Chapter 4 & 5 Flashcards
For any network node to communicate and exchange data with another network node, some way of forwarding packets from the sender to the receiver must exist. This concept is called _______-
reachability
The ICMP router solicitation packet is sent to the all-routers IP multicast address of _____
224.0.0.2
Hackers can use ICMp as part of a _________ to learn about active network addresses and active processes.
reconnaissance process
ICMP type number 0
Echo Reply
ICMP type number 3
Destination unreachable
ICMP type number 5
Redirect
ICMP type number 8
Echo
ICMP type number 9
Router Advertisement
ICMP type number 10
Router Solicitation
ICMP type number 11
Time exceeded
The checksum field provides error detection for the ________ only.
ICMP header
ICMP is a distinct Network layer TCP/IP protocol that has nothing in common with IP. True/False
False
What is the name of the concept that indicates that a path exists between two TCP/IP hosts on an internetwork?
reachability
Which of the following services does ICMp add to basic IP datagram deliver services?
A. improved reliability for datagram delivery
b. reachability analysis support
c. path discovery services
d. delivery error reporting
e. network congestion management
f. network utilization metrics
b. reachability analysis
d. delivery error reporting
e. network Congestion managementeporting
It’s up to the IP host that receives incoming ICMP messages to act on the content of those messages. True or false?
True
Which of the following RFCs describes ICMP?
a. 792
b. 950
c. 1191
d. 1812
a. 792
ping -l
sets the size of the data to send
ping -f
sets the don’t fragment bit
ping -i
sets the TTL value of the TTL field in the IP header
The process of PMTU discovery continues until the ____________ is discovered.
end-to-end minimum MTU size
ICMP reports errors only about IP datagrams. Errors about error messages are not reported. True of False?
True
Which of the following ICMP message types relates to the reachability analysis?
a. Destination Unreachable
b. echo/echo reply
c. redirect
d. Source Quench
b. echo/echo reply
Which of the following ICMp message types reports delivery errors?
a. Destination Unreachable
b. echo/echo reply
c. redirect
d. Source Quench
a. Destination unreachable
Which of the following ICMP message types relates to congestion control?
a. Destination Unreachable
b. echo/echo reply
c. redirect
d. Source Quench
d. source quench
Which of the following ICMP message types relates to route optimization?
a. Destination Unreachable
b. echo/echo reply
c. redirect
d. Source Quench
c. redirect
Which of the following Windows command-line utilities performs connectivity or reachability tests?
a. ping
b. tracert
c. traceroute
d. ipconfig
a. ping
which of the following Windows command-line utilities performs patch discovery tests?
a. ping
b. tracert
c. traceroute
d. ipconfig
b. tracert
What additional functionality does PATHPING provide?
a. reports on all the visted hosts and routers between a sender and a receiver.
b. resolves all possible IP addresses into symbolic names for visted nodes
c. uses the ICMP TRACEROUTE message type
d. test router and link latency
d. tests router and link latency
Which of the following statements best defines the intent of the PMTU process?
a. determines the largest possible MTU in the path between sender and reciever
b. determines the smallest possible MTU in the path between sender and receiver
c. instructs the sender what MTU to use to avoid further fragmentation en route
d. justifies the inclusion of the Don’t Fragment flag in ICMP messages
c. instructs the sender what MTU to use to avoid further fragmentation en route
Which of the following statements best describes a black hole router?
a. a router that discard all incoming traffic
b. a router tat does not support PMTU, but is configured to send Destination Unreachable messages
a router that does not support PMTU, and is configured not to send destination unreachable messages
d. a router that does not support PMTU
c. a router that does not support PMTU and is configured no to send destination unreachable messages
Which of the following accurately represents the default advertising rate for unsolicited ICMP Router Advertisements?
a. every 30 seconds
b. every 60 seconds
c. two to five minutes
d. 7 to 10 minutes
d. 7 to 10 minutes
The ICMP redirection process serves only IP routers, not IP hosts. True or False?
Fales, it only serves hosts
What type of scan occurs when a series of PING requests for a range of IP addresses is performed?
a. port scan
b. protocol scan
c. host probe
d. network mapping
c. host probe
which of the following ICMP Type nubmers identify echo and echo reply messages? Choose all that apply
a. 0
b. 1
c. 3
d. 8
e. 30
a. 0
d. 8
Which of the following ICMP type numbers relate to Router Advertisement and solicitation messages?
a. 8
b. 9
c. 10
d. 11
e. 12
b. 9
c. 10
Which of the following TCP/IP protocols are Transport layer protocols? (choose all that apply)
a. IP
b. TCP
c. UDP
d. FTP
b. TCP
c. UDP
Whereas UDP is a _____________ protocol, TCP is a _________ protocol.
connectionless, connection-oriented
Which of the following services are characteristic of a connection-oriented protocol? (choose all that apply).
