117 Final Study Guide

Question 1

What are the four basic operations of the network layer?

Answer 1

• Addressing end devices
• Encapsulation
• Routing
• De-Encapsulation

Question 2

What does the network layer provide?

Answer 2

The network layer provides services to allow end devices to exchange data.

Question 3

What are the two principle network layer communication protocols?

Answer 3

IPv4 and IPv6

Question 4

What is IP Encapsulation?

Answer 4

IP encapuslation encapsulates the transport layer segment using either an IPv4 or an IPv6 packet. It does not impact the Layer 4 segment.

The IP packet will be examined by all layer 3 devices as it traverses the network.

Question 5

Does IP addressing change during travel?

Answer 5

No, IP addressing stays the same from source to destination.

Question 6

What are the characteristics of IP?

Answer 6

IP is meant to have low overhead and may be described as:

Connectionless

Best Effort

Media Independent

Question 7

What are the 3 types of routes inside of a routing table?

Answer 7

Directly connected (Routes automatically added to the router, provided it is active and has addressing)

Remote ( Routes the router does not have a direct connection to, but may learn either manually or dynamically)

Direct route (This forwards all traffic to a specific direction where there is not a match in the routing table)

Question 8

What are the characteristics of static routing?

Answer 8

Static routes must be configured manually

Static routes must be adjusted manually if there is a change in topology

Good for small, non-redundant networks

Often used in conjunction with dynamic routing for configuring a default route.

Question 9

What are the characteristics of dynamic routing?

Answer 9

Dynamic routes automatically:

Discover remote networks

Update information

Choose the best path to a destination

Find new best paths when there is a change in topology.

Question 10

Can dynamic routing share static default routes?

Answer 10

Yes, dynamic routing can share static default routes with other connnected routers.

Question 11

What command is used to access the IP routing table?

Answer 11

show ip route for IPv4

show ipv6 route for IPv6

Question 12

What are the route sources listed in the routing table?

Answer 12

• Directly Connected Routes:
• L - Directly conected local interface IP address
• C - Directly Connected Network
• • Default Routes
• S - Manually configured static route
• R - Rip route
• • Remote Routes
• O - OSPF
• D - EIGRP

Question 13

What is ARP?

Answer 13

ARP (Address Resolution Protocol) is used to determine the destination MAC address of a local device when it knows its IPv4 address already.

Question 14

Name the 2 basic functions of ARP

Answer 14

ARP Resolves IPv4 addresses to a MAC address

ARP maintains an ARP tables of IPv4 to MAC address mappings.

Question 15

How does ARP function?

Answer 15

To send a frame a device will search its ARP table for a destination IPv4 address and a corresponding MAC address.

ARP sends out a broadcast (255.255.255.255) to all devices on the LAN it’s connected to. Only the device with the correct IP address responds with its MAC, and an entry is made in the ARP table.

Question 16

Describe 4 ways ARP functions in a router.

Answer 16

1. If the packets destination IPv4 address is on the same network, the device will search the ARP table for the destination IPv4 address
2. If the destination IPv4 address is on a different network, the device will search the ARP table for the IPv4 address of the default gateway
3. If the device locates the IPv4 address, its corresponding MAC address is used as the destination MAC address of the frame
4. If no ARP entry is found, the device will send out an ARP request.

Question 17

Name the commands used to show the ARP table.

Answer 17

show ip arp is used on Cisco routers

arp - a is used on Windows 10 PCs

Question 18

What does IPv6 Neghibor Discovery provide?

Answer 18

IPv6 ND provides:

• Address resolution
• Router Discovery
• Redirection Services
• ICMPv6 Neghibor Solicitation (NS)
• ICMTPv6 Router Solicitation and Router Advertisement
• ICMPv6 redirect messages used by routers for better next-hop selection

Question 19

What is Neghibor Solicitation and Neghibor Advertisement used for?

Answer 19

NS and NA are used for device to device messaging such as address resolution.

Question 20

What is Router Solicitation and Router Adverrtisement used for?

Answer 20

RS and RA are used for communication between devices and routers for router discovery.

Question 21

Define an IPv4 Address.

Answer 21

An IPv4 address is a 32-bit hierarchial address that is made up of a network and a host portion.

Question 22

How do you determine the network and host portion of an IPv4 address?

Answer 22

A subnet mask is used to determine the network and host portions.

Question 23

How is a subnet mask used?

