Chapter 9: TCP/IP Applications

Question 1

Session

Answer 1

A logical stream of data flowing between two programs over a network.

Question 2

Transmission Control Protocol (TCP)

Answer 2

• Enables connection-oriented communication in networks that use the TCP/IP protocol suite.
• Most common type of session

Question 3

TCP Three-Way Handshake

Answer 3

A three-packet conversation between TCP hosts to establish and start a data transfer session.

Question 4

User Datagram Protocol (UDP)

Answer 4

Used for the type of sessions that don’t require the overhead of connection-oriented traffic.

Question 5

Port and Session Type of DHCP

Answer 5

Port 67 (server) and port 68 (client)
UDP

Question 6

Network Time Protocol (NTP)

Answer 6

Synchronizes the clocks of devices on a network.

UDP port 123

Question 7

Trivial File Transfer Protocol (TFTP)

Answer 7

Enables you to transfer files from one machine to another.

UDP port 69

Question 8

Internet Control Message Protocol (ICMP)

Answer 8

• Used to handle many low level functions such as error reporting.
• Usually request and response pairs

Question 9

What kind of packets does ping send?

Answer 9

ICMP

Question 10

What is the packet called that ping sends out? The one that comes back?

Answer 10

Echo request, Echo reply

Question 11

If your computer has no route to the address listed, ping will display _________.

Answer 11

Destination Host Unreachable

Question 12

If you ping a device and no echo reply comes back before the 1-second default time, ping will respond with _______.

Answer 12

Request Timed Out

Question 13

Ping of Death

Answer 13

A ping that allowed malicious users to send malformed ping packets to your computer and make it crash.

Question 14

Internet Group Management Protocol (IGMP)

Answer 14

Enables routers to communicate with hosts to determine a “group” membership for multicasting.

Question 15

What is the subnet that multicast addresses use?

Answer 15

224.0.0.0/4

Question 16

Well-known Port Numbers

Answer 16

0-1023

Reserved for specific TCP/IP applications

Question 17

Ephemeral Ports

Answer 17

1024-5000
An arbitrary number generated by a sending computer that the receiving computer uses as a destination address when sending a return packet.

Question 18

Dynamic/Private Port Numbers

Answer 18

49152-65535

Recommended by IANA to use as ephemeral port numbers

Question 19

Registered Ports

Answer 19

1024-49151

The IANA assigns these ports for anyone to use for their application

Question 20

Socket

Answer 20

A combination of a port number and an IP address that uniquely identifies a connection.

Question 21

Endpoints

Answer 21

The term used when discussing the data each computer stores about the connection between two computers’ TCP/IP applications.

Question 22

netstat

Answer 22

Shows you the list of endpoints you have connections with.

Question 23

netstat -a

Answer 23

Tells netstat to show all used ports

Question 24

netstat -n

Answer 24

Tells netstat to show raw port #’s and IP addresses.

Question 25

netstat -o

Answer 25

Tells netstat to show the process ID

Question 26

netstat -b

Answer 26

Shows the name of the running program

Question 27

Open Port

Answer 27

A socket that is prepared to respond to any IP packets destined for that socket’s port number.

Question 28

Established Port

Answer 28

Active, working endpoint

Question 29

close_wait

Answer 29

Implies that a graceful closure is happening, i.e. each side see the session closing normally

Question 30

time_wait

Answer 30

Means a connection has been lost and is waiting a defined amount of time called a timeout period.

Question 31

ps

Answer 31

Linux command that shows process IDs

Question 32

Hypertext Transfer Protocol (HTTP)

Answer 32

Defines what actions Web servers and browsers should take in response to various commands.
TCP port 80

Question 33

Web Server

Answer 33

• A computer that delivers Web pages.

- Listen on port 80

Question 34

Internet Information Services (IIS)

Answer 34

• Microsoft’s Web server program for managing Web servers.

- Enables you to set a max connection limit on your Web server based on available bandwidth and memory

Question 35

Apache HTTP Server

Answer 35

The web server that most UNIX/Linux based operating systems use.

Question 36

What are the three qualities of a secure Internet application?

Answer 36

1) Authentication
2) Encryption
3) Nonrepudiation:Process of making sure data came from the person or entity it was supposed to come from.

