Network Layer Protocol and Transport Layer Protocol Review – Flashcards
Unlock all answers in this set
Unlock answersquestion
Application- end user, application firewall Presentation Session - SSL Transport- TCP or UDP Network - logical addressing (IP or IPX), icmp Data-link - mac/ physical, switches Physical - 0s,1s, cables and hubs
answer
"All people seem to need data protection"
question
Open Systems Interconnection (OSI)
answer
Is a theoretical way of classifying and talking about the complex process of sending data on a network. The OSI model divides the complex task of networking into various layers to facilitate the development of standards and to allow for interoperability between protocols and hardware components.
question
Application (Layer 7)
answer
The Application layer integrates network functionality into the host operating system, and enables network services. The Application layer does not include specific applications that provide services, but rather provides the capability for services to operate on the network. The Application layer is associated with the data that is generated by a service or a protocol. A security device operating at the Application layer makes security decisions based on the actual data within a data stream. An example of an application at this layer is an application proxy firewall. Functions defined by the Application layer include: *Communication partner identification. *Gateway services (protocol translation). *Programming interfaces that allow services to operate and clients to access the service. *Advertisement of networking services. *Protocols associated with the Application layer include HTTP, TELNET, FTP, TFTP, and SNMP.
question
Presentation (Layer 6)
answer
The Presentation layer formats or "presents" data into a compatible form for receipt by the Application layer or the destination system. Specifically, the Presentation layer ensures: *Formatting and translation of data between systems. Data format (file formats) such as JPEG, BMP, WMV, AVI, WAV, and MIDI are supported at this layer. *Negotiation of data transfer syntax between systems, through converting character sets to the correct format. *Encapsulation of data into message envelopes by encryption and compression. *Restoration of data by decryption and decompression.
question
Session (Layer 5)
answer
The Session layer's primary function is managing the sessions in which data is transferred. Functions at this layer include: *Management of multiple sessions (each client connection is called a session). A server can concurrently maintain thousands of sessions. *Assignment of the session ID number to each session to keep data streams separate. *Negotiation of communication parameters to set up, maintain, and tear down a session. *SSL is a protocol that operates at this layer.
question
Transport (Layer 4)
answer
The Transport layer provides a transition between the upper and lower layers of the OSI model, making the upper and lower layers transparent from each other. Functions defined by the transport layer include: *Host and service identification through port and socket numbers. *Breaking larger messages into segments and combining smaller messages. *Recombining segments into the original message using segment sequencing. *Ensuring reliable data transmissions (called connection-oriented services) using acknowledgements and other mechanisms. Connectionless services do not guarantee delivery, but are delivered with best-effort delivery, which results in low overhead. *Controlling the information flow rate between sender and receiver. *Using port numbers to identify source and destination upper-layer protocols. Two protocols associated with the Transport layer are: *The Transmission Control Protocol (TCP) provides services that ensure accurate and timely delivery of network communications between two hosts. TCP provides the following services to ensure message delivery: *Sequencing of data packets *Flow control *Error checking TCP is referred to as a connection-oriented protocol because it includes these delivery guarantees. *The User Datagram Protocol (UDP) is similar to TCP, but does not include mechanisms for ensuring timely and accurate delivery. Because it has less overhead, it offers fast communications, but at the expense of possible errors or data loss. UDP is referred to as a connectionless protocol because it lacks these delivery guarantee mechanisms.
question
Network (Layer 3)
answer
The Network layer describes how data is routed across networks and on to the destination. Functions defined by the Network layer include: *Definition of the logical host address, in the form of the IP address. *Path identification and selection. *Breaking larger segments into datagrams (also called packets). Routers operate at the Network layer by reading the IP address in the packet to make forwarding decisions. Protocols associated with the Network layer include IP, IPX, and ICMP.
