Final exam Flashcards
1
Q
Well-known services ports
A
0-1024
2
Q
The name of the group responsible for drafting, testing, proposing and maintaining official internet standards.
A
IETF Internet Engineering task force
3
Q
The group responsible for managing all internet domain names, network addresses and protocol parameters.
A
ICANN Internet corporation for assigned names and numbers
4
Q
RFC
A
Request for comments
5
Q
RFC process order
A
- Proposed Standard2. Draft Standard3. internet standard4. retired standard or historic standard
6
Q
OSI network reference layers
A
- Application layer6. Presentation layer5. Session layer4. Transport layer3. Network layer2. Data link layer1. Physical layer
7
Q
Data link layer pdu
A
frames
8
Q
Network layer pdu
A
packet
9
Q
transport layer pdu
A
segment
10
Q
Session layer includes mechanisms to maintain reliable ongoing conversations, called___
A
checkpoints
11
Q
data link layer addressing
A
MAC address
12
Q
Network layer addressing
A
IP address
13
Q
Combining the various sources of outgoing data into a single output data stream is called___
A
multiplexing
14
Q
______is the process of tapping into the network communications system, capturing packets that cross the network, gathering network statisticss, and decoding the packets into readable form.
A
protocol analysis
15
Q
Three options for analyzing switched networks:
A
- Hubbing out2. Port redirection3. Remote monitoring
16
Q
The minimum ethernet frame size is ___
A
64 bytes
17
Q
The maximum ethernet frame size is ____
A
1518 bytes
18
Q
Ethernet II frame structure
A
- Preamble 8 bytes2. Destination address 6 bytes3. Source address 6 bytes4. type field 2 bytes5. Data field 46-1500 bytes6. Frame check sequence 4 bytes
19
Q
Frame check sequence field includes the result of the ____
A
CRC
20
Q
Flags field bit 0
A
reserved: set to 0
21
Q
Flags field bit 1
A
Don’t fragment bit: 0=may fragment 1=don’t fragment
22
Q
Flags field bit 2
A
More fragments bit: 0=last fragment; 1=more to come
23
Q
IP protocol field # 1
A
ICMP
24
Q
IP protocol field #6
A
TCP
25
IP protocol field #17
UDP
26
The primary function of the _______layer is to provide a globally unique address to every host on the internet and paths to and from hosts.
network
27
When two or more RFCs cover the same topic they usually also share the same title. True or false
True
28
_________involves cutting up a big message into a numbered sequence of chunks, called segments, in which each chunk represents the maximum data payload that the network media can carry between sender and receiver.
segmentation
29
The Session layer includes mechanisms to maintain reliable ongoing conversations, called ____________________.
checkpoints
30
The most important TCP/IP Network Access layer protocol is ____________________.
PPP Point-to-Point-Protocol point-to-point-protocol
31
TCP/IP application processes are sometimes called ____ and are identified by port numbers.
network services
32
____ is considered a premium service connection, offering a service that appears as a “virtual lease line” between end points.
expedited forwarding
33
____ is used to obtain an IP address for an associated data link address.
RARP
34
The ____ field provides error detection on the contents of the IP header only.
IP header checksum
35
IP fragmentation enables a larger packet (for example, a token ring 4,096-byte packet) to be automatically fragmented by a ____ into smaller packets to cross a link that supports a smaller MTU, such as an Ethernet link.
router
36
____ was designed to provide devices with a method for notifying each other that a link is experiencing congestion before the routers start to drop packets.
Explicit Congestion Notification
37
The ____________________ field is a two-byte field that provides bit-level integrity checks for data as sent.
FCS Frame-check-sequence
38
When a packet is fragmented, all fragments are given different TTL values. true of false
false
39
0x0800
IPv4
40
0x0806
ARP
41
IP Header fields
1. Version2. Hdr length3. Type of Service4. Total lenght5. Identification6. Flags7. Fragment offset8. Time to live9. Protocol10. Header checksum11. Source IP12. Dest IP13. Options (if any)
42
For any network node to communicate and exchange data with another network node, some way of forwarding packets from the sender to the receiver must exist. This concept is called _______-
reachability
43
The ICMP router solicitation packet is sent to the all-routers IP multicast address of _____
224.0.0.2
44
Hackers can use ICMp as part of a _________ to learn about active network addresses and active processes.
reconnaissance process
45
ICMP type number 0
Echo Reply
46
ICMP type number 3
Destination unreachable
47
ICMP type number 5
Redirect
48
ICMP type number 8
Echo
49
ICMP type number 9
Router Advertisement
50
ICMP type number 10
Router Solicitation
51
ICMP type number 11
Time exceeded
52
The checksum field provides error detection for the ________ only.
