MODULE 9 - CERTIFICATION CYBER OPS ASSOCIATE Flashcards

Question 1

Q

Transport Layer Characteristics

Role of the Transport Layer Application layer programs generate data that must be exchanged between source and destination hosts.

The transport layer is responsible for logical communications between applications running on different hosts.

This may include services such as establishing a temporary session between two hosts and the reliable transmission of information for an application.

Answer

A

As shown in the figure, the transport layer is the link between the application layer and the lower layers that are responsible for network transmission.

https://snipboard.io/oIS7w5.jpg

Question 2

Q

The transport layer has no knowledge of the destination host type, the type of media over which the data must travel, the path taken by the data, the congestion on a link, or the size of the network.

Answer

A

The transport layer includes two protocols:

Transmission Control Protocol (TCP)

User Datagram Protocol (UDP)

Question 3

Q

Transport Layer Responsibilities

The transport layer has many responsibilities.

– Tracking Individual Conversations

– Segmenting Data and Reassembling Segments

– Add Header Information

– Identifying the Applications

– Conversation Multiplexing

Answer

A

Tracking Individual Conversations :

At the transport layer, each set of data flowing between a source application and a destination application is known as a conversation and is tracked separately.

It is the responsibility of the transport layer to maintain and track these multiple conversations. As illustrated in the figure, a host may have multiple applications that are communicating across the network simultaneously.

Most networks have a limitation on the amount of data that can be included in a single packet. Therefore, data must be divided into manageable pieces.

https://snipboard.io/UoPkXh.jpg

Question 4

Q

Transport Layer Responsibilities

The transport layer has many responsibilities.

– Tracking Individual Conversations

– Segmenting Data and Reassembling Segments

– Add Header Information

– Identifying the Applications

– Conversation Multiplexing

Answer

A

Segmenting Data and Reassembling Segments :

It is the transport layer responsibility to divide the application data into appropriately sized blocks.

Depending on the transport layer protocol used, the transport layer blocks are called either segments or datagrams.

The figure illustrates the transport layer using different blocks for each conversation.

The transport layer divides the data into smaller blocks (i.e., segments or datagrams) that are easier to manage and transport. https://snipboard.io/vfpiGc.jpg

Question 5

Q

Transport Layer Responsibilities

The transport layer has many responsibilities.

– Tracking Individual Conversations

– Segmenting Data and Reassembling Segments

– Add Header Information

– Identifying the Applications

– Conversation Multiplexing

Answer

A

Add Header Information :

The transport layer protocol also adds header information containing binary data organized into several fields to each block of data.

It is the values in these fields that enable various transport layer protocols to perform different functions in managing data communication.

For instance, the header information is used by the receiving host to reassemble the blocks of data into a complete data stream for the receiving application layer program.

The transport layer ensures that even with multiple application running on a device, all applications receive the correct data.

https://snipboard.io/Vl15si.jpg

Question 6

Q

Transport Layer Responsibilities

The transport layer has many responsibilities.

– Tracking Individual Conversations

– Segmenting Data and Reassembling Segments

– Add Header Information

– Identifying the Applications

– Conversation Multiplexing

Answer

A

Identifying the Applications :

The transport layer must be able to separate and manage multiple communications with different transport requirement needs.

To pass data streams to the proper applications, the transport layer identifies the target application using an identifier called a port number.

As illustrated in the figure, each software process that needs to access the network is assigned a port number unique to that host.

https://snipboard.io/9ypn8c.jpg

Question 7

Q

Transport Layer Responsibilities

The transport layer has many responsibilities.

– Tracking Individual Conversations

– Segmenting Data and Reassembling Segments

– Add Header Information

– Identifying the Applications

– Conversation Multiplexing

Answer

A

Conversation Multiplexing :

Sending some types of data (e.g., a streaming video) across a network, as one complete communication stream, can consume all the available bandwidth.

This would prevent other communication conversations from occurring at the same time. It would also make error recovery and retransmission of damaged data difficult.

As shown in the figure, the transport layer uses segmentation and multiplexing to enable different communication conversations to be interleaved on the same network.

Error checking can be performed on the data in the segment, to determine if the segment was altered during transmission.

https://snipboard.io/Gn1rsY.jpg

Question 8

Q

Transport Layer Protocols IP is concerned only with the structure, addressing, and routing of packets.

IP does not specify how the delivery or transportation of the packets takes place.

Answer

A

Transport layer protocols specify how to transfer messages between hosts, and are responsible for managing reliability requirements of a conversation.

The transport layer includes the TCP and UDP protocols.

Question 9

Q

Transport layer protocols specify how to transfer messages between hosts, and are responsible for managing reliability requirements of a conversation.