question
Data Link (Layer 2)
answer
The Data Link layer defines the rules and procedures for hosts as they access the Physical layer, including how multiple nodes share and coordinate the use of the same physical segment of the network. Functions defined by the Data Link layer include: *Converting bits into bytes and bytes into frames. *Physical addressing using the MAC address with Ethernet. *Describing how messages travel through the network (logical topology). *Controlling access to the transmission medium. *Controlling the rate of data transmissions between intermediary devices (host-to-host flow control). *Detecting, and in some cases, correcting errors in frames through parity or CRC. *Employing protocols such as IBM's Synchronist Data Link Control (SDLC) and ISO's High-level Data Link Control (HDLC) to send data across a serial link. Network interface cards (NICs) contain the MAC address and perform functions at the Data Link layer. Switches operate at the Data Link layer by reading the MAC address in a frame to make forwarding decisions.
question
Physical (Layer 1)
answer
The Physical layer sets standards for sending and receiving electrical signals between devices. Hubs operate at the physical layer because they simply forward electrical signals out all hub ports without interpreting the meaning of those signals that are present at higher layers. Cables are also associated with the Physical Layer. Functions defined by the Physical layer include: *Details regarding the transmission medium, such as cable and connector specifications. *Details about the electrical composition of signals as they pass through the transmission medium, such as voltage levels and synchronization. *Specifications for the physical topology (layout) of network devices. Standards that are associated with the Physical layer include EIA/TIA 232 (serial signaling), V.35 (modem signaling), Cat5 (cable specifications), and RJ45 (connector specifications).
question
Devices work at various layers of the OSI model:
answer
*Gateways operate at the Application layer. *Routers and most firewalls operate at the Network layer. *Bridges, switches, and network interface cards (NICs) operate at the Data Link layer. *As the name implies, Layer 3 switches operate at the Network layer and use switching technology for routing functions. *Hubs and repeaters operate at the Physical layer.
question
IP Address
answer
The IP address that is assigned is different than the MAC address. The MAC address is an OSI layer 2 address that is physically assigned in the firmware of the network interface card. Some interfaces will allow you to change the MAC address assigned to the card, but as a general rule it is static. The IP address is an OSI layer 3 address that is logically assigned to the host.
question
IPv4 address details:
answer
*An IPv4 address is a 32-bit binary number between 0 and 255, represented as four octets (four 8-bit numbers). Each octet is separated by a period. IPv4 addresses can be represented in one of two ways: *Decimal (for example 131.107.2.200). *Binary (for example 10000011.01101011.00000010.11001000). In binary notation, each octet is an 8-character number.
question
To convert from binary to decimal and vice versa, memorize the decimal equivalent to the following binary numbers:
answer
10000000 -> 128 01000000 -> 64 00100000 -> 32 00010000 -> 16 00001000 -> 8 00000100 -> 4 00000010 -> 2 00000001 -> 1
question
How to convert to binary:
answer
Take each bit position with a 1 value and add the decimal values for that bit together. For example, the decimal equivalent of 10010101 is: 128 + 16 + 4 + 1 = 149
question
Subnet mask
answer
A 32-bit number associated with each IPv4 address that identifies the network portion of the address. *In binary form, the subnet mask is always a series of 1's followed by a series of 0's (1's and 0's are never mixed in sequence in the mask). A simple mask might be 255.255.255.0. *In Classless Inter-Domain Routing (CIDR) form, the subnet mask appears as a slash (/) followed by the number of bits in the mask that are set to 1. A simple mask might be /24.
question
IP4 default address class : Class A
answer
Address Range -> 1.0.0.0 to 126.255.255.255 First Octet Range -> 1-126 (00000001--01111110 binary) Default Subnet Mask -> 255.0.0.0 CIDR Notation -> /8
question
IP4 default address class: : Class B
answer
Address Range -> 128.0.0.0 to 191.255.255.255 First Octet Range -> 128-191 (10000000--10111111 binary) Default Subnet Mask -> 255.255.0.0 CIDR Notation -> /16
question
IP4 default address class : Class C
answer
Address Range -> 192.0.0.0 to 223.255.255.255 First Octet Range -> 192-223 (11000000--11011111 binary) Default Subnet Mask -> 255.255.255.0 CIDR Notation -> /24
question
IP4 default address class : Class D
answer
Address Range -> 224.0.0.0 to 239.255.255.255 First Octet Range -> 224-239 (11100000--11101111 binary) Default Subnet Mask -> n/a CIDR Notation -> n/a
question
IP4 default address class : Class E
answer
Address Range -> 240.0.0.0 to 255.255.255.255 First Octet Range -> 240-255 (11110000--11111111 binary) Default Subnet Mask -> n/a CIDR Notation -> n/a
question
Network Address Translation (NAT) router
answer
Translates multiple private addresses into the single registered IP address.
