Chapter 2: The OSI Model and Networking Protocols

Question 1

Physical (Layer 1)

Device: Hub

Answer 1

Physical (Layer 1): Defines the physical structure of the network and the topology

Question 2

Data Link (Layer 2)
Device: Wireless Bridge, Switch, NIC, AP

Answer 2

Provides error detection and correction; Media Access Control (MAC) and Logical Link Control (LLC) layers; Identifies the method by which media are accessed; Defines hardware addressing through the MAC sublayer.

Question 3

Network (Layer 3)

Device: Switch or Router

Answer 3

Handles the discovery of destination systems and addressing. Provides the mechanism by which data can be passed and routed from one network system to another.

Question 4

Transport (Layer 4)

Answer 4

Provides connection services between the sending and receiving devices and ensures reliable data delivery. Manages flow control through buffering or windowing. Provides segmentation, error checking and service identification.

Question 5

Session (Layer 5)

Answer 5

Synchronizes the data exchange between applications on separate devices

Question 6

Presentation (Layer 6)

Answer 6

Translates data from the format used by applications into one that can be transmitted across the network. Handles encryption and decryption of data. Provides compression and decompression functionality. Formats data from the application layer into a format that can be sent over the network.

Question 7

Application (Layer 7)

Answer 7

Provides access to the network for applications

Question 8

Dynamic Host Configuration Protocol (DHCP)

Answer 8

Enables a range of IP addresses to be defined on a system running a DHCP server application; Protocol dependent NOT platform dependent; Can provide DNS suffixes to clients

Question 9

Scopes

Answer 9

A range of IP addresses

Question 10

Leases

Answer 10

The predetermined amount of time of the address that the server assigns from the scope to the client

Question 11

Reservations

Answer 11

A specific address configured by DHCP to a client, as opposed to a random one from the scope; Guarantees the same IP address

Question 12

DHCP Relays

Answer 12

An agent on the router that acts as a go-between for clients and the server; Useful when working with clients on different subnets since a client cannot communicate directly with the server until it has the IP configuration information assigned to it

Question 13

Domain Name Service (DNS)

Answer 13

Resolves host names to IP addresses; Platform independent; Default port 53

Question 14

Resolvers or DNS Clients (DDNS)

Answer 14

Systems that ask DNS servers for a hostname-to-IP address mapping

Question 15

Dynamic DNS (DDNS)

Answer 15

A newer system that enables hosts to be dynamically registered with the DNS server

Question 16

DNS namespace

Answer 16

Logical divisions hierarchically organized; Top levels are domains (e.g. .com and .edu) as well as domains for countries (e.g. .uk and .de); Below the top level are subdomains or second-level domains associated with organizations or commercial companies (e.g. Microsoft); Within these domains, hosts or other subdomains can be assigned

Question 17

Fully Qualified Domain Name (FQDN)

Answer 17

The domain name, along with any subdomains, because it includes all the components from the top of the DNS namespace to the host

Question 18

Reverse lookup

Answer 18

When DNS performs IP address-to-hostname resolution (as opposed to DNS resolving hostnames to IP addresses) using pointer (PTR) records

Question 19

DNS Records - Pg. 61
A
MX
AAAA
CNAME
PTR

Answer 19

IPv4 Address (A): Stores info for IPv4 (32-bit) addresses, most commonly used to map hostnames to an IP address for a host.

IPv6 Address (AAAA): Stores info for IPv6 (128-bit) addresses, most commonly sed to map hostnames to an IP address for a host.

Mail Exchange (MX): Stores info about where mail for the domain should be delivered

Canonical Name (CNAME): Stores additional hostnames, or aliases, for hosts in the domain. A CNAME specifies an alias or nickname for a canonical hostname record in a Domain Name Service (DNS) database. CNAME records give a single computer multiple names (aliases)

Pointer (PTR): A pointer to the canonical name, which is used to perform a reverse DNS lookup, in which case the name is returned when the query originates with an IP address.

Question 20

Simple Network Management Protocol (SNMP)

Default Port 161

Answer 20

SNMP enables network devices to communicate information about their state to a central system (manager). It also enables the central system to pass configuration parameters to the devices.

SNMP is a protocol that facilitates network management functionality. It is not, in itself, a network management system (NMS), simply the protocol that makes NMS possible.

Question 21

Network Management System (NMS)

Answer 21

Software run on a computer with SNMP management system; Can monitor all devices on a network, including switches, hubs, routers, servers, and printers, as well as any device that supports SNMP, from a single location.

Question 22

SNMP Agent

Answer 22

Any device that can run a small software component that facilitates communication with an SNMP manager. SNMP agent functionality is supported by almost any device designed to be connected to a network.

Question 23

Management Information Bases (MIBs)

Answer 23

Databases of information that SNMP uses to define what parameters are accessible, which of the parameters are read-only, and which can be set. MIB creation controlled by the International Organization for Standardization (ISO).

Question 24

SNMP Communities

Answer 24

Logical groupings of systems

Question 25

SNMPv3

Answer 25

Support authentication and encryption unlike SNMPv1 and SNMPv2

Question 26

Internet Protocol (IP)
Connectionless

Answer 26

Protocol used to transport data from one node on a network to another; Operates at the network layer of the OSI model; Performs fragmentation and reassembly tasks for network transmissions; Maximum transmission unit (MTU) size is limited in IP.

