Common Net Traffic

Question 1

sending encapsulated data over a network in the form of a frame

Answer 1

ethernet header

Question 2

the _____ of an ethernet header contains 1) Destination MAC Address, 2) source address, & 3) ether type;
frame is starting & enables synchronization;
7 bytes

Answer 2

preamble

Question 3

marks the end of the Preamble, and beginning of the Ethernet frame

Answer 3

SFD (Start Frame Delimiter)

Question 4

Identifies the receiving system;
6-Byte field which contains the MAC address of machine for which data is destined

Answer 4

Destination Address

Question 5

Identifies the sending system;
6-Byte field which contains the MAC address of the source machine

Answer 5

Source Address

Question 6

This field indicates what payload the frame is carrying (IPv4, ARP, IPv6, etc);
where actual data is inserted, also known as payload

Answer 6

Type field

Question 7

most common ethertypes

Answer 7

0x0800 – IPv4
0x86DD – IPv6
0x0806 – ARP
0x8100 – VLAN Tagging (802.1q)

Question 8

contains a 32-bits hash code of data, which is generated over the Destination Address, Source Address, Length, and Data field. If the checksum computed by destination is not the same as sent checksum value, data received is corrupted

Answer 8

FCS (Frame Check Sequence) AKA CRC checksum

Question 9

What is the Ethernet frame range size?

Answer 9

64 – 1518 Bytes

Question 10

the first 3 bytes of the source address that show the manufacturer of the device; by finding out what type of device it is you can target device vulnerabilities & default passwords they might use

Answer 10

OUI Organizationally Unique Identifier

Question 11

what kind of NICs, routers, etc are being used;
does not change

Answer 11

OUI

Question 12

the MAC address is found at what layer in Wireshark?

Answer 12

Ethernet

Question 13

pretending to have a MAC address of a trusted device on a network to infiltrate the network

Answer 13

MAC spoofing

Question 14

IPv6 ethertype

Answer 14

0x86DD