The transport layer includes the TCP and UDP protocols.

Answer

A

Different applications have different transport reliability requirements.

Therefore, TCP/IP provides two transport layer protocols, as shown in the figure.

https://snipboard.io/83OhiG.jpg

Question 10

Q

Transmission Control Protocol (TCP) IP is concerned only with the structure, addressing, and routing of packets, from original sender to final destination.

IP is not responsible for guaranteeing delivery or determining whether a connection between the sender and receiver needs to be established.

Answer

A

TCP is considered a reliable, full-featured transport layer protocol, which ensures that all of the data arrives at the destination.

TCP includes fields which ensure the delivery of the application data. These fields require additional processing by the sending and receiving hosts.

Note: TCP divides data into segments.

Question 11

Q

TCP transport is analogous to sending packages that are tracked from source to destination.

If a shipping order is broken up into several packages, a customer can check online to see the order of the delivery.

Answer

A

TCP provides reliability and flow control using these basic operations:

Number and track data segments transmitted to a specific host from a specific application

Acknowledge received data Retransmit any unacknowledged data after a certain amount of time

Sequence data that might arrive in wrong order

Send data at an efficient rate that is acceptable by the receiver

Question 12

Q

TCP provides reliability and flow control using these basic operations:

Number and track data segments transmitted to a specific host from a specific application

Acknowledge received data

Retransmit any unacknowledged data after a certain amount of time

Sequence data that might arrive in wrong order Send data at an efficient rate that is acceptable by the receiver

Answer

A

In order to maintain the state of a conversation and track the information, TCP must first establish a connection between the sender and the receiver.

This is why TCP is known as a connection-oriented protocol.

Question 13

Q

TCP Header TCP is a stateful protocol which means it keeps track of the state of the communication session.

To track the state of a session, TCP records which information it has sent and which information has been acknowledged.

The stateful session begins with the session establishment and ends with the session termination.

Answer

A

A TCP segment adds 20 bytes (i.e., 160 bits) of overhead when encapsulating the application layer data.

The figure shows the fields in a TCP header. :

https://snipboard.io/RsBGkn.jpg

Question 14

Q

TCP Header Fields :

The table identifies and describes the ten fields in a TCP header.

– Source Port

– Destination Port

– Sequence Number

– Acknowledgment Number

– Header Length

– Reserved

– Control bits

– Window size

– Checksum

– Urgent

Answer

A

Source Port :

A 16-bit field used to identify the source application by port number.

Question 15

Q

TCP Header Fields :

The table identifies and describes the ten fields in a TCP header.

– Source Port

– Destination Port

– Sequence Number

– Acknowledgment Number

– Header Length

– Reserved

– Control bits

– Window size

– Checksum

– Urgent

Answer

A

Destination Port :

A 16-bit field used to identify the destination application by port number.

Question 16

Q

TCP Header Fields :

The table identifies and describes the ten fields in a TCP header.

– Source Port

– Destination Port

– Sequence Number

– Acknowledgment Number

– Header Length

– Reserved

– Control bits

– Window size

– Checksum

– Urgent

Answer

A

Sequence Number :

A 32-bit field used for data reassembly purposes.

Question 17

Q

TCP Header Fields :

The table identifies and describes the ten fields in a TCP header.

– Source Port

– Destination Port

– Sequence Number

– Acknowledgment Number

– Header Length

– Reserved

– Control bits

– Window size

– Checksum

– Urgent

Answer

A

Acknowledgment Number :

A 32-bit field used to indicate that data has been received and the next byte expected from the source.

Question 18

Q

TCP Header Fields :

The table identifies and describes the ten fields in a TCP header.

– Source Port

– Destination Port

– Sequence Number

– Acknowledgment Number

– Header Length

– Reserved

– Control bits

– Window size

– Checksum

– Urgent

Answer

A

Header Length :

A 4-bit field known as ʺdata offsetʺ that indicates the length of the TCP segment header.

Question 19

Q

TCP Header Fields :

The table identifies and describes the ten fields in a TCP header.

– Source Port

– Destination Port

– Sequence Number

– Acknowledgment Number

– Header Length

– Reserved

– Control bits

– Window size

– Checksum

– Urgent

Answer

A

Reserved :

A 6-bit field that is reserved for future use.

Question 20

Q

TCP Header Fields :

The table identifies and describes the ten fields in a TCP header.

– Source Port

– Destination Port

– Sequence Number

– Acknowledgment Number

– Header Length

– Reserved

– Control bits

– Window size

– Checksum

– Urgent

Answer

A

Control bits :

A 6-bit field that includes bit codes, or flags, which indicate the purpose and function of the TCP segment.