Question 27

Transmission Control Protocol (TCP)

Connection-Oriented

Answer 27

TCP provides reliability to IP communications; Adds features such as flow control, sequencing, and error detection and correction. Higher level applications that need guaranteed delivery use TCP rather than the connectionless UDP. TCP operates at the transport layer of the OSI model. Three way handshake (SYN -> SYN ACK -> ACK)

Question 28

User Datagram Protocol (UDP)

Answer 28

“Fire-and-forget” protocol; UDP operates at the transport layer of the OSI model; No session established between sending and receiving hosts, but also much lower overhead

Question 29

File Transfer Protocol (FTP)

Answer 29

Provides for the uploading and downloading of files from a remote host running FTP server software; Allows you to view the content of folders on an FTP server and rename and delete files and directories if you have the necessary permissions. Uses TCP as a transport protocol to guarantee delivery of packets. Application layer protocol

Question 30

Secure File Transfer Protocol (SFTP)

Answer 30

Provides robust authentication between sender and receiver; Implemented through client and server software available for all commonly used computing platforms

Question 31

Trivial File Transfer Protocol (TFTP)

Default port 69

Answer 31

Associated with simple downloads (firmware to a device like a router and booting diskless workstations); No security capability or directory navigation; Uses UDP; Application layer protocol; Connectionless file transfer method

Question 32

Simple Mail Transfer Protocol (SMTP)

Default port 25

Answer 32

Defines how mail messages are sent between hosts; Uses TCP; Send and receive mail

Question 33

Hypertext Transfer Protocol (HTTP)

Default port 80

Answer 33

Protocol that enables text, graphics, multimedia, and other material to be downloaded from an HTTP server.; Connection oriented using TCP as a transport protocol

Question 34

Hypertext Transfer Protocol Secure (HTTPS)

Default port 443

Answer 34

Uses SSL which encrypts the information sent between the client and host

Question 35

Post Office Protocol Version 3 (POP3)/Internet Message Access Protocol Version 4 (IMAP4)

Answer 35

Mechanisms for downloading or pulling email from a server; Storing emails since users cannot always immediately read; IMAP4 has an authentication system while POP3 has a clear text passwrod

Question 36

Telnet

Answer 36

Virtual terminal protocol; Enables sessions to be opened on a remote host and then commands can be executed on that remote host; Not secure so must use SSH; Used to access UNIX and Linux systems

Question 37

Secure Shell (SSH)

Answer 37

Provides security by encrypting data as it travels between systems, making it difficult for hackers using packet sniffers and other traffic-detection systems; SSH2 is more secure and the two are incompatible; Implementations of SSH are available for all computing platforms

Question 38

Internet Control Message Protocol (ICMP)

Answer 38

Works with the IP layer to provide error checking and reporting functionality; Ping utility, which sends a stream of ICMP echo requests to a remote host; ICMP can return error messages such as “Destination unreachable” and “Time exceeded”; Source quench

Question 39

Address Resolution Protocol (ARP)/Reverse Address Resolution Protocol

ExamAlert: ARP links IP addressing to Ethernet addressing (MAC addressing)

Answer 39

Resolving IP addresses to MAC addresses; ARP cache is a table on the local system that stores mappings between data link layer addresses (MAC/physical addresses) and network layer addresses (IP addresses)

Commonly Used ARP Command Switches

• a: Displays the entries in the ARP cache
• s: Manually adds a permanent entry to the ARP cache
• d: Deletes an entry from the ARP cache

Question 40

Network Time Protocol (NTP)

Answer 40

Part of the TCP/IP protocol suite that facilitates the communication of time between systems.

Question 41

Lightweight Directory Access Protocol (LDAP)

Answer 41

A protocol that provides a mechanism to access and query directory services systems.

Question 42

Internet Group Management Protocol (IGMP)

Answer 42

Protocol within the TCP/IP protocol suite that manages multicast groups. Used to register devices into a multicast group as well as to discover what other devices on the network are members of the same multicast group.

Question 43

Transport Layer Security (TLS)

Answer 43

Security protocol designed to ensure privacy between communicating client/server applications. TLS is the successor to SSL

TLS Record Protocol: Uses a reliable transport protocol such as TCP and ensures that the connection made between systems is private using data encryption

TLS Handshake Protocol: Used for authentication between the client and server

Question 44

Session Initiation Protocol (SIP)/Real-Tim Transport Protocol (RTP)
Default ports 5060 and 5061

Answer 44

SIP operates at the application layer of the OSI model and used to maintain a multimedia session

RTP is used to transport real-time data and is often used with VoIP; UDP used more often

Question 45

Remote Desktop Protocol (RDP)

Default port 3389

Answer 45

Used by a Windows environment for remote connections; Does not send data, only screenshots and client keystrokes

Question 46

Server Message Block (SMB)

Default port 445

Answer 46

Used on a network for providing access to resources such as files, printers, ports, and so on running on Windows