Lesson 9: Explaining Transport Layer Protocols

Question 1

What is the purpose of the transport layer protocols (Layer 4)?

Answer 1

Establishes end-end connections by linking the application layer to the network.

Question 2

What is a port?

Answer 2

A unique number assigned to a particular application protocol used to identify the service once the packet has been routed to the destination

Question 3

What is a well known port?

Answer 3

Port numbers 0-1023

Question 4

What is the highest port number available?

Answer 4

65,535

Question 5

Define a socket

Answer 5

The combination of a ip address and port number

Question 6

What is the difference between a server socket and a client socket?

Answer 6

A server socket can support multiple connections from multiple client sockets

Question 7

Define TCP (Transmission Control Protocol)

Answer 7

Transport layer protocol providing connection-oriented guaranteed communication using acknowledges to ensure delivery

Question 8

How does TCP (Transmission Control Protocol) function?

Answer 8

TCP divides data from an application into segments (based on MTU) each with its own header while providing acknowledgements of receipt, sequencing, and retransmissions

Question 9

What are the fields in a TCP datagram?

Answer 9

1. Source/Destination port
2. Sequence number
3. Ack number
4. Data length
5. Flags
6. Window
7. Checksum
8. Options

Question 10

What is the purpose of the sequence number field in a TCP datagram?

Answer 10

The seq number is sent by the TCP initiator identifying the current segment of data allowing the receiver to rebuild the message with out of order packets

Question 11

What is the purpose of the ack number field in a TCP datagram?

Answer 11

The seq number is sent by the TCP server/recipient, which is the sequence number of the previous segment with an increment of 1 (+1), and lets the original sender know if retransmission of the data is necessary

Question 12

What is the purpose of the data length field in a TCP header?

Answer 12

Defines length of TCP segment

Question 13

What is the purpose of the flags field in a TCP header?

Answer 13

Identifies type of content in the segment (ACK, SYN, FIN, etc.)

Question 14

What is the purpose of the window field in a TCP header?

Answer 14

The amount of data the host is willing to receive before sending another acknowledgement allowing one side of the communication to tell the other side to slow the sending rate

Question 15

What is the purpose of the urgent pointer field in a TCP header?

Answer 15

Identifies if urgent data is being sent

Question 16

What process takes place to establish a TCP connection?

Answer 16

Three-way handshake

Question 17

What is the first step in a 3-way handshake?

Answer 17

The client enters SYN-SENT state and sends a segment with the TCP flag “SYN” to the server

Question 18

What is the second step in a 3-way handshake?

Answer 18

The server responds with a SYN/ACK segment and enters the SYN-RECEIVED state

Question 19

What is the third step in a 3-way handshake?

Answer 19

The client responds with an ACK segment, creating a connection between client and server

Question 20

What causes a client to retransmit data?

Answer 20

1. A period of time passes without the sender receiving an acknowledgement
2. The client receives a failed transmission flag

Question 21

What process takes place to close a TCP connection?

Answer 21

TCP connection teardown

Question 22

Define UDP (User Datagram Protocol)

Answer 22

Transport layer protocol that is connectionless and is a non-guaranteed communication method with no flow control or retransmission

Question 23

What are the fields in a UDP (User Datagram Protocol) header?

Answer 23

1. Source/Destination Port
2. Message length
3. Checksum

Question 24

What is the size of a UDP header and TCP header?

Answer 24

UDP header is 8 bytes (64 bits) max; TCP header is 20+ bytes (160+ bits)

Question 25

Define network visibility

Answer 25

The ability to verify what exactly is connected to a network and what is being communicated over it

Question 26

What is an IP scanner?

Answer 26

Tool that performs host discover

Question 27

What is Nmap?

Answer 27

A security scanner program used for IP scanning, auditing, and a pen test tool

Question 28

What is netstat command in windows/Linux?

Answer 28

Command to check state of ports on local hosts and which services are configured for the open ports

Question 29

What is a fingerprint scan?

Answer 29

Compares specific responses to known information about hardware platforms, OS types and versions, and application/service types and versions