Question 21

Q

TCP Header Fields :

The table identifies and describes the ten fields in a TCP header.

– Source Port

– Destination Port

– Sequence Number

– Acknowledgment Number

– Header Length

– Reserved

– Control bits

– Window size

– Checksum

– Urgent

Answer

A

Window size :

A 16-bit field used to indicate the number of bytes that can be accepted at one time.

Question 22

Q

TCP Header Fields :

The table identifies and describes the ten fields in a TCP header.

– Source Port

– Destination Port

– Sequence Number

– Acknowledgment Number

– Header Length

– Reserved

– Control bits

– Window size

– Checksum

– Urgent

Answer

A

Checksum :

A 16-bit field used for error checking of the segment header and data.

Question 23

Q

TCP Header Fields :

The table identifies and describes the ten fields in a TCP header.

– Source Port

– Destination Port

– Sequence Number

– Acknowledgment Number

– Header Length

– Reserved

– Control bits

– Window size

– Checksum

– Urgent

Answer

A

Urgent :

A 16-bit field used to indicate if the contained data is urgent.

Question 24

Q

User Datagram Protocol (UDP) UDP is a simpler transport layer protocol than TCP.

It does not provide reliability and flow control, which means it requires fewer header fields.

Because the sender and the receiver UDP processes do not have to manage reliability and flow control, this means UDP datagrams can be processed faster than TCP segments.

UDP provides the basic functions for delivering datagrams between the appropriate applications, with very little overhead and data checking.

Answer

A

Note: UDP divides data into datagrams that are also referred to as segments.

UDP is a connectionless protocol.

Because UDP does not provide reliability or flow control, it does not require an established connection.

Because UDP does not track information sent or received between the client and server, UDP is also known as a stateless protocol.

Question 25

Q

Note: UDP divides data into datagrams that are also referred to as segments.

UDP is a connectionless protocol.

Because UDP does not provide reliability or flow control, it does not require an established connection.

Because UDP does not track information sent or received between the client and server, UDP is also known as a stateless protocol.

Answer

A

UDP is also known as a best-effort delivery protocol because there is no acknowledgment that the data is received at the destination.

With UDP, there are no transport layer processes that inform the sender of a successful delivery.

UDP is like placing a regular, nonregistered, letter in the mail.

The sender of the letter is not aware of the availability of the receiver to receive the letter. Nor is the post office responsible for tracking the letter or informing the sender if the letter does not arrive at the final destination.

Question 26

Q

UDP Header UDP is a stateless protocol, meaning neither the client, nor the server, tracks the state of the communication session.

If reliability is required when using UDP as the transport protocol, it must be handled by the application.

Answer

A

One of the most important requirements for delivering live video and voice over the network is that the data continues to flow quickly.

Live video and voice applications can tolerate some data loss with minimal or no noticeable effect, and are perfectly suited to UDP.

Question 27

Q

One of the most important requirements for delivering live video and voice over the network is that the data continues to flow quickly.

Live video and voice applications can tolerate some data loss with minimal or no noticeable effect, and are perfectly suited to UDP.

Answer

A

The blocks of communication in UDP are called datagrams, or segments.

These datagrams are sent as best effort by the transport layer protocol.

The UDP header is far simpler than the TCP header because it only has four fields and requires 8 bytes (i.e., 64 bits).

The figure shows the fields in a UDP header.

https://snipboard.io/1Z4pc6.jpg

Question 28

Q

UDP Header Fields The table identifies and describes the four fields in a UDP header.

– Source Port

– Destination Port

– Length

– Checksum

Answer

A

Source Port :

A 16-bit field used to identify the source application by port number.

Question 29

Q

UDP Header Fields The table identifies and describes the four fields in a UDP header.

– Source Port

– Destination Port

– Length

– Checksum

Answer

A

Destination Port :

A 16-bit field used to identify the destination application by port number.

Question 30

Q

UDP Header Fields The table identifies and describes the four fields in a UDP header.

– Source Port

– Destination Port

– Length

– Checksum

Answer

A

Length :

A 16-bit field that indicates the length of the UDP datagram header.

Question 31

Q

UDP Header Fields The table identifies and describes the four fields in a UDP header.

– Source Port

– Destination Port

– Length

– Checksum

Answer

A

Checksum ::

A 16-bit field used for error checking of the datagram header and data.

Question 32

Q

Socket Pairs

The source and destination ports are placed within the segment.

The segments are then encapsulated within an IP packet. The IP packet contains the IP address of the source and destination.

