Chapter 1: Networking Protocols Flashcards

Question

Window

Answer 1

- this field indicates the number of data bytes the sender of the segment is able to receive - this field enables flow control

Answer 2

- First Packet (SYN): the client starts process of establishing a connection by sending a TCP segment that has the SYN bit set to 1. The client sends its initial sequence number X (random number chosen by client) - Second Packet (SYN-ACK): the server responds with a SYN-ACK packet where it sends its own request for synchronization and its initial sequence number Y. Within the same packet, the server also sends the acknowledgment number X+1 (acknowledging the receipt of a packet with sequence number X, and requesting the next packet with sequence number X+1) - Third Packet (ACK): the client responds with a final acknowledgment, requesting the next packet with the sequence number Y+1

Answer 3

- signals to the peer that it wants to synchronize the sequence numbers and establish the connection - the client also sends its initial sequence number, which is random number chosen by the client

Answer 4

1. Host requests a web page using the HTTP application layer protocol. The HTTP application generates the DATA payload. 2. HTTP DATA payload send to the transport layer and a TCP header is created. The DATA payload and TCP header result in the TCP segment. 3. The Internet layer receives the TCP information, attaches an IP header, and encapsulates it in an IP Packet. 4. The IP packet is passed to the Data Link layer. An Ethernet header and trailer, and then transmits the Frame to the NIC, which will take care of the physical transmission of the frame.

Answer 5

- Standard for LLC (Logical Link Control)

Answer 6

- Standard for Ethernet Medium Access Control (MAC)

Answer 7

- Logical Link Control - Initially used to allow several types of Layer 3 protocols to work with the MAC - However, LLC is seldom used now because IP can be directly encapsulated using MAC.

Answer 8

- sTYPE-M - s = speed - TYPE = the modulation type (example, BASE = baseband) - M = medium (example, T = twisted pair, F = fiber, L = long wavelength, X = external sourced coding)

Answer 9

- standard = 802.3 (Ethernet) - speed = 10 Mbps - media = twisted pair (copper) - distance = 100 m

Answer 10

- standard = 802.3u (FastEthernet) - speed = 100 Mbps - media = twisted pair (copper) - distance = 100 m

Answer 11

- standard = 802.3ab (GigaEthernet) - speed = 1000 Mbps - media = twisted pair (copper) - distance = 100 m

Answer 12

- standard = 802.3z (GigaEthernet) - speed = 1000 Mbps - media = Long wavelength (single-mode fiber) - distance = 5 km

Answer 13

- standard = 802.3an (Gigabit Ethernet) - speed = 10 GBps - media = twisted pair (copper) - distance = 100 m

Answer 14

- 100 Mbps

Answer 15

- 1000 Mbps

Answer 16

- half duplex | - full duplex

Answer 17

- two Ethernet devices share a common transmission medium - access is controlled by Carrier Sense Multiple Access with Collision Detection (CSMA/CD) - if a collision occurs, stations delay transmission set by the "backoff time" - half duplex is rarely seen today

Answer 18

- two Ethernet devices can share simultaneously because there is a dedicated channel for the transmission - no need to detect collisions or waiting before transmitting - "collision free" medium access

Answer 19

- Switch | - provides a collision-free domain and dedicated transmission channel

Answer 20

- Preamble - Start Frame Delimiter - Destination Address - Source Address - Length/Type - MAC Client Data and Pad - Frame Check Sequence

Answer 21

- used for the two stations for synchronization purposes

Answer 22

- Start Frame Delimiter - Indicates the start of the Ethernet frame - Always set to 10101011

Answer 23

- contains information being encapsulated at the Ethernet layer - Minimum length is 46 bytes - Maximum length depends on the type of Ethernet Frame: - - Basic frames (most common) = 1500 bytes - - Q-tagged frames = 1504 bytes - - Envelope frames = 1982

Answer 24

- Frame Check Sequence - used by the receiving device to check for errors in transmission - called the "Ethernet Trailer"

Answer 25

- broadcast - multicast - unicast

Answer 26

- obtained by setting all 1s in the MAC address field - the result is an address like FFFF.FFFF.FFFF - a frame with a broadcast destination address is transmitted to all the devices within a LAN

Answer 27

- transmitted to all frames belonging to a specific group

Answer 28

- associated with a particular device's NIC or port - composed of two sections: - - first 24 bits = OUI (Organizational Unique Identifier) - - second 24 bits = Vendor assigned

Answer 29

- when a frame loops between switches indefinitely, causing degradation of the network performance due to the useless forwarding of frames - prevented by using STP (Spanning Tree Protocols)

Answer 30

- Spanning Tree Protocols - used to avoid layer 2 loops - this is done by allowing traffic on certain ports and blocking it on others - if the topology changes, (i.e. a link fails) STP will recalculate the new logical topology (aka "reconverge") and unblock certain ports to adapt to the new topology

Answer 31

- When STP detects a change in topology (i.e. a link failure) and recalculate the new logical topology to unblock certain ports in order to adapt to the new topology

