Chapter 3 - Basic Networking and Communications

Question 1

What are the 7 layers of the OSI model?

Answer 1

Application
Presentation
Session

Transport
Network
Data Link
Physical

Question 2

Which layer is responsible for identifying and establishing the availability of communication partners?

Answer 2

Layer 7 - Application Layer

Layer 7 provides an interface for information to be sent down the stack.

Question 3

Which layer is data standardised for transport?

Answer 3

Layer 6 - Presentation Layer

Question 4

Which layer does data compression, decompression, encryption and decryption associated with?

Answer 4

Layer 6 - Presentation Layer

Question 5

Which layer is responsible for setting up and managing sessions between presentation layer entities allowing multiple applications to be open at the same time?

Answer 5

Layer 5 - Session Layer

Question 6

Which layer is responsible for segmentation and reassembly of data?

Answer 6

Layer 4 - Transport Layer

Question 7

Which layer is responsible for TCP/UDP?

Answer 7

Layer 4 - Transport Layer

Question 8

What is Transport Layer Multiplexing and de-Multiplexing?

Answer 8

The gathering of chunks of data from different sockets which are then encapsulated with transport layer headers.

Transport layer headers contains information such as source/destination port.

This labelling systems allows data to be sent via a single data stream.

de-Multiplexing reverses this, taking a single data stream and ensures packets are sent to the correct ports.

Question 9

What is Transport Layer Flow Control?

Answer 9

Provides a governance on the amount of data sent by the sender.

Flow control ensures that recipient is not receiving too much data which can overflow its buffer and result in data loss.

Delivered segments are acknowledged back to the sender upon receipt.

Once acknowledgements are received, the sender can continue with sending data.

If the sender acknowledges that it is close to its buffer capacity, it sends a “not ready” indicator to halt data transfer.

Question 10

What is Transport Layer Windowing?

Answer 10

The transport layer windows defines how much data can be sent before needing an acknowledgement.

Sending one packet at a time with a single acknowledgement will be cumbersome.

A defined window size of ‘n’ will allow the sender to send ‘n’ amount of data before needing to receive an “received acknowledgement”

‘n’ could be changed depending on whether speed needs to be increased or slowed down based on the rate of successful delivery.

Question 11

What is Transport Layer “Positive Acknowledgement with Retransmission”?

Answer 11

When a segment is sent to the receiving host, the sender starts a timer and if this time expires prior to the sender receiving an acknowledgement message from the receiver then the data segment is transmitted again.

Absence of acknowledgment message suggests that data was not received.

Question 12

Which layer manages “local device addressing” tracking the location of each of the device within the network and determining the best way to move data along the network?

Answer 12

Layer 3 - Network Layer

Question 13

What are Layer 3 “Route Information Protocols”?

Answer 13

RIP packet are used to update routers about changes to a network such as addition/removal of devices.

RIP packets are used to update routing tables on each router.

Question 14

Are Network Addresses protocol specific?

Answer 14

Yes - Ipv6 and Ipv6 are different addressing schemes and thus routing tables must be maintained dependent on the addressing scheme used.

Question 15

What are layer 3 ‘Routing Metrics’?

Answer 15

Routing metrics are used by routers to determine the best route among different routing routes.

Question 16

Which layer is responsible for the physical transmission of data, network topology and flow control?

Answer 16

Layer 2 - Data Link Layer

Question 17

Which layer does MAC address operate in?

Answer 17

Layer 2 - Data Link Layer

Also adds information such as source and destination MAC address

Question 18

What does the Logical Link Control (LLC) responsible for?

Answer 18

Enables the “Multiplexing” mechanism

Question 19

What layer does bits send and arrive in the form of electrical signals, light signals etc?

Answer 19

Layer 1 - Physical Layer

Question 20

What are network “backbone” and “segments”

Answer 20

Networks are segmented and typically connected to a fast and highly-reliable backbone.

Network segments are any small section of the network which are connected but are not part of the network backbone.

Question 21

What are network collisions?

Answer 21

Network collisions occur when two or more network nodes attempt to send data simultaneously which can result in loss of data during transmission.

Question 22

What is CSMA/CD relating to collision avoidance?

Answer 22

In CSMA/CS network devices can detect when collisions occur and sends out a message to let other devices know that a collision has occurred, each device then waits a random amount of time prior to resending.

CD = Collision Detection

Question 23

What is the difference between full-duplex and half-duplex wires?

Answer 23

Full duplex wires uses two sets of wires - one for sending, one for receiving data.

Half duplex wires has one set of wires which is used for both sending and receiving which allows collisions to occur.

Question 24

What is CSMA/CA relating to collision avoidance?

Answer 24

CSMA/CA listens to the network prior to transmission of data.

If devices are transmitting, they wait a random number of time before listening again for any ongoing transmissions.

CSMA/CA also supports Request to Send (RTS) and Clear to Send (CTS) traffic messages.

Question 25

What are the 4 steps in DHCP host configuration?

Answer 25

1. DHCP Discovery
   - Client broadcasts a message looking for a DHCP server
2. DHCP Offer
   - Server offers a client an IP address, subnet mask and IP address of DHCP server making the offer
3. DHCP Request
   - Client accepts DHCP offered IP address
4. DHCP Ack
   - DHCP server responds to the client with a ‘DHCP Ack’ message
   - Once received, the client configures itself using the information provided by DHCP server

Question 26

What does ARP message do?

Answer 26

ARP resolved IP address to MAC address.