question
New IP addressing system named IP version 6 or IPv6
answer
Used when IPv4 does not have enough unique IP address to meet growing demands. The IPv6 address is a 128-bit binary number. A sample IPv6 IP address looks like: 35BC:FA77:4898:DAFC:200C:FBBC:A007:8973.
question
Features of an IPv6 address:
answer
*The address is made up of 32 hexadecimal numbers organized into 8 quartets. *The quartets are separated by colons. *Each quartet is represented as a hexadecimal number between 0 and FFFF. Each quartet represents 16-bits of data (FFFF = 1111 1111 1111 1111). *Leading zeros can be omitted in each section. For example, the quartet 0284 could also be represented by 284. *Addresses with consecutive zeros can be expressed more concisely by substituting a double-colon for the group of zeros. For example: *FEC0:0:0:0:78CD:1283:F398:23AB *FEC0::78CD:1283:F398:23AB (concise form) *If an address has more than one consecutive location where one or more quartets are all zeros, only one location can be abbreviated. For example, FEC2:0:0:0:78CA:0:0:23AB could be abbreviated as: *FEC2::78CA:0:0:23AB or *FEC2:0:0:0:78CA::23AB But not FEC2::78CA::23AB *FEC2:0:0:0:78CA::23AB But not FEC2::78CA::23AB
question
Part 1 of 128-bit address Prefix
answer
The first 64-bits is known as the prefix. *The 64-bit prefix can be divided into various parts, with each part having a specific meaning. Parts in the prefix can identify the geographic region, the ISP, the network, and the subnet. *The prefix length identifies the number of bits in the relevant portion of the prefix. To indicate the prefix length, add a slash (/) followed by the prefix length number. Full quartets with trailing 0's in the prefix address can be omitted (for example 2001:0DB8:4898:DAFC::/64). *Because addresses are allocated based on physical location, the prefix generally identifies the location of the host. The 64-bit prefix is often referred to as the global routing prefix.
question
Part 2 of 128-bit address Interface ID
answer
The last 64-bits is the interface ID. This is the unique address assigned to an interface. *Addresses are assigned to interfaces (network connections), not to the host. Technically, the interface ID is not a host address. *In most cases, individual interface IDs are not assigned by ISPs, but are rather generated automatically or managed by site administrators. *Interface IDs must be unique within a subnet, but can be the same if the interface is on different subnets. *On Ethernet networks, the interface ID can be automatically derived from the MAC address. Using the automatic host ID simplifies administration.
question
The IPv6 local loopback address for the local host :
answer
0:0:0:0:0:0:0:1 (also identified as ::1 or ::1/128). The local loopback address is not assigned to an interface. It can be used to verify that the TCP/IP protocol stack has been properly installed on the host.
question
Subnetting
answer
The process of dividing a large network into smaller networks. When you subnet a network, each network segment (called a subnet) has a different network address (also called a subnet address). In practice, the terms network and subnet are used interchangeably to describe a physical network segment with a unique network address.
question
Subnet physical standpoint
answer
Subnetting is necessary because all network architectures have a limit on the number of hosts allowed on a single network segment. As your network grows, you will need to create subnets (physical networks) to: *Increase the number of devices that can be added to the LAN (to overcome the architecture limits) *Reduce the number of devices on a single subnet to reduce congestion and collisions *Reduce the processing load placed on computers and routers *Combine networks with different media types within the same internetwork (subnets cannot be used to combine networks of different media type on to the same subnet)
question
Subnetting is also used to efficiently use the available IP addresses.
