Chapter 4 & 5 Flashcards

Question 1

Q

For any network node to communicate and exchange data with another network node, some way of forwarding packets from the sender to the receiver must exist. This concept is called _______-

Answer

A

reachability

Question 2

Q

The ICMP router solicitation packet is sent to the all-routers IP multicast address of _____

Answer

A

224.0.0.2

Question 3

Q

Hackers can use ICMp as part of a _________ to learn about active network addresses and active processes.

Answer

A

reconnaissance process

Question 4

Q

ICMP type number 0

Answer

A

Echo Reply

Question 5

Q

ICMP type number 3

Answer

A

Destination unreachable

Question 6

Q

ICMP type number 5

Question 7

Q

ICMP type number 8

Question 8

Q

ICMP type number 9

Answer

A

Router Advertisement

Question 9

Q

ICMP type number 10

Answer

A

Router Solicitation

Question 10

Q

ICMP type number 11

Answer

A

Time exceeded

Question 11

Q

The checksum field provides error detection for the ________ only.

Answer

A

ICMP header

Question 12

Q

ICMP is a distinct Network layer TCP/IP protocol that has nothing in common with IP. True/False

Question 13

Q

What is the name of the concept that indicates that a path exists between two TCP/IP hosts on an internetwork?

Answer

A

reachability

Question 14

Q

Which of the following services does ICMp add to basic IP datagram deliver services?
A. improved reliability for datagram delivery
b. reachability analysis support
c. path discovery services
d. delivery error reporting
e. network congestion management
f. network utilization metrics

Answer

A

b. reachability analysis
d. delivery error reporting
e. network Congestion managementeporting

Question 15

Q

It’s up to the IP host that receives incoming ICMP messages to act on the content of those messages. True or false?

Question 16

Q

Which of the following RFCs describes ICMP?

a. 792
b. 950
c. 1191
d. 1812

Question 17

Q

ping -l

Answer

A

sets the size of the data to send

Question 18

Q

ping -f

Answer

A

sets the don’t fragment bit

Question 19

Q

ping -i

Answer

A

sets the TTL value of the TTL field in the IP header

Question 20

Q

The process of PMTU discovery continues until the ____________ is discovered.

Answer

A

end-to-end minimum MTU size

Question 21

Q

ICMP reports errors only about IP datagrams. Errors about error messages are not reported. True of False?

Question 22

Q

Which of the following ICMP message types relates to the reachability analysis?

a. Destination Unreachable
b. echo/echo reply
c. redirect
d. Source Quench

Answer

A

b. echo/echo reply

Question 23

Q

Which of the following ICMp message types reports delivery errors?

a. Destination Unreachable
b. echo/echo reply
c. redirect
d. Source Quench

Answer

A

a. Destination unreachable

Question 24

Q

Which of the following ICMP message types relates to congestion control?

a. Destination Unreachable
b. echo/echo reply
c. redirect
d. Source Quench

Answer

A

d. source quench

Question 25

Q

Which of the following ICMP message types relates to route optimization?

a. Destination Unreachable
b. echo/echo reply
c. redirect
d. Source Quench

Answer

A

c. redirect

Question 26

Q

Which of the following Windows command-line utilities performs connectivity or reachability tests?

a. ping
b. tracert
c. traceroute
d. ipconfig

Question 27

Q

which of the following Windows command-line utilities performs patch discovery tests?

a. ping
b. tracert
c. traceroute
d. ipconfig

Answer

A

b. tracert

Question 28

Q

What additional functionality does PATHPING provide?

a. reports on all the visted hosts and routers between a sender and a receiver.
b. resolves all possible IP addresses into symbolic names for visted nodes
c. uses the ICMP TRACEROUTE message type
d. test router and link latency

Answer

A

d. tests router and link latency

Question 29

Q

Which of the following statements best defines the intent of the PMTU process?

a. determines the largest possible MTU in the path between sender and reciever
b. determines the smallest possible MTU in the path between sender and receiver
c. instructs the sender what MTU to use to avoid further fragmentation en route
d. justifies the inclusion of the Don’t Fragment flag in ICMP messages

Answer

A

c. instructs the sender what MTU to use to avoid further fragmentation en route

Question 30

Q

Which of the following statements best describes a black hole router?
a. a router that discard all incoming traffic
b. a router tat does not support PMTU, but is configured to send Destination Unreachable messages
a router that does not support PMTU, and is configured not to send destination unreachable messages
d. a router that does not support PMTU

Answer

A

c. a router that does not support PMTU and is configured no to send destination unreachable messages

Question 31

Q

Which of the following accurately represents the default advertising rate for unsolicited ICMP Router Advertisements?

a. every 30 seconds
b. every 60 seconds
c. two to five minutes
d. 7 to 10 minutes

Answer

A

d. 7 to 10 minutes

Question 32

Q

The ICMP redirection process serves only IP routers, not IP hosts. True or False?

Answer

A

Fales, it only serves hosts

Question 33

Q

What type of scan occurs when a series of PING requests for a range of IP addresses is performed?

a. port scan
b. protocol scan
c. host probe
d. network mapping

Answer

A

c. host probe

Question 34

Q

which of the following ICMP Type nubmers identify echo and echo reply messages? Choose all that apply

a. 0
b. 1
c. 3
d. 8
e. 30

Question 35

Q

Which of the following ICMP type numbers relate to Router Advertisement and solicitation messages?

a. 8
b. 9
c. 10
d. 11
e. 12

Answer

A

b. 9

c. 10

Question 36

Q

Which of the following TCP/IP protocols are Transport layer protocols? (choose all that apply)

a. IP
b. TCP
c. UDP
d. FTP

Answer

A

b. TCP

c. UDP

Question 37

Q

Whereas UDP is a _____________ protocol, TCP is a _________ protocol.