The combination of the source IP address and source port number, or the destination IP address and destination port number is known as a socket.

Answer

A

In the example in the figure, the PC is simultaneously requesting FTP and web services from the destination server.

https://snipboard.io/hy8HoN.jpg

In the example, the FTP request generated by the PC includes the Layer 2 MAC addresses and the Layer 3 IP addresses.

The request also identifies the source port number 1305 (i.e., dynamically generated by the host) and destination port, identifying the FTP services on port 21.

The host also has requested a web page from the server using the same Layer 2 and Layer 3 addresses.

However, it is using the source port number 1099 (i.e., dynamically generated by the host) and destination port identifying the web service on port 80.

Question 33

Q

In the example in the figure, the PC is simultaneously requesting FTP and web services from the destination server.

https://snipboard.io/hy8HoN.jpg

In the example, the FTP request generated by the PC includes the Layer 2 MAC addresses and the Layer 3 IP addresses. The request also identifies the source port number 1305 (i.e., dynamically generated by the host) and destination port, identifying the FTP services on port 21.

The host also has requested a web page from the server using the same Layer 2 and Layer 3 addresses. However, it is using the source port number 1099 (i.e., dynamically generated by the host) and destination port identifying the web service on port 80.

Answer

A

The socket is used to identify the server and service being requested by the client.

A client socket might look like this, with 1099 representing the source port number: 192.168.1.5:1099 The socket on a web server might be 192.168.1.7:80 Together, these two sockets combine to form a socket pair: 192.168.1.5:1099, 192.168.1.7:80

Sockets enable multiple processes, running on a client, to distinguish themselves from each other, and multiple connections to a server process to be distinguished from each other.

The source port number acts as a return address for the requesting application. The transport layer keeps track of this port and the application that initiated the request so that when a response is returned, it can be forwarded to the correct application.

Question 34

Q

Transport Layer Session Establishment TCP Server Processes You already know the fundamentals of TCP.

Understanding the role of port numbers will help you to grasp the details of the TCP communication process.

In this topic, you will also learn about the TCP three-way handshake and session termination processes.

Answer

A

Each application process running on a server is configured to use a port number.

The port number is either automatically assigned or configured manually by a system administrator.

An individual server cannot have two services assigned to the same port number within the same transport layer services.

For example, a host running a web server application and a file transfer application cannot have both configured to use the same port, such as TCP port 80.

Question 35

Q

Each application process running on a server is configured to use a port number.

The port number is either automatically assigned or configured manually by a system administrator.

An individual server cannot have two services assigned to the same port number within the same transport layer services.

For example, a host running a web server application and a file transfer application cannot have both configured to use the same port, such as TCP port 80.

Answer

A

An active server application assigned to a specific port is considered open, which means that the transport layer accepts, and processes segments addressed to that port.

Any incoming client request addressed to the correct socket is accepted, and the data is passed to the server application.

There can be many ports open simultaneously on a server, one for each active server application.

– Clients Sending TCP Requests

– Request Destination Ports

– Request Source Ports

– Response Destination Ports

– Response Source Ports

Question 36

Q

An active server application assigned to a specific port is considered open, which means that the transport layer accepts, and processes segments addressed to that port.

Any incoming client request addressed to the correct socket is accepted, and the data is passed to the server application.

There can be many ports open simultaneously on a server, one for each active server application.

– Clients Sending TCP Requests

– Request Destination Ports

– Request Source Ports

– Response Destination Ports

– Response Source Ports

Answer

A

Clients Sending TCP Requests :

Client 1 is requesting web services and Client 2 is requesting email service of the same sever.

https://snipboard.io/z9qZTC.jpg

Question 37

Q

An active server application assigned to a specific port is considered open, which means that the transport layer accepts, and processes segments addressed to that port.

Any incoming client request addressed to the correct socket is accepted, and the data is passed to the server application.

There can be many ports open simultaneously on a server, one for each active server application.

– Clients Sending TCP Requests

– Request Destination Ports

– Request Source Ports

– Response Destination Ports

– Response Source Ports

Answer

A

Request Destination Ports :

Client 1 is requesting web services using well-known destination port 80 (HTTP) and Client 2 is requesting email service using well-known port 25 (SMTP).

https://snipboard.io/l15VGO.jpg

Question 38

Q

An active server application assigned to a specific port is considered open, which means that the transport layer accepts, and processes segments addressed to that port.

Any incoming client request addressed to the correct socket is accepted, and the data is passed to the server application.

There can be many ports open simultaneously on a server, one for each active server application.

– Clients Sending TCP Requests

– Request Destination Ports

– Request Source Ports

– Response Destination Ports

– Response Source Ports

Answer

A

Request Source Ports :

Client requests dynamically generate a source port number.