Question 37

Secure Sockets Layer (SSL)

Answer 37

A protocol developed for transmitting private documents over the Internet

Question 38

HTTPS

Answer 38

• The secure form of HTTP

- TCP Port 443

Question 39

Telnet

Answer 39

• The first protocol invented to connect remotely to another computer.
• TCP Port 23

Question 40

Secure Shell (SSH)

Answer 40

Like Telnet, but encrypted.

-TCP Port 22

Question 41

Simple Mail Transfer Protocol (SMTP)

Answer 41

Used by email clients to send messages

TCP Port 25

Question 42

Post Office Protocol version 3 (POP3)

Answer 42

Used to receive mail

TCP Port 110

Question 43

Internet Message Access Protocol version 4 (IMAP4)

Answer 43

Preferred alternative to POP3 for receiving mail

TCP Port 143

Question 44

File Transfer Protocol (FTP)

Answer 44

-The original protocol for transferring files on the Internet.
-Not encrypted
TCP port 20/21

Question 45

Most UNIX and Linux desktop operating systems provide a GUI application for easily viewing and filtering the information in system logs.
(A) True
(B) False

Answer 45

Answer : (A)

Question 46

TCP is preferred over UDP for real time services.​
(A) True
(B) False

Answer 46

Answer : (B)

Question 47

CALEA requires telecommunications carriers and equipment manufacturers to provide for surveillance capabilities.​
(A) True
(B) False

Answer 47

Answer : (A)

Question 48

The SNMP version 3 protocol introduces authentication, validation, and encryption for messages exchanged between devices and the network management console.​
(A) True
(B) False

Answer 48

Answer : (A)

Question 49

Wireshark or any other monitoring software running on a single computer connected to a switch doesn’t see all the traffic on a network, but only the traffic the switch sends to it, which includes broadcast traffic and traffic specifically addressed to the computer.​
(A) True
(B) False

Answer 49

Answer : (A)

Question 50

SNMP agents receive requests from an NMS on what port number?​ 
(A) ​161 
(B) ​162 
(C) ​163 
(D) ​160

Answer 50

Answer : (A)

Question 51

What security standard below was created to protect credit card data and transactions, requiring network segmentation as part of security controls?​ 
(A) ​CALEA 
(B) ​HIPAA (
C) ​PCI DSS 
(D) ​CAARA

Answer 51

Answer : (C)

Question 52

Packets that exceed the medium's maximum packet size are known by what term?​ 
(A) ​giants 
(B) ​runts 
(C) ​ghosts 
(D) ​jabbers

Answer 52

Answer : (A)

Question 53

​Packets that are smaller than a medium's minimum packet size are known by what term below? 
(A) jabbers 
(B) ​giants 
(C) ​ghosts
(D) ​runts

Answer 53

Answer : (D)

Question 54

When a device handles electrical signals improperly, usually resulting from a bad NIC, it is referred to by what term below?​ 
(A) ​ghost 
(B) ​jabber 
(C) ​talker (
D) ​blabber

Answer 54

Answer : (B)

Question 55

Which of the following is not a requirement in order to use a soft phone?​
(A) An ​IP telephony client.
(B) ​The ability to communicate with a digital telephone switch.
(C) ​A microphone and speakers, or a headset.
(D) ​A wireless carrier to handle the voice path.

Answer 55

Answer : (D)

Question 56

What percentage of Internet traffic, as estimated by Cisco Systems, will be devoted to video traffic by 2018?​ 
(A) ​20% 
(B) ​65% 
C) ​79% 
(D) ​93%

Answer 56

Answer : (C)

Question 57

In a VoIP call, what method of transmission is used between two IP phones? 
(A) global multicast 
(B) multicast 
(C) unicast 
(D) ​broadcast

Answer 57

Answer : (C)

Question 58

​On circuit switched portions of a PSTN, what set of standards established by the ITU is used to handle call signaling? 
(A) ​MCU 
(B) ​H.323 
(C) ​H.225 
(D) ​SS7

Answer 58

Answer : (D)

Question 59

​Which element of H.323 is a device that provides translation between network devices running the H.323 signaling protocols and devices running other types of signaling protocols? 
(A) ​H.323 terminal 
(B) ​H.323 gateway 
(C) ​H.323 gatekeeper
(D) ​MCU

