as the name implies, simply points right back to the local host.

Answer 11

127.0.0.0, Most commonly, you’ll see 127.0.0.1 used to refer to the local system.

Question 12

These network addresses aren’t routable on the Internet, but are instead commonly used on home or office networks. They were originally assigned as classful addresses, but you can break them into CIDR subnets on your own networks.

Answer 12

Private Networks

10. 0.0.0/8, or the single Class A network with addresses 10.0.0.0 – 10.255.255.255.
11. 16.0.0/12, or the 16 contiguous Class B networks with addresses 172.16.0.0 – 172.31.255.255.
12. 168.0.0/16, or the 256 contiguous Class C networks with addresses 192.168.0.0 – 192.168.255.255.

Question 13

What network address is reserved for link-local or automatic Private IP addressing (APIPA) addresses

Answer 13

169.254.0.0/16

Question 14

Used to find the physical address corresponding to an IvP4 local IP address

Answer 14

ARP Address Resolution Protocol

Question 15

Used to find the physical address corresponding to an IvP6 local IP address

Answer 15

Neighbor Discovery Protocol (NDP)

Question 16

A hierarchical directory service that stores assigned domain names and their corresponding IP addresses.

Answer 16

Domain Name System (DNS)

Question 17

The root category of the domain. Originally these were either three-letter functional categories like.comor.edu, or two letter country codes like.ukor.jp.

Answer 17

Top-Level Domain (TLD)

Question 18

Represents a particular organization

Answer 18

Domain

Question 19

An optional level used for categories within the organization.

Answer 19

Subdomain

Question 20

The name of the specific host within the organization, or its alias

Answer 20

Hostname

Question 21

Usable on the local segment, but not routable and starts with 1111111010 (fe80) followed by 54 zero bits

Answer 21

Link-Local

Question 22

Routable on public networks and starts with the bits 001, and the first group is in the range 2000-3fff

Answer 22

Global

Question 23

Routable within an organization, but not on public networks and starts in the range fec0 to fef0 followed by 38 zero bits

Answer 23

Site-Local

Question 24

TCP negotiates a virtual connection between two hosts, a dedicated channel that carries a defined stream of data to the remote host. This connection always requires two-way communications: even if the ultimate goal is a one-way transfer, the recipient must be able to acknowledge receipt of data.

Answer 24

Connection-oriented

Question 25

Provides connection-oriented, reliable communications, with error correction, flow control, and sequencing

Answer 25

TCP (Transmission Control Protocol)

Question 26

TCP guarantees that all data is successfully delivered to the host. If a segment fails to arrive, TCP itself handles discovering the failure and resending the segment

Answer 26

Reliable

Question 27

A TCP segment itself contains a checksum which is used for error detection. Detected errors are then corrected, since corrupt segments are discovered and resent just like missing ones.

Answer 27

Error Correction

Question 28

As part of the acknowledgement process, the remote host can regulate the rate of data flow. This keeps a slow recipient from being overwhelmed by high-speed transmissions

Answer 28

Flow Control

Question 29

When a long transmission must be broken into many segments, for example a large file transfer, TCP can guarantee they will be delivered to the upper layers in the correct sequence, even if the packets on the network arrived out of order. This keeps applications from being burdened with reassembling fragmented transmissions.

Answer 29

Sequencing

Question 30

Protocol that is unreliable, connectionless, fast, and lightweight.

Answer 30

UDP (User Datagram Protocol)

Question 31

What network services use UDP?

Answer 31

streaming video or online multiplayer games

Question 32

Represents a certain place on the Transport layer that represents the end point of the conversation

Answer 32

Port or Socket number

Question 33

Process in which a single port on a host can only be used by one application at a time.

Answer 33

Port Binding

Question 34

Client programs connecting to servers which are held in a pool by the operating system and only assigned for the length of a given connection.