ICMP header
53
ICMP is a distinct Network layer TCP/IP protocol that has nothing in common with IP. True/False
False
54
What is the name of the concept that indicates that a path exists between two TCP/IP hosts on an internetwork?
reachability
55
Which of the following services does ICMp add to basic IP datagram deliver services?A. improved reliability for datagram deliveryb. reachability analysis supportc. path discovery servicesd. delivery error reportinge. network congestion managementf. network utilization metrics
b. reachability analysisd. delivery error reportinge. network Congestion managementeporting
56
It's up to the IP host that receives incoming ICMP messages to act on the content of those messages. True or false?
True
57
Which of the following RFCs describes ICMP?a. 792b. 950c. 1191d. 1812
a. 792
58
ping -l
sets the size of the data to send
59
ping -f
sets the don't fragment bit
60
ping -i
sets the TTL value of the TTL field in the IP header
61
The process of PMTU discovery continues until the ____________ is discovered.
end-to-end minimum MTU size
62
ICMP reports errors only about IP datagrams. Errors about error messages are not reported. True of False?
True
63
Which of the following ICMP message types relates to the reachability analysis?a. Destination Unreachableb. echo/echo replyc. redirect d. Source Quench
b. echo/echo reply
64
Which of the following ICMp message types reports delivery errors?a. Destination Unreachableb. echo/echo replyc. redirect d. Source Quench
a. Destination unreachable
65
Which of the following ICMP message types relates to congestion control?a. Destination Unreachableb. echo/echo replyc. redirect d. Source Quench
d. source quench
66
Which of the following ICMP message types relates to route optimization?a. Destination Unreachableb. echo/echo replyc. redirect d. Source Quench
c. redirect
67
Which of the following Windows command-line utilities performs connectivity or reachability tests?a. pingb. tracertc. tracerouted. ipconfig
a. ping
68
which of the following Windows command-line utilities performs patch discovery tests?a. pingb. tracertc. tracerouted. ipconfig
b. tracert
69
What additional functionality does PATHPING provide?a. reports on all the visted hosts and routers between a sender and a receiver.b. resolves all possible IP addresses into symbolic names for visted nodesc. uses the ICMP TRACEROUTE message typed. test router and link latency
d. tests router and link latency
70
Which of the following statements best defines the intent of the PMTU process?a. determines the largest possible MTU in the path between sender and recieverb. determines the smallest possible MTU in the path between sender and receiverc. instructs the sender what MTU to use to avoid further fragmentation en routed. justifies the inclusion of the Don't Fragment flag in ICMP messages
c. instructs the sender what MTU to use to avoid further fragmentation en route
71
Which of the following statements best describes a black hole router?a. a router that discard all incoming trafficb. a router tat does not support PMTU, but is configured to send Destination Unreachable messagesa router that does not support PMTU, and is configured not to send destination unreachable messagesd. a router that does not support PMTU
c. a router that does not support PMTU and is configured no to send destination unreachable messages
72
Which of the following accurately represents the default advertising rate for unsolicited ICMP Router Advertisements?a. every 30 secondsb. every 60 secondsc. two to five minutesd. 7 to 10 minutes
d. 7 to 10 minutes
73
The ICMP redirection process serves only IP routers, not IP hosts. True or False?
Fales, it only serves hosts
74
What type of scan occurs when a series of PING requests for a range of IP addresses is performed?a. port scanb. protocol scanc. host probed. network mapping
c. host probe
75
which of the following ICMP Type nubmers identify echo and echo reply messages? Choose all that applya. 0b. 1c. 3d. 8e. 30
a. 0d. 8
76
Which of the following ICMP type numbers relate to Router Advertisement and solicitation messages?a. 8b. 9c. 10d. 11e. 12
b. 9c. 10
77
Which of the following TCP/IP protocols are Transport layer protocols? (choose all that apply)a. IPb. TCPc. UDPd. FTP
b. TCPc. UDP
78
Whereas UDP is a _____________ protocol, TCP is a _________ protocol.
connectionless, connection-oriented
79
Which of the following services are characteristic of a connection-oriented protocol? (choose all that apply).a. connection handlingb. delivery guaranteesc. segmentation and reassemblyd. message-level checksum in header
a. connection handlingb. delivery guarenteesd. message level checksum in header(not 100% sure on this answer)
80
A connection-oriented protocol creates more overhead than a connectionless protocol. True or False?
true
81
Connectionless protocols usually run slower than connection-oriented protocols. True or false
false
82
For connectionless protocols, the application layer protocol or service must provide messages that do no exceed a datagram's MTU. True of false?
true
83
Which of the following services does UDP provide? (choose all that apply)a. segmentationb. optional header checksumc. identification of source and destination port addresseesd. explicit transmission of acknowledgmente. reassembly
b. optional header checksumc. id of source and destination port addresses
84
how many bytes are in a UDP header?
a. 8
85
What range of addresses traditionally defines a well-known port address?