Answer 23

To identify the network and host portions of an address, the subnet mask is compared to the IPv4 address bit for bit, from left to right.

Question 24

What is the name of the process used to identify network and host portions of an address?

Answer 24

The process is called ANDing.

Question 25

Define prefix length.

Answer 25

A prefix length is a truncated method to identify a subnet mask address.

The prefix length is the number of 1 bits in a subnet mask.

Question 26

How do you write prefix length in slash notation?

Answer 26

Count the number of bits in the subnet mask and prepend it with a slash.

Example:

• 255.255.255.0
• 11111111.11111111.11111111.00000000
• 24 ones, prefix length is /24

Question 27

Describe the process of ANDing.

Answer 27

ANDing is a logical Boolean operation.

It is the comparison between two bits where only 1 AND 1 produce 1 and any other combination results in a 0.

1 = True and 0 = False.

Question 28

What are the 3 types of IP addresses inside of each network?

Answer 28

Network Address (First in the range)

Host addresses (2nd address to 2nd last address in the range)

Broadcast address (Final Address in the range)

Example:

192.168.1.0/30

• 192.168.1.0 - network address
• 192.168.1.1 and 2 - host addresses
• 192.168.1.3 broadcast address.

Question 29

What are Unicast transmissions?

Answer 29

Unicast transmission is sending a packet to a SINGLE destination IP address.

Question 30

What are Broadcast transmissions?

Answer 30

Broadcast transmission is sending a packet to ALL destination IP addresses on a network.

Question 31

What are Multicast Transmissions?

Answer 31

Multicast transmissions send a packet to a SPECIFIED multicast address group.

Question 32

What are public IPv4 addresses?

Answer 32

Public IPv4 addresses (as defined in RFC 1918) are globally routed between ISP routers.

Question 33

What are Private IPv4 addresses?

Answer 33

Private IPv4 addresses are common blocks of addresses used by most organizations to assign IPv4 addresses to internal hosts.

Private IPv4 addresses are not Unique and can be used internally within any network, however they are not privately routable.

Question 34

Name the 3 ranges of IPv4 Private Addresses.

Answer 34

10. 0.0.0/8 (10.0.0.0 - 10.255.255.255)
11. 16.0.0/12 (172.16.0.0 - 172.31.255.255)
12. 168.0.0 /16 (192.168.0.0 - 192.168.255.255)

Question 35

What are Loopback Addresses?

Answer 35

Loopback addresses (127.0.0.0 / 8 or any address starting in 127 up to 127.255.255.254) are used on a host to test if TCP/IP is operational.

Question 36

What are Link-Local addresses.

Answer 36

Link local addresses are commonly known as the Automatic Private IP Addressing (APIPA) addresses. Also known as self assigned addresses. They are used by Windows DHCP clients to self-configre when DHCP servers are unavailable.

Question 37

What range are Class A addresses allocated?

Answer 37

0.0.0.0/8 to 127.0.0.0/8

Question 38

What range are Class B addresses allocated?

Answer 38

128.0.0.0/16 to 191.255.0.0/16

Question 39

What range are Class C addresses allocated?

Answer 39

192.0.0.0/24 to 223.255.255.0/24

Question 40

What range are class D addresses allocated?

Answer 40

224.0.0.0 to 239.0.0.0

Question 41

What range are Class E addresses assigned to?

Answer 41

240.0.0.0 - 255.255.255.255

Question 42

Why is Classful addressing no longer used?

Answer 42

Classful addressing was wasteful and has been replaced with classless addressing which ignores the rules of classes.

Question 43

How does prefix length affect the number of hosts per subnet?

Answer 43

The longer the prefix length, the less hosts per subnet.

Question 44

Why do we segment networks?

Answer 44

Large broadcast domains have the ability to generate excessive broadcasts which negatively affect the network.

Question 45

How are larger broadcast domains shrunk down?

Answer 45

Smaller broadcast domains are created from the larger ones in a process known as Subnetting.

Question 46

What are some reasons for segmenting networks?

Answer 46

Subnetting recudes overall traffic and improves the networks performance

Security policies can be implemented between subnets

Subnetting reduces the number of devices affected by abnormal broadcast traffic.

Some other reasons include:

Router location

Group or function of a network

What types of devices are used.

Question 47

On the other side of this card, study the number of hosts in relation to prefix length.