Answer 32

- Spanning Tree Algorithm used by STP to create a tree-like, loop-free logical topology

Answer 33

- Bridge ID - 8-byte ID that is independently calculated on each switch - the first 2-bytes contain the priority - the remaining 6-bytes include the MAC address of the switch

Answer 34

- represents the root of the spanning tree - determined through "root election" - the root switch BID is called the "root BID"

Answer 35

- numerical value associated to each spanning tree port - usually this value depends on the speed of the port - the higher the speed the lower the cost

Answer 36

- represents the cost to reach the root switch

Answer 37

- Blocking - Listening - Learning - Forwarding - Disabled

Answer 38

- Reduces the number of devices receiving the broadcast frame and the related overhead - Creates Layer 2 network separation - Reduces management protocols' load and complexity - Segments troubleshooting and failure areas, as failure in one VLAN will not propagate to the rest of the network

Answer 39

- Placing two hosts on separate Switches in the same VLAN - It is a special link because it can transport frames belonging to several VLANs - VLAN tagging is used to enable the forwarding between hosts in the same VLAN, across multiple switches - This is done using dot1q standard (IEEE 802.1Q) or ISL (Inter-Switch Link)

Answer 40

- 4 Bytes - VLAN Protocol ID (16 bits) - Priority (3 bits) - CFO (1 bit) - VLAN ID (12 bits)

Answer 41

- VLAN Trunking Protocol - Cisco proprietary protocol used to manage VLAN distribution across switches - Used to distributed information about existing VLANs to all switches in a VTP domain so that VLANs do not have to be manually configured (reducing admin burden) - Not to be confused with protocols that actually handle the tagging of frames with VLAN information (dot1Q) - VTP relies on 802.1Q to transmit information

Answer 42

- Server mode - Client mode - Transparent mode

Answer 43

- allows the administrator to configure a remote VLAN | - VTP will take care of distributing the information to other switches in the VTP domain

Answer 44

- a switch receives updates about a VLAN and advertises the VLAN configured already - however, a VLAN cannot be added or removed

Answer 45

- the switch does not participate in VTP, so it does not perform a VLAN database update and does not generate VTP advertisement - However, it forwards VTP advertisements from other switches

Answer 46

- Hosts | - Servers

Answer 47

- Stateful firewalls

Answer 48

- Switches

Answer 49

- Repeater

Answer 50

- WLAN (Wireless Local Area Network) standard

Answer 51

- There is no defined boundary - It is more prone to interference by other signals on the same medium - It is less reliable - The signal can propagate in asymmetric ways

Answer 52

- half-duplex | - stations are not able to transmit and receive at the same time due to the limitation of the medium

Answer 53

- CSMA/CD (Carrier Sense Media Access with Collision Avoidance)

Answer 54

- CSMA/CA does not allow WLAN stations to detect a collision

Answer 55

- Basic Service Set - Used by the IEEE 802.11 standard (WLAN) - identifies a set of devices that share common parameters and can communicate through a wireless connection.

Answer 56

- IBSS (Independent Basic Service Set) - formed by two or more wireless stations communicating directly. - sometimes called "ad-hoc wireless network"

Answer 57

- utilizes an AP (access point) - each station associates to an AP - stations send frames to the AP, and then the AP forwards the frame to the intended receiving station

Answer 58

- releasing a client from one AP in order to associate to another AP

Answer 59

- Extended Service Set | - Multiple Infrastructure Basic Service Set APs linked together

Answer 60

- Frame Control - Duration Field - Address Fields - Sequence Control Field - Frame Body - Frame Check Sequence Field

Answer 61

- provides information on the frame type and whether the frame is directed toward the DS or is coming from the DS toward the wireless network

Answer 62

- provides the expected time the frame will be traveling on the channel for the Virtual Carrier Sense functionality

Answer 63

- Typically includes the following: - - Transmitter Address (TA): MAC of the sender - - Receiver Address (RA): MAC of the receiver - - Source Address (SA): MAC of the source - - Destination Address (DA): MAC of the destination

Answer 64

- Autonomous APs: work in a standalone mode | - Lightweight APs: works with a Wireless LAN Controller (WLC)

Answer 65

- the destination IP address | - next-hop IP address

Answer 66

- Version - Internet Header Length (20 bytes = standard) - Notification and Explicit Congestion ECN (Q of S) - Total Length (Header plus payload) - Identification (used for fragmentation) - Flags and Fragment offset (used for fragmentation) - TTL - Protocol (TCP = 6, UDP = 7) - Header checksum - Source Address - Destination Address

Answer 67

- 1.0.0.0 - 127.255.255.255

Answer 68

- 128.0.0.0 - 191.255.255.255

Answer 69

- 192.0.0.0 - 233.255.255.255

Answer 70

-224.0.0.0 - 239.255.255.255 (Multicast)

Answer 71

- 240.0.0.0 - 255.255.255.255 (Reserved)

Answer 72

- Class A: 8 Network bits, 24 Host bits - Class B: 16 Network bits, 16 Host bits - Class C: 24 Network bits, 8 Host bits