In this case, Client 1 is using source port 49152 and Client 2 is using source port 51152.

https://snipboard.io/79jhwY.jpg

Question 39

Q

An active server application assigned to a specific port is considered open, which means that the transport layer accepts, and processes segments addressed to that port.

Any incoming client request addressed to the correct socket is accepted, and the data is passed to the server application.

There can be many ports open simultaneously on a server, one for each active server application.

– Clients Sending TCP Requests

– Request Destination Ports

– Request Source Ports

– Response Destination Ports

– Response Source Ports

Answer

A

Response Destination Ports :

When the server responds to the client requests, it reverses the destination and source ports of the initial request.

Notice that the Server response to the web request now has destination port 49152 and the email response now has destination port 51152.

Question 40

Q

An active server application assigned to a specific port is considered open, which means that the transport layer accepts, and processes segments addressed to that port.

Any incoming client request addressed to the correct socket is accepted, and the data is passed to the server application.

There can be many ports open simultaneously on a server, one for each active server application.

– Clients Sending TCP Requests

– Request Destination Ports

– Request Source Ports

– Response Destination Ports

– Response Source Ports

Answer

A

Response Source Ports :

The source port in the server response is the original destination port in the initial requests.

https://snipboard.io/shdA2M.jpg

Question 41

Q

TCP Connection Establishment

In some cultures, when two persons meet, they often greet each other by shaking hands.

Both parties understand the act of shaking hands as a signal for a friendly greeting. Connections on the network are similar. In TCP connections, the host client establishes the connection with the server using the three-way handshake process.

– Step 1. SYN

– Step 2. ACK and SYN

– Step 3. ACK

The three-way handshake validates that the destination host is available to communicate. In this example, host A has validated that host B is available.

Answer

A

Step 1.

SYN : The initiating client requests a client-to-server communication session with the server.

https://snipboard.io/DeGARZ.jpg

Question 42

Q

TCP Connection Establishment

In some cultures, when two persons meet, they often greet each other by shaking hands.

Both parties understand the act of shaking hands as a signal for a friendly greeting. Connections on the network are similar. In TCP connections, the host client establishes the connection with the server using the three-way handshake process.

– Step 1. SYN

– Step 2. ACK and SYN

– Step 3. ACK

The three-way handshake validates that the destination host is available to communicate. In this example, host A has validated that host B is available.

Answer

A

Step 2.

ACK and SYN : The server acknowledges the client-to-server communication session and requests a server-to-client communication session.

https://snipboard.io/NZxWXA.jpg

Question 43

Q

TCP Connection Establishment

In some cultures, when two persons meet, they often greet each other by shaking hands.

Both parties understand the act of shaking hands as a signal for a friendly greeting. Connections on the network are similar. In TCP connections, the host client establishes the connection with the server using the three-way handshake process.

– Step 1. SYN

– Step 2. ACK and SYN

– Step 3. ACK

The three-way handshake validates that the destination host is available to communicate. In this example, host A has validated that host B is available.

Answer

A

Step 3. ACK :: The initiating client acknowledges the server-to-client communication session.

https://snipboard.io/Ma8Ziw.jpg

The three-way handshake validates that the destination host is available to communicate. In this example, host A has validated that host B is available.

Question 44

Q

Session Termination

To close a connection, the Finish (FIN) control flag must be set in the segment header.

To end each one-way TCP session, a two-way handshake, consisting of a FIN segment and an Acknowledgment (ACK) segment, is used.

Therefore, to terminate a single conversation supported by TCP, four exchanges are needed to end both sessions. Either the client or the server can initiate the termination.

Answer

A

In the example, the terms client and server are used as a reference for simplicity, but any two hosts that have an open session can initiate the termination process.

– Step 1. FIN

– Step 2. ACK

– Step 3. FIN

– Step 4. ACK

Question 45

Q

In the example, the terms client and server are used as a reference for simplicity, but any two hosts that have an open session can initiate the termination process.

– Step 1. FIN

– Step 2. ACK

– Step 3. FIN

– Step 4. ACK

Answer

A

Step 1. FIN :

When the client has no more data to send in the stream, it sends a segment with the FIN flag set.

https://snipboard.io/RkAGMJ.jpg

Question 46

Q

In the example, the terms client and server are used as a reference for simplicity, but any two hosts that have an open session can initiate the termination process.