• The message is essentially “I have this IP address, if you have it tell me your MAC address”

rARP does the reverse.

Question 27

What does NDP message do?

Answer 27

Network Discovery Protocol (NDP) - does what ARP does but for IPv6.

ARP = IPv4

NDP = IPv6

Question 28

What port does DNS use?

Answer 28

Client > DNS uses UDP 53

DNS > DNS servers TCP 53

Question 29

What port does DHCP use?

Answer 29

UDP 67 to send

UDP 68 to receive

Question 30

What is used to validate DNS response to ensure data integrity?

Answer 30

DNSSEC

Question 31

What are Internet Control Messaging Protocol (ICMP) packets used for?

Answer 31

ICMP packets are used for network diagnostics such as ping, pathping, tracecert etc.

Can be blocked by firewalls due to potential DDos avenues.

Question 32

What are Internet Group Messaging Protocol (IGMP) packets used for?

Answer 32

IGMP is used for Ipv4 Multicasting

Question 33

What are Simple Network Management Protocol (SNMP) used for?

Answer 33

SNMP is used for managing layer 3 devices.

Nodes running SNMP sends errors and other notifications back to the central SNMP managing software.

SNMP can also be used to configure devices remotely.

SNMP is commonly confined to internal networks.

Question 34

What ports does SNMP use?

Answer 34

Receives via UDP 161

Sends via UDP 162

TLS encrypted uses UDP 10161 and UDP 10162

Question 35

What port does FTP use?

Answer 35

TCP 20 and TCP 21

FTP supports authentication but data is sent in plaintext

Question 36

What port does TFTP use?

Answer 36

TFTP uses UDP 69

Used to transfer small files such as configuration files between network devices

Question 37

What is the difference between SFTP and FTP?

Answer 37

SFTP is encrypted using SSH

Question 38

What port does Telnet use?

Answer 38

TCP 23

Question 39

What port does SSH use?

Answer 39

TCP 22

SSH supports client and server authentication

Question 40

What port does Telnet use?

Answer 40

TCP 23

Question 41

What port does SSH use?

Answer 41

TCP 22

Question 42

What port does HTTP use?

Answer 42

TCP 80

Question 43

What port does HTTPS use?

Answer 43

TCP 443

Question 44

What are routing protocols?

Answer 44

Routing protocols identify the best path for data to use when traversing through a network.

Routing Information Protocol (RIP)
- Does not scale well as it generated a lot of traffic
- Easy to configure and works well in small networks

Open Shortest Path First (OSPF)
- Scales well in larger networks
- Takes longer to set up than RIP

Question 45

What are the three most popular email protocols?

Answer 45

SMTP
POP3
IMAP4

Question 46

What port does SMTP use?

Answer 46

Port 25

Port 465 with TLS

Question 47

What port does POP3 use?

Answer 47

Port 110

Port 995 with TLS

Question 48

What port does IMAP4 use?

Answer 48

Port 143

port 993 with TLS

Question 49

What is IPsec?

Answer 49

IPsec secures internet protocol data by providing authentication and encryption.

It provides a way to provide a way to secure data communication over unsecured networks.

IPsec can be used as a tunneling protocol.

Question 50

What is IPsec Authentication Header (AH)?

Answer 50

Authentication header is created from the hash of the data packet with additional authentication data.

This hash is encrypted and this provides authentication and integrity.

Protocol 51

Question 51

What is IPsec Encapsulating Security Protocol (ESP)?

Answer 51

ESP is similar to AH but is identified using Protocol 50

Question 52

What are Tunneling Protocols?

Answer 52

Tunneling Protocols encapsulate data along with encrypting the encapsulated data.

Point-to-Point Tunneling Protocol (PTPP) uses TCP 1723

Layer 2 Tunneling Protocol (L2TP) uses UDP 1701

TLS is an example of a tunneling protocol

Question 53

What is an organization’s Extranet?

Answer 53

Network shared between an organization and their trusted 3rd parties.

Question 54

What are Link Local Addresses? (LLA)

Answer 54

A small range of IP addresses assigned automatically to clients when clients do not receive an IP address from the DHCP server.

LLA data can only pass within its own subnet - cannot traverse routers.

Question 55

What is Network Address Translation (NAT)?

Answer 55

NAT allows a client to access the public internet without the need of an assigned public IP.

For large organizations this will be a proxy server.

For home/small networks the NAT will be the router.

NAT can be assigned static or dynamic

Question 56

What is One-Way trust model?

Answer 56

Data is trusted to go one way only.

Question 57

What is a Two-Way trust model?

Answer 57

Data is trusted to go both ways bi-directionally.

Question 58

What is Transitive trust model?

Answer 58

A <>B

B<>C

Which in turns allow data flow between A <> C but this is not automatic and needs to be authorized.

Question 59

What is a RADIUS server?

Answer 59

A RADIUS server provides AAA for clients trying to access a protected source such as a network endpoint.

Endpoints such as Wi-Fi, VPN or applications.

Question 60

What is the preferred method of securing wireless communication?

Answer 60

WPA2 with CCMP

Question 61

What are the different types of bluetooth attacks?

Answer 61

BlueSnarfing: Unsolicited access to device data through bluetooth

BlueBugging: Unsolicited commands in a device through bluetooth

BlueJacking: Unsolicited messages/notifications through bluetooth

Question 62

What is WiMax?

Answer 62

WiMax provides broadband coverage to large/metropolitan areas.