Answer 47

Question 48

What would be the SMALLEST subnet needed for a network with 243 hosts?

Answer 48

A /24 subnet would cover that number of hosts.

Question 49

What is VLSM?

Answer 49

VLSM (Variable Length Subnet Mask) is a method of creating subnets to fit the needs of each individual network.

VLSM was developed to avoid wasting addresses by allowing administrators to subnet a subnet.

Question 50

What is the main thing to remember when beginning to use VSLM?

Answer 50

When using VSLM, always begin by satisfying the host requirements of the largest subent, and continue until the host requirements of the smallest subnet are satisfied.

Question 51

Why is there a need for IPv6?

Answer 51

IPv4 does not have enough addresses to suply the world, and IPv6 is a nessicary successor.

IPv6 has a much larger 128-bit address space over IPv4.

Question 52

What is Dual Stacking?

Answer 52

Dual stacking is when devices run both IPv4 and IPv6 protocol stacks similtaneously.

Question 53

Describe how IPv6 addresses are formatted.

Answer 53

IPv6 addresses are 128 bits expressed in hexadecimal.

IPv6 addresses aren’t case sensitive.

IPv6 addresses are written as:

x:x:x:x:x:x:x:x

Each x consists of 4 hexadecimal values.

Question 54

What is the term unnofficial term used to refer to a 16 bit segment?

Answer 54

Hextet

Question 55

How do you truncate an IPv6 address?

Answer 55

IPv6 addresses are truncated by omitting 0s.

If a hextet is made of all 0s, it can be represented by a single 0.

Leading 0s can be left out when typing an address

If there is a range of 0s, it can be represented using a double colon, but only once per address.

Question 56

What is the truncated version of these IPv6 addresses?

2001:0EAF:0006:0407:0000:0000:0000:0054

ABBA:ACDC:0ABC:A004:0000:0000:69FE:0061

AAAA:0BBB:00CC:D000:0000:0000:0000:0ABC

Answer 56

2001:EAF:6:407::54

ABBA:ACDC:ABC:A004::69FE:61

AAAA:BBB:CC:D000::ABC

Remember, Leading 0s can be removed, but trailing 0s can not be removed.

Question 57

Name the 3 broad categories of IPv6 addresses.

Answer 57

Unicast, Multicast, and Anycast.

IPv6 does not have a broadcast address, however there is an IPv6 all-nodes multicast that does essentially the same thing.

Question 58

Define Unicast IPv6 addresses.

Answer 58

Unicast IPv6 addresses uniquely identify an interface on an IPv6 enabled device

Question 59

Define Multicast IPv6 addresses.

Answer 59

Multicast IPv6 addresses are used to send a single IPv6 packet to multiple destinations.

Question 60

Define Anycast IPv6 addresses.

Answer 60

Anycast is an IPv6 unicast address that can be assigned to multiple devices. A packet sent to an anycast address is routed to the nearest device with that address.

Question 61

What are IPv6 Global Unicast Addresses (GUA)?

Answer 61

GUA are similar to a public IPv4 address, as they are globally unique, internet-routable addresses.

Question 62

What are Link-Local Addresses (LLA)?

Answer 62

LLA are required for every IPv6 enabled device and are used to communicate with other devices on the same local link. They are unroutable and are confined to a single link.

Question 63

What is the range for IPv6 Link Local Addresses?

Answer 63

fe80::/10

Question 64

What is SLAAC?

Answer 64

SLAAC allows a device to configure a GUA without DHCPv6

Question 65

How does SLAAC work?

Answer 65

SLAAC works by allowing devices to obtain information to configure a GUA from ICMPv6 RA messages.

RA provides a prefix, and the device uses either the EUI-64 or a random generated Interface ID.

Question 66

Whate is Stateful DHCPv6?

Answer 66

Stateful DHCPv6 is similar to DHCP for IPv4, and allows a device to automatically receive a GUA, prefix length and the addresses of DNS servers.

Question 67

What does EUI stand for?

Answer 67

Extended Unique Identifier

Question 68

What does the EUI-64 process entail?

Answer 68

The EUI-64 process inserts a 16 bit value of FFFE(hex) into the middle of a 48 bit MAC address belonging to the client.

The 7th bit of the client MAC address is reversed from a binary 0 to a 1.

Example:

48-bit MAC fc::00:47:75:ce:e0 becomes:

EUI-64 ID: fe:99:47:ff:fe:75:ce:e0

Question 69

What are the two types of IPv6 multicast addresses?

