Application Layer Protocols PE

Question 1

_____ is an application layer protocol that was designed to communicate between web browsers and web servers using transport layer security.

Answer 1

HTTPS

Question 2

Ports ___ and __ are utilized by FTP? (Format: “__ and __”)

Answer 2

20 and 21

Question 3

On a network you own, clients cannot enter the network. You are told that the DHCP IP pool is exhausted, and you do not want to increase the pool or create a new one. Which of the following is the best solution to your issue?

Answer 3

reduce the DHCP lease time

Question 4

What protocol would you see in use for retrieving emails, if the protocol allows you to access the emails on the server from multiple devices at a time?

Answer 4

IMAP

Question 5

What application layer protocol is used to access remote computers, via the command line, over the Internet, but not in a secure manner?

Answer 5

telnet

Question 6

_______ is a client/server protocol used to access and manage directory information.

Answer 6

LDAP

Question 7

Which protocol uses Transport Layer Security (TLS) to encrypt data between a web browser and a website?

Answer 7

HTTPS

Question 8

What are the two modes of FTP?
(Format: “__ and __”)

Answer 8

active and passive

Question 9

Your email client and your mail server use what protocol to move your email on and across networks?

Answer 9

SMTP

Question 10

When you see port 23 in use for traffic in your network, it indicates that what protocol is being utilized?

Answer 10

telnet

Question 11

What part of the FQDN refers to the “maps” in www.maps.google.com?

Answer 11

subdomain

Question 12

File transfers, assuming they occur solely in your private network, likely employ what port number(s) for communicating to the associated server?

Answer 12

69

Question 13

When looking at a list of FQDNs, what are some common TLDs that you would see? (Provide one)

Answer 13

.org

Question 14

What is the default port for HTTP communication?

Answer 14

port 80

Question 15

HTTPS makes it possible for website users to safely transmit sensitive data over the internet. T or F

Answer 15

True

Question 16

Which port is used, by default, to connect to a remote host via the command line, specifically in a secure manner?

Answer 16

SSH, port 22

Question 17

You are a security engineer for your unit, in charge of protecting your network from external threats. Your goal is to air-gap your network in order to prevent all traffic from leaving your internal network, as well as any external traffic from coming in.

Which of the following protocols could you expect to be used in your internal network AFTER you have successfully air-gapped your network?

Answer 17

UDP 69

Question 18

You are looking at your unit’s traffic to a web server to ensure that the proper websites are blocked. One of your soldiers tried to access “amazon.com” to purchase some amazing CBTC swag to remember their time at the schoolhouse.

While understandable, this is not allowed, and you have your network security configured to block traffic going to that website. Assuming you have the ability to filter the traffic by port numbers, what port would you use to see traffic bound for “https://www.amazon.com?”

Answer 18

port 443

Question 19

What is the characteristic of HTTP that requires HTTP Requests to contain enough information on their own, in order for the client to receive the response they want?

Answer 19

stateless

Question 20

IMAP4 is utilized for client-to-server communication, NOT server-to-server. T or F

Answer 20

True

Question 21

What type of query involves the DNS Recursive Resolver contacting the Root nameserver, TLD nameserver, and Authoritative name server individually (and in that order), to find the resolution to a client’s query?

Answer 21

Iterative

Question 22

What is maintained by the client’s OS, and holds records of all the recent visits to websites>

Answer 22

DNS cache

Question 23

If you notice that your unit utilizes port 23 when they remotely connect to infrastructure at another unit, what port should you recommend they use instead?

Answer 23

port 22

Question 24

How many DHCP messages are used in the IP allocation process?

Answer 24

4

Question 25

When used OUTSIDE of Microsoft-based networks, what transport layer protocol would be used in conjunction with port 389 for directory database management?

Answer 25

TCP

Question 26

When looking at ports that are being used over a network, which two ports would you see if the network nodes use SNMP to relay information?
(Format: “__ and __”)

Answer 26

161 and 162

Question 27

This application layer protocol is used by email clients to retrieve email from the mail server, where the emails are stored on the individual hosts.

Answer 27

pop3

Question 28

What protocol uses UDP to transfer files from a client to a server?

Answer 28

TFTP

Question 29

Through the use of ___, SMTP traffic is able to encode photo attachments into a friendly format to be transferred to other SMTP servers.

Answer 29

MIME (multipurpose internet mail extensions)

Question 30

Your MAN has multple routers within its private network, with 2 routers that act as an egress point for traffic flow to the Internet.
If one of these routers breaks, and becomes unoperational, what protocol would be used to report the traffic bottleneck that this situation created?

Answer 30

SNMP

Question 31

What protocol, used during the DHCP IP allocation process, ensures that no other devices on the network share the IP that a DHCP server has offered to a computer?

Answer 31

ARP

Question 32

What DHCP message is sent as a broadcast to find the DHCP Server?

Answer 32

discover

Question 33

Your unit works closely with another unit for a particular mission. In order to access the databases on their separate network, they have given you the IP of a node in their network, that you can remotely connect to in order to securely query their data repository.

What command would you input into the terminal in order to remotely connect to the node 150.76.10.13, assuming they provided you with the following login information
Username: supersecureconnect
Password: Reallygoodpassword

Answer 33

ssh supersecureconnect@150.76.10.13

Question 34

When collecting information on an adversary’s network, you notice that they have an internal DNS server that is used to manage their databases.

Assuming you already knew the IPs/Hostnames associated, what record type could you try to find if you wanted any additional notes about what these servers do, or other administrative comments?

Answer 34

txt