0-1023
86
What range of addresses corresponds to the registered port numbers?
1024-49151
87
What range of addresses corresponds to the dynamic port numbers?
49152-65535
88
Identical UDP and TCP port numbers always map to the same TCP/IP protocol or service. True or False?
false, usually but not always
89
An acknowlegement is tantamount to a positive response, indicating that a set of data arrived at it's destination. True or false
True
90
What does TCP use to track the transfer of data and it's successful delivery? (choose all that apply)a. logical connection between peersb. acknowledgementsc. sequence numbersd. retry mechanism
b. acknowledgementsc. sequence numbers
91
what makes TCP preferable for reliable delivery requirements?a. sequencingb. error recoveryc. end to end reliabilityd. use of the handshake process
c. end to end reliability
92
The name of the TCP process used to maintain an active connection between peers is called _________a. TCP startup connectionb. TCP connection terminationc. Keep-alived. congestion control
c. keep-alive
93
How many steps occur in the TCP hanshake process?
Three
94
Which of the following statements best defines a half-open connection?a. The handshake process does not end with a final SYN.b. The handshake process does not end with a final ACK.c. The handshake process does not end with a final FIN.d. The handshake process does not end with a final RST
b. the handshake process does not end with a final ACK
95
TCP keep-alives are enabled by default on Windows 2000 and XP. True or False
false
96
What is the proper response to a TCP connection termination?a. Host 1 sends a TCP packet with no data, with FIN and ACK flags set.b. Host 2 sends a TCP packets with no data, with FIN and ACK flags set.c. Host 2 sends an ACK to respond, followed by a TCP packet with no data and FIN and ACK flags set.d. Host 1 returns an ACK response.
d. Host 1 returns an ACK response.
97
TCP acknowledgments include sequence numbers to indicate what was received. True of false?
False
98
Which of the following mechanisms is part of TCP's error-detection and error-recovery capabilities?a. Sequencing and reassemblyb. retransmission timerc. explicit acknowledgmentd. Congestion control
b. retransmission timer the value is the RTO (retransmission timeout)
99
The current TCP window size is always the greater of what the network and the receiver can handle at any given moment. True or false
true
100
Where is TCP data stored when it is received?a. on the receiver's network interface cardb. inside the TCP windowc. in the TCP buffer aread. inside the network window
c. in the TCP buffer area
101
What is the initial size of the TCP congestion window?a. twice the maximum receiver buffer sizeb. twice the MTU sizec. twice the sender's MSSd. twice the receiver's MSS
c. twice the sender's MSS
102
What sequence of events signals the TCP Fast recovery process?a. duplicate ACKsb. Three sets of duplicate ACKSc. duplicate FINsd. three duplicate FINs
b. Three sets of duplicate ACKS
103
Which of the statements define the edges of the TCP sliding window mechanism? (choose both correct answers)a. acknowledged data plus the receiver's window sizeb. all data that was receivedc. all data pending transmissiond. all data that was acknowleged
a. acknowledged data plus the receiver's window sizeb. all data that was receivednot sure on this one...
104
Which of the following values are valid TCP Flag settings? (choose all that apply)a. SYNb. ACKc. NULd. FINe. PSH
a. SYNb. ACKd. FINe. PSH (push
105
Protocol 17
UDP
106
Protocol 06
TCP
107
UDP port 53
DNS
108
UDP port 161
SNMP
109
UDP port 69
TFTP
110
UDP port 520
RIP
111
UDP port 67 + 68
DHCP
112
TCP port 53
DNS
113
TCP port 21
FTP
114
TCP port 23
Telnet
115
TCP port 80
HTTP
116
TCP port 110
POP3
117
TYPE 0800
IPv4
118
________is the overloading of the network or a receiver.
congestion
119
_________is a management method for data transmission used to determine the amount of unacknowledged data that can go out on the wire from any sender
sliding window mechanism
120
TCP header size
at least 20 bytes
121
TCP header fields
Source port Destination portsequence numberacknowledgment numberheader lengthflagsWindow sizeTCP checksumUrgent pointTCP options
122
TCP flags field settings
URGACKPSHresetSYNFIN
123
ICMP fields
TypeCodeChecksum
124
______means to point out another path.
redirect
125
The route a packet can take through the network.