– Step 1. FIN

– Step 2. ACK

– Step 3. FIN

– Step 4. ACK

Answer

A

Step 2. ACK :

The server sends an ACK to acknowledge the receipt of the FIN to terminate the session from client to server.

https://snipboard.io/A3LSOJ.jpg

Question 47

Q

In the example, the terms client and server are used as a reference for simplicity, but any two hosts that have an open session can initiate the termination process.

– Step 1. FIN

– Step 2. ACK

– Step 3. FIN

– Step 4. ACK

Answer

A

Step 3. FIN :

The server sends a FIN to the client to terminate the server-to-client session.

https://snipboard.io/OrW2Lh.jpg

Question 48

Q

In the example, the terms client and server are used as a reference for simplicity, but any two hosts that have an open session can initiate the termination process. –

Step 1. FIN

– Step 2. ACK

– Step 3. FIN

– Step 4. ACK When all segments have been acknowledged, the session is closed.

Answer

A

Step 4. ACK :

The client responds with an ACK to acknowledge the FIN from the server.

https://snipboard.io/VNFw4D.jpg

When all segments have been acknowledged, the session is closed.

Question 49

Q

TCP Three-way Handshake Analysis Hosts maintain state, track each data segment within a session, and exchange information about what data is received using the information in the TCP header.

TCP is a full-duplex protocol, where each connection represents two one-way communication sessions.

To establish the connection, the hosts perform a three-way handshake.

As shown in the figure, control bits in the TCP header indicate the progress and status of the connection.

Answer

A

These are the functions of the three-way handshake: It establishes that the destination device is present on the network.

It verifies that the destination device has an active service and is accepting requests on the destination port number that the initiating client intends to use.

It informs the destination device that the source client intends to establish a communication session on that port number.

Question 50

Q

These are the functions of the three-way handshake: It establishes that the destination device is present on the network.

It verifies that the destination device has an active service and is accepting requests on the destination port number that the initiating client intends to use.

It informs the destination device that the source client intends to establish a communication session on that port number.

Answer

A

After the communication is completed the sessions are closed, and the connection is terminated.

The connection and session mechanisms enable TCP reliability function.

Control Bits Field

https://snipboard.io/HtSaMd.jpg

Question 51

Q

After the communication is completed the sessions are closed, and the connection is terminated.

The connection and session mechanisms enable TCP reliability function.

Control Bits Field

https://snipboard.io/HtSaMd.jpg

Answer

A

The six bits in the Control Bits field of the TCP segment header are also known as flags.

A flag is a bit that is set to either on or off. The six control bits flags are as follows:

– URG

– ACK

– PSH

– RST

– SYN

– FIN

Question 52

Q

The six bits in the Control Bits field of the TCP segment header are also known as flags.

A flag is a bit that is set to either on or off. The six control bits flags are as follows:

– URG

– ACK

– PSH

– RST

– SYN

– FIN

Answer

A

URG :

Urgent pointer field significant

Question 53

Q

The six bits in the Control Bits field of the TCP segment header are also known as flags.

A flag is a bit that is set to either on or off. The six control bits flags are as follows:

– URG

– ACK

– PSH

– RST

– SYN

– FIN

Answer

A

ACK :

Acknowledgment flag used in connection establishment and session termination

Question 54

Q

The six bits in the Control Bits field of the TCP segment header are also known as flags.

A flag is a bit that is set to either on or off. The six control bits flags are as follows:

– URG

– ACK

– PSH

– RST

– SYN

– FIN

Answer

A

PSH :

Push function

Question 55

Q

The six bits in the Control Bits field of the TCP segment header are also known as flags.

A flag is a bit that is set to either on or off. The six control bits flags are as follows:

– URG

– ACK

– PSH

– RST

– SYN

– FIN

Answer

A

RST :

Reset the connection when an error or timeout occurs

Question 56

Q

The six bits in the Control Bits field of the TCP segment header are also known as flags.

A flag is a bit that is set to either on or off. The six control bits flags are as follows:

– URG

– ACK

– PSH

– RST

– SYN

– FIN

Answer

A

SYN :

Synchronize sequence numbers used in connection establishment

Question 57

Q

The six bits in the Control Bits field of the TCP segment header are also known as flags.

A flag is a bit that is set to either on or off. The six control bits flags are as follows:

– URG

– ACK

– PSH

– RST

– SYN

– FIN

Answer

A

FIN ::

No more data from sender and used in session termination

Question 58

Q

Transport Layer Reliability

TCP Reliability - Guaranteed and Ordered Delivery

The reason that TCP is the better protocol for some applications is because, unlike UDP, it resends dropped packets and numbers packets to indicate their proper order before delivery.

TCP can also help maintain the flow of packets so that devices do not become overloaded. This topic covers these features of TCP in detail.