Answer

A

connectionless, connection-oriented

Question 38

Q

Which of the following services are characteristic of a connection-oriented protocol? (choose all that apply).

a. connection handling
b. delivery guarantees
c. segmentation and reassembly
d. message-level checksum in header

Answer

A

a. connection handling
b. delivery guarentees
d. message level checksum in header

(not 100% sure on this answer)

Question 39

Q

A connection-oriented protocol creates more overhead than a connectionless protocol. True or False?

Question 40

Q

Connectionless protocols usually run slower than connection-oriented protocols. True or false

Question 41

Q

For connectionless protocols, the application layer protocol or service must provide messages that do no exceed a datagram’s MTU. True of false?

Question 42

Q

Which of the following services does UDP provide? (choose all that apply)

a. segmentation
b. optional header checksum
c. identification of source and destination port addressees
d. explicit transmission of acknowledgment
e. reassembly

Answer

A

b. optional header checksum

c. id of source and destination port addresses

Question 43

Q

how many bytes are in a UDP header?

Question 44

Q

What range of addresses traditionally defines a well-known port address?

Question 45

Q

What range of addresses corresponds to the registered port numbers?

Answer

A

1024-49151

Question 46

Q

What range of addresses corresponds to the dynamic port numbers?

Answer

A

49152-65535

Question 47

Q

Identical UDP and TCP port numbers always map to the same TCP/IP protocol or service. True or False?

Answer

A

false, usually but not always

Question 48

Q

An acknowlegement is tantamount to a positive response, indicating that a set of data arrived at it’s destination. True or false

Question 49

Q

What does TCP use to track the transfer of data and it’s successful delivery? (choose all that apply)

a. logical connection between peers
b. acknowledgements
c. sequence numbers
d. retry mechanism

Answer

A

b. acknowledgements

c. sequence numbers

Question 50

Q

what makes TCP preferable for reliable delivery requirements?

a. sequencing
b. error recovery
c. end to end reliability
d. use of the handshake process

Answer

A

c. end to end reliability

Question 51

Q

The name of the TCP process used to maintain an active connection between peers is called _________

a. TCP startup connection
b. TCP connection termination
c. Keep-alive
d. congestion control

Answer

A

c. keep-alive

Question 52

Q

How many steps occur in the TCP hanshake process?

Question 53

Q

Which of the following statements best defines a half-open connection?

a. The handshake process does not end with a final SYN.
b. The handshake process does not end with a final ACK.
c. The handshake process does not end with a final FIN.
d. The handshake process does not end with a final RST

Answer

A

b. the handshake process does not end with a final ACK

Question 54

Q

TCP keep-alives are enabled by default on Windows 2000 and XP. True or False

Question 55

Q

What is the proper response to a TCP connection termination?

a. Host 1 sends a TCP packet with no data, with FIN and ACK flags set.
b. Host 2 sends a TCP packets with no data, with FIN and ACK flags set.
c. Host 2 sends an ACK to respond, followed by a TCP packet with no data and FIN and ACK flags set.
d. Host 1 returns an ACK response.

Answer

A

d. Host 1 returns an ACK response.

Question 56

Q

TCP acknowledgments include sequence numbers to indicate what was received. True of false?

Question 57

Q

Which of the following mechanisms is part of TCP’s error-detection and error-recovery capabilities?

a. Sequencing and reassembly
b. retransmission timer
c. explicit acknowledgment
d. Congestion control

Answer

A

b. retransmission timer

the value is the RTO (retransmission timeout)

Question 58

Q

The current TCP window size is always the greater of what the network and the receiver can handle at any given moment. True or false

Question 59

Q

Where is TCP data stored when it is received?

a. on the receiver’s network interface card
b. inside the TCP window
c. in the TCP buffer area
d. inside the network window

Answer

A

c. in the TCP buffer area

Question 60

Q

What is the initial size of the TCP congestion window?

a. twice the maximum receiver buffer size
b. twice the MTU size
c. twice the sender’s MSS
d. twice the receiver’s MSS

Answer

A

c. twice the sender’s MSS

Question 61

Q

What sequence of events signals the TCP Fast recovery process?

a. duplicate ACKs
b. Three sets of duplicate ACKS
c. duplicate FINs
d. three duplicate FINs

Answer

A

b. Three sets of duplicate ACKS

Question 62

Q

Which of the statements define the edges of the TCP sliding window mechanism? (choose both correct answers)

a. acknowledged data plus the receiver’s window size
b. all data that was received
c. all data pending transmission
d. all data that was acknowleged

Answer

A

a. acknowledged data plus the receiver’s window size
b. all data that was received

not sure on this one…

Question 63

Q

Which of the following values are valid TCP Flag settings? (choose all that apply)

a. SYN
b. ACK
c. NUL
d. FIN
e. PSH

Answer

A

a. SYN
b. ACK
d. FIN
e. PSH (push

Question 64

Q

Protocol 17

Answer 46

A

congestion

Answer 47

A

sliding window mechanism

Answer 48

A

at least 20 bytes

Answer 49

A

Source port 
Destination port
sequence number
acknowledgment number
header length
flags
Window size
TCP checksum
Urgent point
TCP options

Answer 50

A

URG
ACK
PSH
reset
SYN
FIN

Answer 51

A

Type
Code
Checksum

Brainscape's Knowledge GenomeTM

Chapter 4 & 5 Flashcards

Brainscape's Knowledge Genome^TM