Answer 59

Answer : (B)

Question 60

In H.323, which protocol below handles call or video conference signaling?​ 
(A) ​H.225 
(B) ​H.245 
(C) ​H.200 
(D) ​H.252

Answer 60

Answer : (A)

Question 61

A computer that provides support for multiple H.323 terminals and manages communication between them is known as what term below? 
(A) ​H.323 gateway 
(B) ​H.323 gatekeeper 
(C) ​MCU 
(D) ​H.323 server

Answer 61

Answer : (C)

Question 62

A server running the SIP protocol listens on what TCP/UDP port for unsecured communications?​ 
(A) ​6050 
(B) ​5060 
(C) ​5061 
(D) ​6051

Answer 62

Answer : (B)

Question 63

​What component of SIP is a server that responds to user agent clients' requests for session initiation and termination? 
(A) ​proxy server 
(B) ​registrar server 
(C) ​user agent server 
(D) ​redirect server

Answer 63

Answer : (C)

Question 64

When using SIP, what term is used to describe end-user devices, which may include workstations, tablet computers, smartphones, or IP phones?​ 
(A) user agent​ 
(B) ​user agent client 
(C) ​user agent proxy 
(D) ​user agent node

Answer 64

Answer : (B)

Question 65

In order for gateways to exchange and translate signaling and control information with each other so that voice and video packets are properly routed through a network, what intermediate device is needed?​ 
(A) ​media gateway 
(B) ​media proxy server 
(C) ​media gateway controller
(D) ​analog switch

Answer 65

Answer : (C)

Question 66

When using DiffServ, what type of forwarding utilizes a minimum departure rate from a given node, which is then assigned to each data stream? 
(A) ​assured forwarding 
(B) ​prioritized forwarding 
(C) ​scaled forwarding 
(D) expedited forwarding​

Answer 66

Answer : (D)

Question 67

The Priority Code Point field in a frame consists of how many bits?​ 
(A) ​2 bits
 (B) ​3 bits 
(C) ​5 bits
(D) ​8 bits

Answer 67

Answer : (B)

Question 68

What protocol enables multiple types of Layer 3 protocols to travel over any one of several connection-oriented Layer 2 protocols?​ 
(A) ​DiffServ 
(B) ​MPLS 
(C) ​CoS 
(D) ​SIP

Answer 68

Answer : (B)

Question 69

A highly available server is available what percentage of the time?​ 
(A) ​90% 
(B) ​99% 
(C) ​99.9% 
(D) ​99.99%

Answer 69

Answer : (D)

Question 70

​What two log files are used by older versions of Unix and newer version of Linux to store log information? 
(A) ​/var/log/messages 
(B) ​/var/log/syslog 
(C) ​/var/log/log 
(D) ​/var/adm/messages

Answer 70

Answer :

Question 71

What two terms below are used to describe a telephone switch that connects and manages calls within a private organization?​
 (A) ​public branch exchange 
(B) ​private branch exchange 
(C) ​PBX 
D) ​PBE

Answer 71

Answer :

Question 72

What two terms below describe the process of manipulating certain characteristics of packets, data streams, or connections to manage the type and amount of traffic traversing a network or interface at any moment?​ 
(A) ​bandwidth policing 
(B) ​throughput shaping 
(C) traffic shaping​
 (D) ​packet shaping

Answer 72

Answer :

Question 73

What two terms below describe a network device with three ports, two of which send and receive all traffic, and the third port mirrors the traffic?​
(A) network hub​ 
(B) ​network tap 
(C) ​network splitter
(D) packet sniffer​

Answer 73

Answer :

Question 74

What two terms below are used to describe an analog-to-digital voice conversion device that accepts and interprets both analog and digital voice signals? 
(A) IP PBX​ 
(B) ​digital PBX 
(C) ​ATA PBX 
D) ​ePBX

Answer 74

Answer :

Question 75

True or False: The scope of network management techniques differs according to the network’s size and importance.

Answer 75

Answer: True

Question 76

A _____ is a report of the network’s current state of operation.

