Lesson 9: Explaining Transport Layer Protocols Flashcards
What is the purpose of the transport layer protocols (Layer 4)?
Establishes end-end connections by linking the application layer to the network.
What is a port?
A unique number assigned to a particular application protocol used to identify the service once the packet has been routed to the destination
What is a well known port?
Port numbers 0-1023
What is the highest port number available?
65,535
Define a socket
The combination of a ip address and port number
What is the difference between a server socket and a client socket?
A server socket can support multiple connections from multiple client sockets
Define TCP (Transmission Control Protocol)
Transport layer protocol providing connection-oriented guaranteed communication using acknowledges to ensure delivery
How does TCP (Transmission Control Protocol) function?
TCP divides data from an application into segments (based on MTU) each with its own header while providing acknowledgements of receipt, sequencing, and retransmissions
What are the fields in a TCP datagram?
- Source/Destination port
- Sequence number
- Ack number
- Data length
- Flags
- Window
- Checksum
- Options
What is the purpose of the sequence number field in a TCP datagram?
The seq number is sent by the TCP initiator identifying the current segment of data allowing the receiver to rebuild the message with out of order packets
What is the purpose of the ack number field in a TCP datagram?
The seq number is sent by the TCP server/recipient, which is the sequence number of the previous segment with an increment of 1 (+1), and lets the original sender know if retransmission of the data is necessary
What is the purpose of the data length field in a TCP header?
Defines length of TCP segment
What is the purpose of the flags field in a TCP header?
Identifies type of content in the segment (ACK, SYN, FIN, etc.)
What is the purpose of the window field in a TCP header?
The amount of data the host is willing to receive before sending another acknowledgement allowing one side of the communication to tell the other side to slow the sending rate
What is the purpose of the urgent pointer field in a TCP header?
Identifies if urgent data is being sent
What process takes place to establish a TCP connection?
Three-way handshake
What is the first step in a 3-way handshake?
The client enters SYN-SENT state and sends a segment with the TCP flag “SYN” to the server
What is the second step in a 3-way handshake?
The server responds with a SYN/ACK segment and enters the SYN-RECEIVED state
What is the third step in a 3-way handshake?
The client responds with an ACK segment, creating a connection between client and server
What causes a client to retransmit data?
- A period of time passes without the sender receiving an acknowledgement
- The client receives a failed transmission flag
What process takes place to close a TCP connection?
TCP connection teardown
Define UDP (User Datagram Protocol)
Transport layer protocol that is connectionless and is a non-guaranteed communication method with no flow control or retransmission
What are the fields in a UDP (User Datagram Protocol) header?
- Source/Destination Port
- Message length
- Checksum
What is the size of a UDP header and TCP header?
UDP header is 8 bytes (64 bits) max; TCP header is 20+ bytes (160+ bits)
Define network visibility
The ability to verify what exactly is connected to a network and what is being communicated over it
What is an IP scanner?
Tool that performs host discover
What is Nmap?
A security scanner program used for IP scanning, auditing, and a pen test tool
What is netstat command in windows/Linux?
Command to check state of ports on local hosts and which services are configured for the open ports
What is a fingerprint scan?
Compares specific responses to known information about hardware platforms, OS types and versions, and application/service types and versions