path
126
What kind of message architecture supports all TCP/IP application layer protocols and services?a. Client/serverb. peer-to-peerc. request/replyd. push-pull
c. request/reply
127
When the TCP/IP host that initiats contact with another TCP/IP host nearly always makes requests, and the contacted host invariably reponds to those requests, what kind of relationship exists between those host for that service?a. Client/serverb. peer-to-peerc. request/replyd. push-pull
a. client/server
128
When a TCP/IP host can initiate contact with another TCP/IP host to make a request for service, but the other host can turn around and do the same thing, what kind of relationship exsits between those hosts for that service? a. Client/serverb. peer-to-peerc. request/replyd. push-pull
b. peer-to-peer
129
When two servers want to exchange data, and the sending host originates the transfer of data to the receiver, what is this kind of transfer operation called?a. pullb. pushc. push-pulld. store and forward
b. push
130
When two servers can exchange data, and the sender initiates transfer to the receiver once data changes occur, but the receiver periodically initiates transfers, what is this kind of transfer called?a. pullb. pushc. push-pulld. store and forward
c. push-pull
131
Which two advantages are derived immediately when replicating data across multiple servers?a. backup and recoveryb. availabilityc. redundancyd. robustness
b. availabilityd. robustness
132
Which form of FTP client operates as a popular, standalone software application?a. command-line FTP programc. embedded FTP codec. Web-based FTP accessd. graphical FTP program
d. graphical FTP program
133
Which software component on an FTP server handles incoming user commands?a. command interpreterb. protocol interpreterc. runtime libraryd. user interface
b. protocol interpreter
134
Telnet supports only unidirectional, byte-oriented communications. True or false?
false
135
Telnet passes account names and passwords in clear text from the local host to the remote host. True or False?
true
136
Which of the following statements best describes the sender-SMTP process?a. sends reply codes, including responses to codes and mail messages sentb. forwards e-mail messages from one server to anotherc. sends mail commands and mail messagesd. tracks delivery and reception of all mail messages sent.
c. sends mail commands and mail messages
137
Which of the following statements best describes the receiver-SMTP process?a. sends responses to all mail messages received.b. sends reply codes, including responses to codes and mail messages sent.c. forwards e-mail messages from one server to anotherd. sends mail commands and mail messages
b. sends reply codes, including responses to codes and mail messages sent.
138
A store and forward email system stores all inbound messages destined for local clients and forwards all inbound messages destined for clients on other email servers. True or False?
True
139
The generic named used to identify a Web resource is a:a. Uniform Resource locator (URL)b. Uniform Resource Name (URN)c. Uniform Resource Identifier(URI)d. Universal Naming convention(UNC)
c. Uniform Resource Identifier (URI)
140
The abbreviation for the secure implementation of HTTP is called:a. SHTTPb. HTTPSc. SSLd. SSH
b. HTTPS
141
Which of the following ongoing connections does FTP maintain during an active session? (Choose all that apply)a. session connectionb. client connectionc. command connection (port 21)d. server connectione. data connection (port 20)
c. command connectione. data connection
142
Which of the following basic TCP/IP services responds to a service request with an arbitrary stream of characters?a. Fingerb. echoc. chargend. QODe. whois
c. chargen
143
Which of the following basic TCP/IP services can provide information about registered domain names?a. Fingerb. echoc. chargend. QODe. whois
e. Whois
144
Which of the following basic TCP?IP utilities is not included in Simple TCP/IP Services in windows 2000 and Windows XP?a. Echob. Chargenc. QODd. Whois
a. echob. chargen
145
Why is Finger so soldom available to users of most internet servers?a. It's no longer neededb. it's no longer popularc. it proved to be vulnerable to security exploitsd. The term has an unpleasant connotation under some circumstances
c. it proved to be vulnerable to security exploits
146
RPC provides a standard mechanism to create custom distributed applications over TCP/IP. True/False?
True
147
An SNMP agent must be present on a host or device for it to report to a remote management console. True or false?