Answer 34

ephemeral ports or dynamic ports

Question 35

Ports 0-1023 are assigned to the most universal and accepted TCP/IP standard applications, or applications the IANA expects to become standards

Answer 35

System Ports (Well Known or Privilege)

Question 36

Ports 1024-49151 are assigned to applications that benefit from assigned port numbers, but aren’t so widely used that they need to become a worldwide standard

Answer 36

User Ports (registered ports)

Question 37

Ports 49152-65535 aren’t assigned by the IANA, and can be used for any purpose without registration

Answer 37

Private Ports

Question 38

Used to retrieve data from web servers. Port 80

Answer 38

HTTP (Hypertext Transfer Protocol)

Question 39

Used for secure web pages and sites. Includes encryption services. Port 443

Answer 39

HTTPS (HTTP over TLS/SSL)

Question 40

Used for transferring files between hosts. Contains basic authentication features. Port 20 (data) Port 21 (control)

Answer 40

FTP (File Transfer Protocol)

Question 41

Used to log into remote systems via a virtual text terminal interface. Port 23

Answer 41

Telnet

Question 42

Encrypted replacement for Telnet and FTP. Includes Secure Copy Protocol (SCP) and Secure Shell FTP (SFTP). Port 22

Answer 42

SSH Secure

Question 43

Sends an email to and between mail servers. Port 25

Answer 43

SMTP Simple Mail Transfer Protocol

Question 44

Retrieves email from mail servers. Port 110

Answer 44

POP3 Post Office Protocol version 3

Question 45

Retrieves email from mail servers. Port 143

Answer 45

IMAP Internet Message Access Protocol

Question 46

Used to share files and resources like printers. Port 445

Answer 46

SMB Server Message Block

Question 47

Used to share files on Linux and other Unix-like networks. Port 2049, 111

Answer 47

NFS Network File System

Question 48

Used to share files on OSX and MacOS networks. Port 548 or 427

Answer 48

AFP Apple Filing Protocol

Question 49

Allows computers to find network services without prior configuration. Most commonly used for network printers. Port 427

Answer 49

SLP Service Location Protocol

Question 50

Used for network directory services that centrally manage user accounts and network services. Port 389, 636 (secure)

Answer 50

LDAP Lightweight Directory Access Protocol

Question 51

Used for remote logins to Windows systems. Port 3389

Answer 51

RDP Remote Desktop Protocol

Question 52

Provides name, datagram, and session services for networks using the NetBIOS API. NetBIOS used on TCP/IP networks is sometimes called NetBT. SMB often uses NetBIOS functions as well. Port 137 - 139

Answer 52

NetBIOS Network Basic Input/Output System

Question 53

Which protocol is used to find the MAC address of a given IP address?

Answer 53

ARP

Question 54

Server that controls access to the network or other resources.

Answer 54

Authentication Server

Question 55

Server that provides dynamic IP address configuration to client systems.

Answer 55

DHCP server

Question 56

Server that provides domain name lookups for client systems.

Answer 56

DNS server

Question 57

Manages security policies for end user systems such as PCs and mobile devices. An endpoint management server may centrally administer antivirus protection, security logging, and policy compliance enforcement across the entire network.

Answer 57

Endpoint management server

Question 58

Provides centralized file storage and sharing for network users

Answer 58

File server

Question 59

Receives, stores, and delivers email messages

Answer 59

Mail server

Question 60

Provides central access to a network printer. Today, network-enabled printers usually run print server applications, and connect directly to the network.

Answer 60

Print server

Question 61

Relays communications between LAN hosts and Internet hosts. A proxy server may be used for some protocols or all communications; depending on the network it might be designed to improve security or performance

Answer 61

Proxy server

Question 62

Gathers syslog data from other computers and devices on the network and compiles them into one place. A syslog server commonly includes features that process raw logs then generate reports or alerts which are more useful to human administrators.

Answer 62

Syslog server

Question 63

Distributes web pages. Internet web servers might be most familiar, but local network applications often use web servers as well. Even an embedded appliance like a home router or network printer will typically use a web server for its configuration interface

Answer 63

Web server

Question 64

Allows a command line terminal interface with a remote system. Dating to 1969, Telnet is one of the oldest Internet standards, and uses TCP port 23. Its features are very basic and it isn’t very secure, so it’s not nearly as popular as it once was.