Answer 76

Answer: baseline

Question 77

In addition to internal policies, a network manager must consider ____ regulations that might affect her responsibilities.

a. state
b. federal
c. state and federal
d. local

Answer 77

Answer: C

Question 78

The network management protocol that provides for both authentication and encryption is ____.

a. SMTP
b. SNMPv1
c. SNMPv2
d. SNMPv3

Answer 78

Answer: D

Question 79

True or False: Much of the information collected in event logs and syslog files does not point to a problem, even if it is marked with a warning.

Answer 79

Answer: True

Question 80

VoIP, is the use of any network (either public or private) to carry ____________________ signals using the TCP/IP protocol.

Answer 80

Answer: voice

Question 81

True or False: VoIP can run over any packet-switched network.

Answer 81

Answer: True

Question 82

____________________ allow the user to customize his or her graphical interface.

Answer 82

Answer: Soft phones

Question 83

____ is the protocol specified by the H.323 standard that handles call or video conference signaling.

a. H.225
b. H.245
c. H.248
d. H.252

Answer 83

Answer: A

Question 84

____________________, ensures that the type of information - whether voice or video - issued to an H.323 terminal is formatted in a way that the H.323 terminal can interpret.

Answer 84

Answer: H.245

Question 85

True or False: SIP does not attempt to perform and control as many functions as the H.323 protocols.

Answer 85

Answer: True

Question 86

Media gateways rely on an intermediate device known as a(n) ____________________ to exchange and translate signaling and control information with each other.

Answer 86

Answer: MGC (media gateway controller), Media gateway controller, MGC

Question 87

____ is a simple technique that addresses QoS issues by prioritizing traffic.

e. RTCP (Real-time Transport Control Protocol)
f. RSVP (Resource Reservation Protocol)
g. MPLS (multiprotocol label switching)
h. DiffServ (Differentiated Service)

Answer 87

Answer: D

Question 88

1.	What federal organization sets strict standards to protect the privacy of patient records?
A.	CALEA
B.	HIPAA
C.	PCI DSS
D.	IETF

Answer 88

Answer: B. HIPAA

Question 89

2.	What command retrieves the next record in an SNMP log?
A.	snmpget   
B.	snmpwalk
C.	snmpgetnext
D.	snmptrap

Answer 89

Answer: C. snmpgetnext

Question 90

3.	What port do SNMP agents listen on?
A.	Port 161
B.	Port 21
C.	Port 162
D.	Port 10162

Answer 90

Answer: A. Port 161

Question 91

4.	What utility in Linux provides standards for generating, storing, and processing messages about events on a system?
A.	Event Viewer
B.	event log
C.	ls
D.	syslog

Answer 91

Answer: D. syslog

Question 92

5.	One of your coworkers downloaded several, very large video files for a special project she’s working on for a new client. When you run your network monitor later this afternoon, what list will your coworker’s computer likely show up on?
A.	Top talkers
B.	Top listeners
C.	Event Viewer
D.	Discarded packets

Answer 92

Answer: B. Top listeners

Question 93

6.	Your roommate has been hogging the bandwidth on your router lately. What technique can you use to limit the amount of bandwidth his computer can utilize at any one time?
A.	Interface reset
B.	Packet shaping
C.	Caching
D.	Traffic policing

Answer 93

Answer: D. Traffic policing

Question 94

7.	What kind of phone is a Skype app?
A.	Analog phone
B.	IP phone
C.	Soft phone
D.	Video phone

Answer 94

Answer: C. Soft phone

Question 95

8.	You’re trying to choose a signaling protocol for your company’s network because you’re about to upgrade to a VoIP system. You need to keep it simple because this is a small company with a simple network. Which protocol should you choose?
A.	H.323
B.	SIP
C.	MGCP
D.	Megaco

Answer 95

Answer: B. SIP

Question 96

9.	RTP and RTCP operate at which layer of the OSI model?
A.	Application layer
B.	Transport layer
C.	Network layer
D.	Data Link layer

Answer 96

Answer: A. Application layer

Question 97

10.	Which QoS technique operates at the OSI layer “2.5”?
A.	RTP
B.	DiffServ
C.	MPLS
D.	CoS

Answer 97

Answer: C. MPLS

Question 98

11. When you arrive at work one morning, your Inbox is full of messages complaining of a network slowdown. You collect a capture from your network monitor. What can you compare it with in order to determine what has changed?

Answer 98

Answer: A baseline