True
148
NetBIOS over TCP/IP is required on any networks that include versions of Windows older than Windows 2000, no matter what protocols are in use. True or False?
false
149
Which of the following statements best explains the importance of data offset values when decoding Application layer protocols?a. Those values pinpoint the location of key fields, such as application layer header information.b. Those values allow the contents of the payload to be inspected at will.c. Those values determine where key fields start and stopd. Those values determine how the Application layer payload should be interpreted.
c. Those values determine where key fields start and stop
150
File with information on DNS root servers, that should be pre-loaded on any DNS server.
named.root
151
What method of name resolution was used on the internet prior to the introduction of DNS?a. dynamic name resolutionb. static name resolutionc. active name resolutiond. passive name resolution
b. static name resolution
152
What is the name of the file that contains name-to-IP address mapping information for Windows and Linux?a. LMHOSTSb. ZONEINFOc. ROOT.dnsd. HOSTS
d. Hosts
153
What is the name of the most widely used DNS server implementation on the internet today?a. EasyDNSb. BINDc. WinDNSd. JEEVES
b. BIND (berkeley INternet Name Domain)
154
Which of the following characterize valid aspects of DNS? (choose all that apply)a. local control over domain name database segmentsb. designation of optional primary name servers and mandatory secondary name serversc. data from all database segments, available everywhered. highly robust and available database informatione. requires implementation of a relational database management system, such as oracle or sybase
a. local control over domain name database segmentsc. data from all database segments, available everywhered. highly robust and available database information
155
in the domain name hierarchy, all domains meet at the root. True or false?
True
156
Top-level domain names include two- and three-letter country codes, as well as organizational codes, such as .com, .edu, and .org. True or false?
true
157
What is the process whereby a DNS server higher in the domain name hierarchy confers responsibility for portions of the global DNS database to DNS servers lower in its hierarchy?a. subordination of authorityb. database consolidationc. delegation of authorityd. database segmentation
c. delegation of authority
158
Which DNS resource records allow use of the FQDNs for domain names? (choose all the apply)a. Ab. SOAc. PTRd. MXe. all of the above
a. Ac. PTR
159
Which DNS resource record is used to create aliases for domain names?a. Ab. SOA.c. PTRd. MXe. CNAME
e. CNAME
160
Which DNS resource record appears at the beginning of every DNS file?a. Ab. SOA.c. PTRd. MXe. CNAME
b. SOA
161
Which DNS resource record enable inverse lookups (also known as revers DNS lookups)?a. Ab. SOA.c. PTRd. MXe. CNAME
c. PTR
162
Which DNS resource record maps domain names to IP addresses?a. Ab. SOA.c. PTRd. MXe. CNAME
a. A
163
Any type of DNS server also can be a caching-only server. True of False?
True
164
What is the minimum and maximum number of primary database servers allowed in any single DNS database zone?a. 1b. 2c. 4d. 8e. 16
a. 1
165
It is mandatory to have one or more secondary DNS servers for any DNS database zone. True or False?
true
166
What size or type of organizations are likely to benefit from a caching-only DNS server? (choose all that apply)a. smallb. mediumc. larged. service provider
c. larged. service provider
167
What kinds of data are most likely to show up in a response to a DNS query of any kind?a. address forwarding instructionsb. DNS resource recordsc. address impersonation alertsd. error messages
b. DNS resource recordsd. error messages
168
Which of the following query sequences represents a typical DNS lookup?a. iterative, then recursiveb. recursive, then iterativec. static then dynamicd. dynamic, then static
b. recursive, then iterative
169
Why do "all DNS queries end at the root?"a. The root maintains a copy of the global DNS databaseb. The root can access any and all authoritative name servers for any database segmentc. Any DNS server can access the root at any timed. Multiple root servers prevent the root of domain name hierarchy from becoming bogged down with requests
b. the root can access any and all authoritative name servers for any database segment
170
When using NSLOOKUP, an authoritative response is:a. explicitly labeled as suchb. available only if the authoritative name server is explicitly targeted for lookupc. available only by request, using the 'a optiond. implied by the absence of "non-authoritative response" in the reply.
d. implied by the absence of "non-authoritative response" in the reply
171
It is necessary to add resource records for the DNS root servers to the cache of any DNS server during initial configuration and setup. True of false?
true
172
One common name for presenting a false IP address or domain name when attempting illicit system entry or communications is;a. IP masqueradingb. IP impersonationc. IP spoofingd. False IP credentials
c. IP spoofing
173
Because it is a predefined domain name and address pair, it is not necessary to create DNS files for the localhost and the loopback addresses 127.0.0.0 and 127.0.0.1. True of false
True