Answer

A

There may be times when TCP segments do not arrive at their destination.

Other times, the TCP segments might arrive out of order. For the original message to be understood by the recipient, all the data must be received and the data in these segments must be reassembled into the original order. S

equence numbers are assigned in the header of each packet to achieve this goal. The sequence number represents the first data byte of the TCP segment.

Question 59

Q

There may be times when TCP segments do not arrive at their destination.

Other times, the TCP segments might arrive out of order. For the original message to be understood by the recipient, all the data must be received and the data in these segments must be reassembled into the original order.

Sequence numbers are assigned in the header of each packet to achieve this goal.

The sequence number represents the first data byte of the TCP segment.

Answer

A

During session setup, an initial sequence number (ISN) is set.

This ISN represents the starting value of the bytes that are transmitted to the receiving application.

As data is transmitted during the session, the sequence number is incremented by the number of bytes that have been transmitted.

This data byte tracking enables each segment to be uniquely identified and acknowledged. Missing segments can then be identified.

Question 60

Q

The ISN does not begin at one but is effectively a random number. This is to prevent certain types of malicious attacks. For simplicity, we will use an ISN of 1 for the examples in this chapter.

Segment sequence numbers indicate how to reassemble and reorder received segments, as shown in the figure.

TCP Segments Are Reordered at the Destination

https://snipboard.io/jAr3IV.jpg

Answer

A

The receiving TCP process places the data from a segment into a receiving buffer.

Segments are then placed in the proper sequence order and passed to the application layer when reassembled.

Any segments that arrive with sequence numbers that are out of order are held for later processing.

Then, when the segments with the missing bytes arrive, these segments are processed in order.

Question 61

Q

TCP Reliability - Data Loss and Retransmission

No matter how well designed a network is, data loss occasionally occurs. TCP provides methods of managing these segment losses.

Among these is a mechanism to retransmit segments for unacknowledged data. The sequence (SEQ) number and acknowledgement (ACK) number are used together to confirm receipt of the bytes of data contained in the transmitted segments.

The SEQ number identifies the first byte of data in the segment being transmitted. TCP uses the ACK number sent back to the source to indicate the next byte that the receiver expects to receive.

This is called expectational acknowledgement.

Answer

A

Prior to later enhancements, TCP could only acknowledge the next byte expected. For example, in the figure, using segment numbers for simplicity, host A sends segments 1 through 10 to host B.

If all the segments arrive except for segments 3 and 4, host B would reply with acknowledgment specifying that the next segment expected is segment 3.

Host A has no idea if any other segments arrived or not. Host A would, therefore, resend segments 3 through 10. If all the resent segments arrived successfully, segments 5 through 10 would be duplicates.

This can lead to delays, congestion, and inefficiencies.

https://snipboard.io/L815YX.jpg

Question 62

Q

Prior to later enhancements, TCP could only acknowledge the next byte expected. For example, in the figure, using segment numbers for simplicity, host A sends segments 1 through 10 to host B.

If all the segments arrive except for segments 3 and 4, host B would reply with acknowledgment specifying that the next segment expected is segment 3.

Host A has no idea if any other segments arrived or not. Host A would, therefore, resend segments 3 through 10. If all the resent segments arrived successfully, segments 5 through 10 would be duplicates.

This can lead to delays, congestion, and inefficiencies.

https://snipboard.io/L815YX.jpg

Answer

A

Host operating systems today typically employ an optional TCP feature called selective acknowledgment (SACK), negotiated during the three-way handshake.

If both hosts support SACK, the receiver can explicitly acknowledge which segments (bytes) were received including any discontinuous segments.

The sending host would therefore only need to retransmit the missing data. For example, in the next figure, again using segment numbers for simplicity, host A sends segments 1 through 10 to host B.

If all the segments arrive except for segments 3 and 4, host B can acknowledge that it has received segments 1 and 2 (ACK 3), and selectively acknowledge segments 5 through 10 (SACK 5-10). Host A would only need to resend segments 3 and 4.

https://snipboard.io/OoclhX.jpg

Question 63

Q

Host operating systems today typically employ an optional TCP feature called selective acknowledgment (SACK), negotiated during the three-way handshake. If both hosts support SACK, the receiver can explicitly acknowledge which segments (bytes) were received including any discontinuous segments.

The sending host would therefore only need to retransmit the missing data. For example, in the next figure, again using segment numbers for simplicity, host A sends segments 1 through 10 to host B. If all the segments arrive except for segments 3 and 4, host B can acknowledge that it has received segments 1 and 2 (ACK 3), and selectively acknowledge segments 5 through 10 (SACK 5-10).