Answer 73

- 10.0.0.0/8 - 172.16.0.0/12 - 192.168.0.0/16

Answer 74

- Port 67 = server | - Port 68 = client

Answer 75

- used by a client to discover DHCP servers w/in a LAN

Answer 76

- sent by a DHCP server to a client - includes a proposed IP address, called YIADDR, and a network mask - aka SIADDR

Answer 77

- sent from the client to the broadcast network - used to confirm the offer from a particular server - includes the SIADDR of the DHCP server - broadcasted to the entire network

Answer 78

- sent from the client to the server to release the allocation of an IP address and to end the lease

Answer 79

1. Host sends DHCPDISCOVERY packet to discover the DHCP servers within the LAN 2. Each DHCP server responds with DHCPOFFER message 3. The client receives several offers, picks one of them, and responds with a DHCPREQUEST 4. The DHCP server that has been selected responds to the client to confirm the leasing of the IP address

Answer 80

Interior Gateway Protocol (operates w/in organizational boundaries) - Open Shortest Path First (OSPF) - Intermediate System to Intermediate System (ISIS) - Enhanced Interior Gateway Routing Protocol (EIGRP) - Routing Information Protocol V.2 (RIPv2)

Answer 81

Exterior Gateway Protocol (operates between service providers) - Border Gateway Protocol (BGP)

Answer 82

- Distance Vector - one of the first algorithms used for exchanging routing information - based on Bellman-Ford algorithm - most well-known is RIPv2

Answer 83

- Term used in DV | - two routers or Layer 3 devices that are directly connected

Answer 84

- Term used in DV | - number that represents the distance (number of routers) between a router and a specific network

Answer 85

- Using hop count as the cost to determine the best path to a destination is not the best method - Routers do not have full visibility into the network topology - Each update includes the exchange of the full list of networks and costs, which can consume bandwidth - It is not loop free

Answer 86

- Introduced advanced distance vector, or hybrid protocols | - Such as EIGRP

Answer 87

- they do not use hop counts as metrics to determine the best path to a network - full database updates are only sent at initialization - partial updates are sent in the event of topology changes - include more robust methods to prevent loops and reduce convergence times

Answer 88

- EIGRP routers maintain a partial topology table and include an algorithm called Diffused Update Algorithm (DUAL) which is used to calculate the best path to a destination and provides a mechanism to avoid loops

Answer 89

- Link-state algorithms operate in a totally different way than DV - devices using Link-State have full view of the network topology - this allows devices to use algorithms such as Dijkstra or Shortest Path First (SPF) to calculate the best path to each network - examples include OSPF and IS-IS - Higher the bandwidth the lower the cost - During the initiation phase, each router will send a link-state advertisement (LSA) to neighbors, which will in turn forward to all other neighbors - Routers can then use SPF algorithm to calculate the best way to reach each network - Once this is done, the information is added to the router's routing table

Answer 90

- a better way to calculate the cost to a destination - less protocol overhead compared to DV because updates do not require sending the full topology - better best-path calculation because each router has a full view of the full topology - loop-free

Answer 91

- used to determine the precedence based on the way the router has learned about a specific network

Answer 92

- Exterior Gateway Protocol | - 140

Answer 93

- On Demand Routing | - 160

Answer 94

- Internet Control Message Protocol - main purpose is to provide a way to communicate that an error occurred during the routing of IP packets - encapsulated directly within the IP payload - An IP packet transporting an ICMP message in its payload sets the Protocol field in the header to 1 - An ICMP packet starts with an ICMP header that always includes the Type and Code fields of the ICMP message, which define what the message is used for

Answer 95

- Echo Reply

Answer 96

Destination Unreachable

Answer 97

Network Unreachable

Answer 98

Host Unreachable

Answer 99

Protocol Unreachable

Answer 100

Port Unreachable

Answer 101

Fragmentation Required, and DF flag set

Answer 102

Echo Request

Answer 103

Time Exceeded

Answer 104

TTL Exceed in transit

Answer 105

Fragment reassembly time exceeded

Answer 106

- Root (.) - Top-level domain (.com) - Second-level domain (cisco) - Subdomains (eg. tools) - Resource name (hostname of the resource, www)

Answer 107

- Address record IPv4 | - Mapping between IPv4 and FQDN

Answer 108

- Address record IPv6 | - Mapping between IPv6 and FQDN

Answer 109

- Mail Exchange Record | - Includes information about mail exchange servers in a domain

Answer 110

- Name Server Record | - Indicates the authoritative servers for a DNS zone

Answer 111

- Start of Authority Record | - Includes information about the zone, such as the authoritative name server for that zone

Answer 112

- DNS databases are divided into Zones - A Zone is a portion of the DNS database that is managed by an entity - Each zone must have an SOA RR that includes information about the management of the zone and the primary authoritative name server - Each DNS Zone must have an authoritative name server

Answer 113

- the server that has the information about the resources present in the DNS zone and can respond to queries concerning those resources

Chapter 1: Networking Protocols Flashcards

(151 cards)