answer
Example: an organization with a class A network ID is allocated enough addresses for 16,777,214 hosts. If the organization actually uses only 10,000,000 host IDs, over 6 million IP addresses are not being used. Subnetting provides a way to break the single class A network ID into multiple network IDs. *Subnetting uses custom rather than the default subnet masks. For example, instead of using 255.0.0.0 with a Class A address, you might use 255.255.0.0 instead. *Using custom subnet masks is often called classless addressing because the subnet mask cannot be inferred simply from the class of a given IP address. The address class is ignored and the mask is always supplied to identify the network and host portions of the address. *When you subnet a network by using a custom mask, you can divide the IP addresses between several subnets. However, you also reduce the number of hosts available on each network.
question
Class B subnet addresses
answer
Network address Default example 188.50.0.0 Custom example 188.50.0.0 Subnet mask Default example 255.255.0.0 Custom example 255.255.255.0 # of Subnet addresses Defualt example One Custom example 254 # of hosts per subnet Default example 65,534 Custom example 254 per subnet Subnet Addresses Default example 188.50.0.0 (only one) Custom example 188.50.1.0 188.50.2.0 188.50.3.0 (and so on) Host address ranges Default example 188.50.0.1 to 188.50.255.254 Custom example 188.50.1.1 to 188.50.1.254 188.50.2.1 to 188.50.2.254 188.50.3.1 to 188.50.3.254 (and so on)
question
Classful addresses
answer
IP addresses that use the default subnet mask. They are classful because the default subnet mask is used to identify the network and host portions of the address. Classless addresses are those that use a custom mask value to separate network and host portions of the IP address.
question
Classless addresses
answer
made possible by a feature called Classless Inter-Domain Routing (CIDR). CIDR allows for non-default subnet masks (variable length subnet mask or VLSM). Routers use the following information to identify networks: *The beginning network address in the range *The number of bits used in the subnet mask For example, the subnet 199.70.0.0 with a mask of 255.255.0.0 is represented as 199.70.0.0/16 (with 16 being the number of 1 bits in the subnet mask).
question
Which of the following best describes the purpose of using subnets?
answer
Subnets divide an IP network address into multiple network addresses.
question
Which of the following is not a reason to use subnets on a network?
answer
Subnets cannot be used to combine networks of different media type on to the same subnet. Each network with a distinct media type has its own subnet.
question
Which of the following IPv6 addresses is equivalent to the IPv4 loopback address of 127.0.0.1?
answer
::1 The local loopback address is not assigned to an interface. It can be used to verify that the TCP/IP protocol stack has been properly installed on the host. :: is the unspecified address (also identified ::/128) The unspecified address is used when there is no IPv6 address.
question
Which of the following best describes an IPv6 address?
answer
Eight hexadecimal quartets 128 bit address
question
Which of the following correctly describe the most common format for expressing IPv6 addresses?
answer
32 numbers, grouped using colons Hexadecimal numbers
question
Which of the following are valid IPv6 addresses?
answer
Both 6384:1319:7700:7631:446A:5511:8940:2552 141:0:0:0:15:0:0:1
question
Which of the following is a valid IPv6 address?
answer
FEC0: AB: 9007 is a valid IPv6 address. The :: in the address replaces blocks of consecutive 0's. The longer form of this address would be FEC0:: 0000:0000:0000:0000:0000:00AB:9007. Leading 0's within a quartet can also be omitted.
question
Routers operate at what level of the Open System Interconnect model?
answer
The network layer is where the primary network protocol resides. At this layer, routers are able to manage traffic based on the contents of the IP packet header.
question
You've decided to use a subnet mask of 255.255.192.0 on the 172.17.0.0 network to create four separate subnets. Which network IDs will be assigned to these subnets in this configuration?