a. connection handling
b. delivery guarantees
c. segmentation and reassembly
d. message-level checksum in header
a. connection handling
b. delivery guarentees
d. message level checksum in header
(not 100% sure on this answer)
A connection-oriented protocol creates more overhead than a connectionless protocol. True or False?
true
Connectionless protocols usually run slower than connection-oriented protocols. True or false
false
For connectionless protocols, the application layer protocol or service must provide messages that do no exceed a datagram’s MTU. True of false?
true
Which of the following services does UDP provide? (choose all that apply)
a. segmentation
b. optional header checksum
c. identification of source and destination port addressees
d. explicit transmission of acknowledgment
e. reassembly
b. optional header checksum
c. id of source and destination port addresses
how many bytes are in a UDP header?
a. 8
What range of addresses traditionally defines a well-known port address?
0-1023
What range of addresses corresponds to the registered port numbers?
1024-49151
What range of addresses corresponds to the dynamic port numbers?
49152-65535
Identical UDP and TCP port numbers always map to the same TCP/IP protocol or service. True or False?
false, usually but not always
An acknowlegement is tantamount to a positive response, indicating that a set of data arrived at it’s destination. True or false
True
What does TCP use to track the transfer of data and it’s successful delivery? (choose all that apply)
a. logical connection between peers
b. acknowledgements
c. sequence numbers
d. retry mechanism
b. acknowledgements
c. sequence numbers
what makes TCP preferable for reliable delivery requirements?
a. sequencing
b. error recovery
c. end to end reliability
d. use of the handshake process
c. end to end reliability
The name of the TCP process used to maintain an active connection between peers is called _________
a. TCP startup connection
b. TCP connection termination
c. Keep-alive
d. congestion control
c. keep-alive
How many steps occur in the TCP hanshake process?
Three
Which of the following statements best defines a half-open connection?
a. The handshake process does not end with a final SYN.
b. The handshake process does not end with a final ACK.
c. The handshake process does not end with a final FIN.
d. The handshake process does not end with a final RST
b. the handshake process does not end with a final ACK
TCP keep-alives are enabled by default on Windows 2000 and XP. True or False
false
What is the proper response to a TCP connection termination?
a. Host 1 sends a TCP packet with no data, with FIN and ACK flags set.
b. Host 2 sends a TCP packets with no data, with FIN and ACK flags set.
c. Host 2 sends an ACK to respond, followed by a TCP packet with no data and FIN and ACK flags set.
d. Host 1 returns an ACK response.
d. Host 1 returns an ACK response.
TCP acknowledgments include sequence numbers to indicate what was received. True of false?
False
Which of the following mechanisms is part of TCP’s error-detection and error-recovery capabilities?
a. Sequencing and reassembly
b. retransmission timer
c. explicit acknowledgment
d. Congestion control
b. retransmission timer
the value is the RTO (retransmission timeout)
The current TCP window size is always the greater of what the network and the receiver can handle at any given moment. True or false
true
Where is TCP data stored when it is received?
a. on the receiver’s network interface card
b. inside the TCP window
c. in the TCP buffer area
d. inside the network window
c. in the TCP buffer area
What is the initial size of the TCP congestion window?
a. twice the maximum receiver buffer size
b. twice the MTU size
c. twice the sender’s MSS
d. twice the receiver’s MSS
c. twice the sender’s MSS
What sequence of events signals the TCP Fast recovery process?
a. duplicate ACKs
b. Three sets of duplicate ACKS
c. duplicate FINs
d. three duplicate FINs
b. Three sets of duplicate ACKS
Which of the statements define the edges of the TCP sliding window mechanism? (choose both correct answers)
a. acknowledged data plus the receiver’s window size
b. all data that was received
c. all data pending transmission
d. all data that was acknowleged
a. acknowledged data plus the receiver’s window size
b. all data that was received
not sure on this one…
Which of the following values are valid TCP Flag settings? (choose all that apply)
a. SYN
b. ACK
c. NUL
d. FIN
e. PSH
a. SYN
b. ACK
d. FIN
e. PSH (push
Protocol 17
UDP
Protocol 06
TCP
UDP port 53
DNS
UDP port 161
SNMP
UDP port 69
TFTP
UDP port 520
RIP
UDP port 67 + 68
DHCP
TCP port 53
DNS
TCP port 21
FTP
TCP port 23
Telnet
TCP port 80
HTTP
TCP port 110
POP3
TYPE 0800
IPv4
________is the overloading of the network or a receiver.
congestion
_________is a management method for data transmission used to determine the amount of unacknowledged data that can go out on the wire from any sender
sliding window mechanism
TCP header size
at least 20 bytes
TCP header fields
Source port Destination port sequence number acknowledgment number header length flags Window size TCP checksum Urgent point TCP options
TCP flags field settings
URG ACK PSH reset SYN FIN
ICMP fields
Type
Code
Checksum
______means to point out another path.
redirect
The route a packet can take through the network.
path