Answer 64

Telnet

Question 65

Secure shell was developed as a secure alternative to Telnet: it allows stronger authentication and encrypted transmission. It also allows other features, such as file transfers. SSH uses TCP port 22.

Answer 65

SSH

Question 66

Microsoft’s proprietary remote access protocol. Not only does it provide security features, but it allows you to log into a complete Windows desktop over the network. RDP uses TCP port 3389. A number of other vendors offer similar protocols for use with their own products.

Answer 66

RDP

Question 67

Virtual Network Computing is an open set of standards based on the Remote Frame Buffer (RFB) protocol. Like RDP, VNC allows you to access a complete graphical desktop, but unlike RDP it directly shares input and output rather than creating a remote user session. This makes it especially useful for screen sharing and presentations as well as remote access. There are many VNC variants such as RealVNC, TightVNC, and UltraVNC. Each may have extra features such as security or specific operating system optimizations. By default, VNC uses TCP port 5900+N, where N is the display number.

Answer 67

VNC

Question 68

Web-based interfaces aren’t that suitable for remote access to a graphic or command-line shell interface, though it’s possible with the assistance of a web-based application. More commonly, HTTP is used for web management interfaces for network devices and services. Just like any other website, HTTP itself provides no real security, so HTTPS is much better for use on untrusted networks.

Answer 68

HTTP

Question 69

Used to remotely manage and monitor network devices like routers and switches. SNMP doesn’t provide a direct login to the device, but rather standardizes communication between managed devices and a central management application. SNMP uses UDP ports 161 and 162.

Answer 69

SNMP

Question 70

Designed for dialup connections to private LANs, but widely used in other networks, Remote Authentication Dial-In User Service authenticates users when they attempt to connect to the network. Uses a variety of UDP ports depending on implementation.

Answer 70

Radius

Question 71

A proprietary Cisco protocol with similar functions to RADIUS. It was designed for remote administration of network devices but can be used for remote access authentication as well. Compared to RADIUS it has some security and flexibility benefits, but is proprietary and more resource intensive.

Answer 71

TACACS+: Terminal Access Controller Access-Control System Plus

Question 72

Allows a client to access multiple network resources via a single sign-in. Used by a number of network systems, including Windows domain networks.

Answer 72

Kerberos

Question 73

An IEEE standard Used to authenticate connections to an Ethernet switch or wireless access point. It’s the protocol used by Wi-Fi hotspots operating in Enterprise mode. 802.1X servers commonly use RADIUS servers for back-end authentication.

Answer 73

802.1X

Question 74

Manages distributed directory information services across a network. It’s used by many directory service systems from multiple vendors, such as Novel’s eDirectory and Microsoft’s Active Directory. LDAP allows clients to query a central network database for information about user accounts, printers, and other network resources. While it’s not an authentication system in itself, it’s also vital in some single sign-on environments such as Active Directory. LDAP by default uses TCP port 389 and has limited security features LDAP over SSL (LDAPS) uses TCP port 636; it has security features, but is still more suited to trusted LANs than the Internet.

Answer 74

LDAP: Lightweight Directory Access Protocol

Question 75

One of the oldest Internet protocols, File Transfer Protocol allows network access to files. It isn’t very secure, and it isn’t very much like accessing local files at all, so it’s been gradually displaced by SSH on the Internet and other file sharing protocols on the LAN. Still, FTP is in common use as a way to provide Internet access to files. FTP uses TCP ports 20 and 21.

Answer 75

FTP

Question 76

Allows folders or hard drives to be shared over the network and accessed much like they were local drives. It’s not only used by file servers, but by clients sharing folders on peer-to-peer networks. SMB was primarily developed and popularized by Microsoft, but today is used by many vendors. SMB uses ports 137-139 and 445. Some versions of SMB are called CIFS, but typically the two can be used interchangeably.

Answer 76

SMB: Server Message Block

Question 77

Very similar to SMB but is used primarily by Linux and other Unix-like operating systems. In Linux-only environments it tends to have better performance and easier configuration than SMB, while in Windows environments it’s the opposite. The newest version, NFSv4, uses TCP and UDP port 2049. Older versions additionally require port 111, and possibly others depending on configuration.