answer
172.17.0.0 172.17.128.0 In binary notation 172.17.0.0 can be viewed as 11111111.11111111.11000000.000000. Because the first two bits of the third octet are used for the network portion of the address, four subnets are possible: 172.17.0.0 172.17.64.0 172.17.128.0 172.17.192.0
question
Protocol
answer
Protcols set of standards for communication between network hosts. Protocols often provide services, such as e-mail or file transfer. Most protocols are not intended to be used alone, but instead rely on and interact with other dependent or complimentary protocols.
question
Transmission Control Protocol (TCP)
answer
TCP provides services that ensure accurate and timely delivery of network communications between two hosts. TCP is an OSI layer 4 (Transport layer) protocol. TCP is connection-oriented which means that it provides a guaranteed delivery of data between hosts through the following services: *Sequencing of data packets *Flow control *Error checking The TCP three-way handshake is the process used to establish a TCP session. The steps to a TCP three-way handshake process are: 1.A host sends a SYN packet to the target host. 2.The target host responds to the original host with a SYN ACK packet. 3.The host responds to the target host with an ACK packet.
question
User Datagram Protocol (UDP)
answer
UDP is a host-to-host protocol like TCP. However, UDP is connectionless, which means that it does not include mechanisms for ensuring timely and accurate delivery, but uses a best effort delivery. Because it has less overhead, it offers fast communications, but at the expense of possible errors or data loss.
question
Internet Protocol (IP)
answer
IP is an OSI layer 3 protocol that is connectionless and relies on upper layer protocols like TCP to ensure delivery and connection orientation.
question
Internetwork Packet Exchange (IPX)
answer
IPX is an older protocol used with older Novell networks. IPX has been replaced with TCP/IP in newer versions of NetWare. Unless you are running a version of NetWare that does not support TCP/IP, or are using applications that rely on IPX, you should disable IPX to eliminate attacks against IPX on your network.
question
Network Basic Input/Output System (NetBIOS)
answer
NetBIOS is the term used to describe the combination of two protocols: NetBEUI and NetBIOS. Because NetBIOS is a non-routable protocol, it was often combined with TCP/IP or IPX/SPX to enable internetwork communications. *NetBIOS was used in early Windows networks. *Beginning with Windows 2000, NetBIOS is no longer required. *NetBIOS might be needed if the network includes clients running previous versions of Windows.
question
Internet Control Message Protocol (ICMP)
answer
ICMP is commonly used for troubleshooting and information gathering. ICMP works closely with IP in providing error and control information, and by allowing hosts to exchange packet status information which helps move the packets through the internetwork. Two common management utilities use ICMP messages to check network connectivity. *ping is an ICMP Echo Request and once executed should initiate an Echo Reply to the source from the target device. Ping can be used to determine whether devices are reachable and can communicate across the network. *traceroute determines how many routers (hops) are between the source and the target in addition to determining timeout response values for each router. ICMP also works with IP to send notices when destinations are unreachable and when devices' buffers overflow. ICMP messages are used to determine the route and hops packets take through the network and whether devices can communicate across the network.
question
Address Resolution Protocol (ARP)
answer
ARP provides IP address-to-MAC address name address resolution. Using ARP, a host that knows the IP address of a host can discover the corresponding MAC address.
question
Domain Name System (DNS)
answer
DNS is a hierarchical, distributed database that maps logical host names to IP addresses. For example, the namewww.mydomain.com would be identified with a specific IP address. When you use the host name of a computer (for example if you type a URL such as www.mydomain.com), your computer uses the following process to find the IP address. 1.The host looks in its local cache to see if it has recently resolved the host name. 2.If the information is not in the cache, it checks the Hosts file. The Hosts file is a static text file that contains hostname-to-IP address mappings. 3.If the IP address is not found, the host contacts its preferred DNS server. If the preferred DNS server can't be contacted, it continues contacting additional DNS servers until one responds. 4.The host sends the name information to the DNS server. The DNS server then checks its cache and Hosts file. If the information is not found, the DNS server checks any zone files that it holds for the requested name. 5.If the DNS server can't find the name in its zones, it forwards the request to a root zone name server. This server returns the IP address of a DNS server that has information for the corresponding top-level domain (such as .com). 6.The first DNS server then requests the information from the top-level domain server. This server returns the address of a DNS server with the information for the next highest domain. This process continues until a DNS server is contacted that holds the necessary information. 7.The DNS server places the information in its cache and returns the IP address to the client host. The client host also places the information in its cache and uses the IP address to contact the desired destination device.