Answer 69

Well-Known Multicast addresses

Solicited Node Multicast Addresses

Question 70

Can Multicast addresses be used as source addresses? (IPv6)

Answer 70

No, Multicast addresses can only be destination addresses.

Question 71

What are Well-Known Multicast Addresses?

Answer 71

Well-known IPv6 multicast addresses are assigned and reserved for predefined groups of devices.

Question 72

What are the two common IPv6 assigned multicast groups?

Answer 72

ff02: :1 - All-Nodes Multicast group. This is the group all IPv6 enabled devices join.
ff02: :2 All-Routers multicast group. This is the multicast group all IPv6 routers join. A router becomes part of this group when the ipv6 unicast-routing command is applied.

Question 73

What is a Solicited-Node IPv6 multicast address?

Answer 73

A solicided-node multicast is similar to all-nodes multicast, however it is mapped to a special Ethernet multicast address.

Ethernet NICs filter the frame by examining the destination MAC without sending it to the IPv6 process to see if the device is the intended target for the packet.

Question 74

What are 3 messages common to both ICMPv4 and v6?

Answer 74

Host Reachability (Echo message) An echo request and reply is exchanged between hosts to determine availability.

Destination or Service Unreachable Notifies the source that the destination or service is unreachable

Time Exceeded (TTL for IPv6) Ipv6 uses hop limits instead of TTL to determine if packets are expired.

Question 75

How do RA messages work?

Answer 75

RA messages are sent by IPv6 routers every 200 seconds to provide addressing information to IPv6 hosts.

Question 76

What could be included in a RA message?

Answer 76

RA messages can include addressing information for hosts including:

Prefix / prefix length

DNS address

Domain name

Question 77

How does SLAAC interact with RA?

Answer 77

A host using SLAAC will set its default gateway to the link-local address of the router that sent the RA.

Question 78

What are RS messages used for?

Answer 78

RS messages are used by routers to ask for dynamic addressing information from other routers. The response to an RS message is an RA message containing addressing information.

Question 79

Name some ICMPv4 Destination Unreachable codes.

Answer 79

0 - Network Unreachable

1 - Host Unreachable

2 - Protocol Unreachable

3 - Port Unreachable.

Question 80

Name some ICMPv6 Destination Unreachable codes

Answer 80

0 - No route to destination

1- Communication with destination prohibited

2 - Beyond the scope of the source address

3 - Address unreachable

4 - Port Unreachable

Question 81

What is DAD?

Answer 81

Duplicate Address Detection.

A device checks the uniqueness of an address using a NS message with its own IPv6 address.If another device on the network has the same address, it will respond with an NA message notifying the sending device that the address is in use.

Question 82

How is NS used for ICMPv6?

Answer 82

NS is used to determine the destination MAC address.

The message is sent to the target device, which replies with an NA message containing the MAC address.

Question 83

What is the purpose of TCP?

Answer 83

TCP (Transmission Control Protocol) provides reliability and flow control.

Question 84

Name the operations of TCP.

Answer 84

TCP Numbers and tracks data segments transmitted to a specific host from a specific application

Awknoleges the received data

Retransmits any unacknowledged data after TTL has run out

Sequences un-ordered data

Sends data at an efficient rate

Question 85

What is UDP?

Answer 85

UDP provides the basic functions for delivering datagrams between applications quickly. It has very little overhead and does almost no data checking.

Question 86

What are some characterists of UDP?

Answer 86

UDP is a connectionless protocol

UDP is known as a best-effort delivery protocol because there is no acknowledgment that the data is received at the destination.

Question 87

What should UDP and TCP be used for?

Answer 87

UDP is used by request and reply applicatioins where the data is minimal and the retransmission can be done quickly if there is an error.

TCP is used if it is imperative that the data arrives and can be processed in proper sequence.

TCP is like your mailman waiting for you to answer your door to grab your package.

UDP is like the mailman who throws your package from the edge of your yard and drives away.

Question 88

Name the features of TCP

Answer 88

TCP:

Establishes a session.

Ensures reliable delivery

Provides Same-Order delivery

Supports Flow Control

Question 89

Name the features of UDP

Answer 89

UDP features:

Data reconstructed in the order it is received

Any segments that are lost are discarded

There is no session establishment

Sending is not informed about resource availability.