Answer 77

NFS: Network File System

Question 78

Operates similarly to SMB, but with specific features more tuned to Apple’s file systems. Operates on ports 427 or 548. Older literature might call AFP AppleShare or AppleTalk Filing Protocol.

Answer 78

AFP: Apple Filing Protocol

Question 79

A session-layer API, rather than strictly a protocol, NetBIOS is designed to allow various applications to communicate over the network. NetBIOS was designed by IBM but is best known for its use by Microsoft Windows systems, where it is also called NetBEUI and is used for file and printer sharing as well as computer identification. On TCP/IP networks, NetBIOS is often called NetBT and uses TCP and UDP ports 137-139. Due to a number of serious security vulnerabilities, when NetBIOS must be used it should only be enabled on trusted local networks, not on connections accessible from the Internet.

Answer 79

NetBIOS

Question 80

Operates on TCP port 80, and itself is an insecure protocol

Answer 80

HTTP

Question 81

Operates on TCP port 443. Connections are encrypted using either Secure Socket Layer (SSL) or Transport Layer Security (TLS) protocols. This not only keeps others from eavesdropping on your conversations, it helps you make sure you’re really logging into your bank’s website and not a clever mockup created by a scammer.

Answer 81

HTTPS

Question 82

Used to send an email from clients to servers, and for transferring email between servers. It never is used by clients to receive an email from servers. SMTP typically uses TCP port 25.

Answer 82

Simple Mail Transfer Protocol (SMTP)

Question 83

Used by clients to receive email from servers; never used to send an email. Currently at version 3, or POP3. POP3 works best for accounts accessed only on one device, and uses TCP port 110

Answer 83

Post Office Protocol (POP)

Question 84

Used by clients to receive email from servers; never used to send an email. Currently at version 4, or IMAP4. IMAP supports more features than POP. It works better for accounts accessed from multiple devices, but it also requires more server resources.

Answer 84

Internet Message Access Protocol (IMAP)

Question 85

A proprietary protocol used by Microsoft Exchange email servers. It both sends and receives email, and has other specific features used by Exchange. It’s not usually used on the Internet, but is popular in Microsoft-based networks and email clients.

Answer 85

Messaging Application Programming Interface (MAPI)

Question 86

Allows file transfer feature and uses TCP port 22

Answer 86

Secure Shell (SSH)

Question 87

Allows a user to access a complete graphical desktop and uses TCP port 5900+N

Answer 87

Virtual Network Computing (VNC)

Question 88

Allows a user to log into a complete Windows desktop over the network and uses TCP port 3389

Answer 88

Remote Desktop Protocol (RDP)

Question 89

Allows a command-line terminal interface with a remote system and uses TCP port 23

Answer 89

Telnet

Question 90

Used to remotely manage and monitor network devices and uses UDP ports 161 and 162

Answer 90

Simple Network Management Protocol (SNMP)

Question 91

Used for web management interfaces for network devices and services

Answer 91

Hyper Text Transfer Protocol (HTTP)

Question 92

An authentication protocol that provides centralized authentication and authorization services for remote users. It uses TCP port 49 and supports multifactor authentication.

Answer 92

Terminal Access Controller Access Control System Plus (TACACS+)

Question 93

IPv6 (version 6) or IPng (next generation) advantages

Answer 93

• IP address size will increase from 32 bits to 128 bits.
• Some of the header fields have been dropped.
• Version 6 has less rigid length limits and the ability to introduce new options.
• Packets will indicate particular traffic type.
• Support will be provided for data integrity and confidentiality.
• The IPv6 header is 40 fixed bytes and has eight fields of information.

Question 94

What is the APIPA address range?

Answer 94

169.254.0.0 - 169.254.255.255

Question 95

What is the Link Local address?

Answer 95

fe80::/10

Question 96

What are the three blocks of IP addresses that have been reserved by the IANA for private networks?

Answer 96

10. 0.0.0 to 10.255.255.255
11. 16.0.0 to 172.31.255.255
12. 168.0.0 to 192.168.255.255