question
Simple Network Management Protocol (SNMP)
answer
SNMP is a protocol designed for managing complex networks. SNMP lets network hosts exchange configuration and status information. This information can be gathered by management software and used to monitor and manage the network. SNMP uses the following components: *A manager is the computer used to perform management tasks. The manager queries agents and gathers responses. *An agent is a software process that runs on managed network devices. The agent communicates with the manager and can send dynamic messages to the manager. *The management information base (MIB) is a database of host configuration information. Agents report data to the MIB, and the manager can then view information by requesting data from the MIB. *A trap is an event configured on an agent. When the event occurs, the agent logs details regarding the event. SNMP version 2 added some security features, but most security comes with SNMP version 3. SNMP version 3 adds the following: *Authentication for agents and managers. *Encryption of SNMP information. *Message integrity to ensure that data is not altered in transit.
question
Ports
answer
Logical connections, provided by the TCP or UDP protocols at the Transport layer, for use by protocols in the upper layers of the OSI model. The TCP/IP protocol stack uses port numbers stored in the TCP or UDP header to determine what protocol incoming traffic should be directed to. Some characteristics of ports are listed below: *Ports allow a single host with a single IP address to run multiple network services. Each port number identifies a distinct service. *Each host can have over 65,000 ports per IP address. *Port use is regulated by the Internet Corporation for Assigning Names and Numbers (ICANN).
question
Corporation for Assigning Names and Numbers (ICANN). ICANN specifies three categories for ports:
answer
*Well-known ports range from 0 to 1023 and are assigned to common protocols and services. *Registered ports range from 1024 to 49151 and are assigned by ICANN to a specific service. *Dynamic (also called private or high) ports range from 49,152 to 65,535 and can be used by any service on an ad hoc basis. Ports are assigned when a session is established, and released when the session ends.
question
Ports 20 TCP 21 TCP
answer
File Transfer Protocol (FTP)
question
Ports 22 TCP and UDP
answer
Secure Shell (SSH) SSH File Transfer Protocol (SFTP) Secure Copy (SCP)
question
Port 23 TCP
answer
Telnet
question
Port 25 TCP
answer
Simple Mail Transfer Protocol (SMTP)
question
Ports 49 TCP and UDP
answer
Terminal Access Controller Access-Control System (TACACS)
question
Port *IP protocol number 50
answer
Encapsulating Security Payload (ESP) (used with IPSec)
question
Port *IP protocol number 51
answer
Authenticating Header (AH) (used with IPSec)
question
Ports 53 TCP and UDP
answer
Domain Name Server (DNS)
question
Ports 67 UDP 68 UDP
answer
Dynamic Host Configuration Protocol (DHCP)
question
Port 69 UDP
answer
Trivial File Transfer Protocol (TFTP)
question
Port 80 TCP
answer
HyperText Transfer Protocol (HTTP)
question
Port 88 TCP
answer
Kerberos
question
Port 110 TCP
answer
Post Office Protocol (POP3)
question
Port 119 TCP
answer
Network News Transport Protocol (NNTP)
question
Port 123 UDP
answer
Network Time Protocol (NTP)
question
Ports 135 TCP 137 and 138 TCP and UDP 139 TCP
answer
Network Basic Input/Output System (NetBIOS)
question
Ports 143 TCP and UDP
answer
Internet Message Access Protocol (IMAP4)
question
Ports 161 TCP and UDP 162 TCP and UDP
answer
Simple Network Management Protocol (SNMP)
question
Ports 389 TCP and UDP
answer
Lightweight Directory Access Protocol (LDAP)
question
Ports 443 TCP and UDP
answer
HTTP with Secure Sockets Layer (SSL/TLS) (HTTPS)
question
Port 445 TCP
answer
Windows 2000 CIFS/SMB (file access)
question
Port 500 UDP
answer
Internet Key Exchange (IKE) (used with IPSec)
question
Ports 636 TCP and UDP
answer
Lightweight Directory Access Protocol over TLS/SSL (LDAPS)
question
Ports 989 TCP and UDP 990 TCP and UDP
answer
FTP Secure (FTPS or FTP over SSL/TLS)
question
Port 1701 UDP
answer
Layer 2 Tunneling Protocol (L2TP)