Question 90

What are some applications that use UDP

Answer 90

Video and Multimedia (VoIP and Live streaming video)

Simple request / reply applications (DNS and DHCP)

Applications that handle reliablity on their own.

Question 91

How do TCP and UDP use port numbers?

Answer 91

TCP / UDP use port numbers to manage multiple conversations at the same time.

The source port number is associated with the originating appplication on the local host.

The destination port number is associated with the destination application on the destination host.

Question 92

What are the functions of the TCP Three-Way handshake?

Answer 92

The Three-Way Handshake:

Establishes that the destination device exists

Verifies that the destination device is ready to accept requests on the port number that the initiating client wants to use.

Informs the destination device that the initiating client is trying to establish a communication session on that number.

TCP: “Hey…. you home?, You busy rn? Can I come establish a connection? ;)”

Question 93

What occurs after the TCP Three-Way Handshake?

Answer 93

All sessions close, the connection is terminated, and they both re-enable inside the TCP reliability function.

Question 94

Describe some characterists of UDP datagram reassembly.

Answer 94

Because UDP doesn’t track sequence numbers the same way TCP does, it has no way to reorder datagrams into their transmission order. UDP just reassembles in the order it was received and sends it off.

Question 95

Describe UDP Client processes.

Answer 95

The UDP client process dynamically selects a port number from a range and uses this as the source port.

This port is usally a well known or registered port number assigned to the server.

After a client has selected the source and destination ports, the same are used in the header of all datagrams in the transaction.

Question 96

What is the function of DNS?

Answer 96

DNS or Domain Name Service translates domain names into IP addresses.

Question 97

What is the function of DHCP?

Answer 97

DHCP (Dynamic Host Config Protocol) dynamically assigns IP addresses to be re-used when no longer in operation.

Question 98

What is the function of HTTP?

Answer 98

HTTP (Hypertext Transfer Protocol) is a set of rules for exchanges test, video, sound, images, and other media files over the World Wide Web.

Question 99

What is the difference betweeen HTTP and HTTPS?

Answer 99

HTTP and HTTPS are both request/response protocols that specify message types used for communication. HTTP is not secured while HTTPS is a secure protocol.

Question 100

Name 3 common HTTP message types

Answer 100

GET - Client request for data (ex a web browser requests HTML pages from a web server)

POST - Uploads data files to the web server

PUT - Uploads resources or content to the web server, such as an image.

Question 101

Name the email protocols

Answer 101

SMTP (Simple Mail Transfer Protocol) used to send email

IMAP / POP(Post office protocol) used to receive email

Question 102

What is the function of email transfer protocols?

Answer 102

SMTP connects with a server SMTP process on well-known port 25

After connection is made, the client attempts to send the email to the server

When the server receives the messsage, it either places it in a local account or sends it to a different mail server for delivery if its a remote destination.

If the destination is busy or offline, SMTP spools the messages to be resent in the future.

Question 103

What is the function of POP?

Answer 103

After the server has established TCP connection to the server, the POP server sends a greeting.

The client and POP server exchange commands and responses until the connection is aborted.

Question 104

What is the function of IMAP?

Answer 104

IMAP, like POP, receives email messages.

POP differentiates from IMAP by copying the messages and downloading them on to the client application. The original emails are kept on the IMAP server until deleted manually.

Question 105

Hwo are DNS messages formatted?

Answer 105

The DNS server stores different types of resource records that are used to resolve names, These records contain the name, address and type.

When a client makes a DNS query, the server process first looks at its own directory to resolve the name. If it can’t reolve the name, it asks other servers to resolve it.

Once a match is found and returned to the original server, it temporarily stores the numbered address for use in the future.

Question 106

What is the function of DHCP?

Answer 106

When a host connects to a network, the DHCP server receives a request. It then chooses an address from a range of preconfigured addresses called a pool and assigns it to the host.

Question 107

What is FTP?

Answer 107

FTP is File Transfer Protocol. It was developed to allow data transfers between client and server. An FTP Client is an application which is used to push and pull data from an FTP server.

Question 108

What is SMB?

Answer 108

SMB (Server Message Block) Is a client / server request /response file sharing protocol. Servers are allowede to make their own resources available to clients on the network.

Question 109

What are the 3 functions of SMB?

Answer 109

SMB messages:

Start, authenticate and terminate sessions

Controle file and printer access

Allow applications to send or reseive messages from other devices.