Module 3.3 Flashcards

1
Q

Maximum size in bytes of a frame’s payload. If the payload cannot be encapsulated within a single frame at the Data Link layer, it must be fragmented.

A

maximum transmission unit (MTU).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A standard _____________ frame has a maximum length of 1518 bytes, excluding preamble

A

Ethernet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Each ethernet frame has an 18-byte header:
__ byte destination and source MAC address fields
__byte error checking field.
__ byte Ether Type field

A

6 / 4 / 2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

To comply with CSMA/CD, the minimum length of an Ethernet frame is 64 bytes, so the payload must be at least ___ bytes.

A

46

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Most Gigabit and 10 GbE Ethernet devices support jumbo frames with a larger MTU, such as _____________ bytes. Such products are not standardized, however, and there can be compatibility issues when using devices from different vendors.

A

9000

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Recording data from frames as they pass over network media, using methods such as a mirror port or tap device.

A

packet sniffer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A basic software-based sniffer installed to a host will simply ____________the frames received by the network adapter by installing a special driver. This allows the frames to be read from the network stack and saved to a file on disk

A

interrogate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

_____________________ this means that the sensor is attached to a specially configured port on the switch that receives copies of frames addressed to nominated access ports (or all the other ports).

A

SPAN (switched port analyzer)/mirror port-

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Hardware device inserted into a cable to copy frames for analysis.

A

TAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

___________________this is a box with ports for incoming and outgoing network cabling and an inductor or optical splitter that physically copies the signal from the cabling to a monitor port

A

Passive test access point ( TAP )-

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

______________________this is a powered device that performs signal regeneration (again, there are copper and fiber variants), which may be necessary in some circumstances.

A

Active TAP-

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Command-line packet sniffing utility.

A

TCP Dump

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Widely-used protocol analyzer.

A

Wireshark

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

______________________________is an open source graphical packet capture and analysis utility, with installer packages for most operating systems.

A

Wireshark ( wireshark.org )

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

On a SOHO network, switches are more likely to be _________________, standalone units that can be added to the network and run without any configuration. The switch functionality might also be built into an Internet router/modem.

A

Unmanaged

How well did you know this?
1
Not at all
2
3
4
5
Perfectly