question
Ports 1723 TCP and UDP
answer
Point-to-Point Tunneling Protocol (PPTP)
question
Ports 1812 TCP and UDP 1813 TCP and UDP
answer
Remote Authentication Dial In User Service (RADIUS)
question
Port 3389 TCP
answer
Remote Desktop Protocol (RDP)
question
Be aware of the following regarding ports:
answer
*Attackers use port scanning software to identify open ports, then focus their attacks on services that use those ports. *Configure a firewall to open (allow) or block ports through the firewall or on a device. *As a best practice, only open the necessary ports. For example, if the server is only being used for e-mail, then shut down ports that correspond to FTP, DNS, and HTTP (among others). *For auditing purposes, you can use a port scanner to check systems and firewalls for open ports. *Use netstat -a to view a list of opened ports on a system. *Use a port scanning tool such as Nmap to scan for open ports on local and remote systems.
question
You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do?
answer
Implement version 3 of SNMP
question
You want to implement a protocol on your network that allows computers to find the IP address of a host from a logical name. Which protocol should you implement?
answer
DNS
question
Which of the following protocols allows hosts to exchange messages to indicate problems with packet delivery?
answer
ICMP
question
You are configuring a network firewall to all SMTP outbound e-mail traffic, and POP3 inbound e-mail traffic. Which of the following TCP/IP ports should you open on the firewall?
answer
25 110
question
Which port number is used by SNMP?
answer
161
question
Which of the following ports does FTP use to establish sessions and manage traffic?
answer
20 21
question
Using the Netstat command, you notice that a remote system has made a connection to your Windows Server 2008 system using TCP/IP port 21. Which of the following actions is the remote system most likely to be performing?
answer
Downloading a file
question
To increase security on your company's internal network, the administrator has disabled as many ports as possible. Now, however, though you can browse the Internet, you are unable to perform secure credit card transactions. Which port needs to be enabled to allow secure transactions?
answer
443
question
Which of the following network services or protocols uses TCP/IP port 22?
answer
SSH
question
SNMP
answer
161 TCP and UDP
question
SSH
answer
22 TCP and UDP
question
TFTP
answer
69 UDP
question
SCP
answer
22 TCP and UDP
question
Tellnet
answer
23 TCP
question
HTTPS
answer
443 TCP and UDP
question
HTTP
answer
80 TCP
question
FTP
answer
20 TCP
question
SMTP
answer
25 TCP
question
POP3
answer
110 TCP
question
Which two of the following lists accurately describes TCP and UDP?
answer
UDP: connectionless, unreliable, unsequenced, low overhead TCP: conncetion-ortiented, reliable, sequenced, high overhead.
question
You are an application developer creating applications for a wide variety of custoers. In which two of the following situations would you select a connectionless protocol?
answer
A gaming company wants to create a networked version of its latest game. Communication speed and reducing packet overhead are more important thatn error-free delivery. A company connects two networks through an expensive WAN link. The communication media is reliable, but very expensive. They want to minimize connection times.
question
You want to maintain tight security on your internal network so you restrict access to the network through certain port numbers. If you want to allow users to continue to use DNS, which port should you enable?
answer
53
question
Your company's network provides HTTP, HTTPS and SSH access to remote employees. Which ports must be opened on the firewall to allow this traffic to pass?
answer
80, 443, 22
question
Your network recently experienced a series of attacks aimed at the Telnet and FTP services. You have rewritten the security policy to abolish the unsecured services, and not you must secure the network using your firewall and routers. Which ports must be closed to prevent traffic directed to these two services?
answer
23,21