Host A would only need to resend segments 3 and 4.

https://snipboard.io/OoclhX.jpg

Answer

A

Note: TCP typically sends ACKs for every other packet, but other factors beyond the scope of this topic may alter this behavior.

TCP uses timers to know how long to wait before resending a segment. In the figure, play the video and click the link to download the PDF file.

The video and PDF file examine TCP data loss and retransmission.

Question 64

Q

TCP Flow Control - Window Size and Acknowledgments TCP also provides mechanisms for flow control.

Flow control is the amount of data that the destination can receive and process reliably.

Flow control helps maintain the reliability of TCP transmission by adjusting the rate of data flow between source and destination for a given session.

To accomplish this, the TCP header includes a 16-bit field called the window size.

Answer

A

The figure shows an example of window size and acknowledgments.

TCP Window Size Example

https://snipboard.io/jk3NDi.jpg

The window size determines the number of bytes that can be sent before expecting an acknowledgment.

The acknowledgment number is the number of the next expected byte.

The window size is the number of bytes that the destination device of a TCP session can accept and process at one time. In this example, the PC B initial window size for the TCP session is 10,000 bytes. Starting with the first byte, byte number 1, the last byte PC A can send without receiving an acknowledgment is byte 10,000. This is known as the send window of PC A.

The window size is included in every TCP segment so the destination can modify the window size at any time depending on buffer availability.

Answer 65

A

The initial window size is agreed upon when the TCP session is established during the three-way handshake. The source device must limit the number of bytes sent to the destination device based on the window size of the destination.

Only after the source device receives an acknowledgment that the bytes have been received, can it continue sending more data for the session. Typically, the destination will not wait for all the bytes for its window size to be received before replying with an acknowledgment.

As the bytes are received and processed, the destination will send acknowledgments to inform the source that it can continue to send additional bytes. For example, it is typical that PC B would not wait until all 10,000 bytes have been received before sending an acknowledgment.

This means PC A can adjust its send window as it receives acknowledgments from PC B. As shown in the figure, when PC A receives an acknowledgment with the acknowledgment number 2,921, which is the next expected byte.

The PC A send window will increment 2,920 bytes. This changes the send window from 10,000 bytes to 12,920. PC A can now continue to send up to another 10,000 bytes to PC B as long as it does not send more than its new send window at 12,920.

Answer 66

A

A destination sending acknowledgments as it processes bytes received, and the continual adjustment of the source send window, is known as sliding windows.

In the previous example, the send window of PC A increments or slides over another 2,921 bytes from 10,000 to 12,920.

If the availability of the destination’s buffer space decreases, it may reduce its window size to inform the source to reduce the number of bytes it should send without receiving an acknowledgment.

Answer 67

A

Note: Devices today use the sliding windows protocol.

The receiver typically sends an acknowledgment after every two segments it receives. The number of segments received before being acknowledged may vary.

The advantage of sliding windows is that it allows the sender to continuously transmit segments, as long as the receiver is acknowledging previous segments.

The details of sliding windows are beyond the scope of this course.

Answer 68

A

A common MSS is 1,460 bytes when using IPv4. A host determines the value of its MSS field by subtracting the IP and TCP headers from the Ethernet maximum transmission unit (MTU).

On an Ethernet interface, the default MTU is 1500 bytes.

Subtracting the IPv4 header of 20 bytes and the TCP header of 20 bytes, the default MSS size will be 1460 bytes, as shown in the figure. https://snipboard.io/Muh8Bo.jpg

Answer 69

A

Whenever there is congestion, retransmission of lost TCP segments from the source will occur.

If the retransmission is not properly controlled, the additional retransmission of the TCP segments can make the congestion even worse.

Not only are new packets with TCP segments introduced into the network, but the feedback effect of the retransmitted TCP segments that were lost will also add to the congestion.

To avoid and control congestion, TCP employs several congestion handling mechanisms, timers, and algorithms.

Answer 70

A

If the source determines that the TCP segments are either not being acknowledged or not acknowledged in a timely manner, then it can reduce the number of bytes it sends before receiving an acknowledgment.

As illustrated in the figure, PC A senses there is congestion and therefore, reduces the number of bytes it sends before receiving an acknowledgment from PC B.

TCP Congestion Control

https://snipboard.io/Wl3Tzu.jpg https://snipboard.io/qJ19mi.jpg

Answer 71

A

Notice that it is the source that is reducing the number of unacknowledged bytes it sends and not the window size determined by the destination.

Brainscape's Knowledge GenomeTM

MODULE 9 - CERTIFICATION CYBER OPS ASSOCIATE Flashcards

Brainscape's Knowledge Genome^TM