Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Module H: Protocol Analysis > Module H3: Network Layer Header Protocols > Flashcards

Module H3: Network Layer Header Protocols Flashcards

1
Q

What protocol connects an IP address to a fixed physical machine address?

A

arp

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

An IPv4 address is represented by how many bits?

A

32

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A MAC address is represented by how many bits?

A

48

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What layer are MAC addresses used?

  • Layer 1 / Physical
  • Layer 2 / Data Link
  • Layer 3 / Network
  • Layer 4 / Transport
A

Layer 2 / Data Link

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What layer are IP addresses used?

  • Layer 1 / Physical
  • Layer 2 / Data Link
  • Layer 3 / Network
  • Layer 4 / Transport
A

Layer 3 / Network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The ARP table is constantly updating.

  • True
  • False
A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a Man In the Middle Attack also known as?

  • Monkey in the Middle
  • ARP Spoofing
  • Buffer Overflow
  • Brute Force Cracking
A

ARP Spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Packets can be filtered in Wireshark by specifying the protocol in the Display Filter.

True/False

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the opcode for an ARP request?

A

1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the opcode for an ARP reply?

A

2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What Wireshark display filter would you write to show all ARP requests?

A

arp.opcode==1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

If you wanted to see all ARP packets from the source IP address 192.168.92.10 what filer could you write in Wireshark?

  • arp.src.proto_ipv4==192.168.10.92
  • arp.src.proto_ipv4==192.168.92.10
  • arp.src.proto_ipv6==192.168.92.10
  • arp.des.proto_ipv4==192.168.92.10
A

arp.src.proto_ipv4==192.168.92.10

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the decimal value of the version field of an IPv4 header?

A

4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the minimum length of an IP header in bytes?

A

20

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

In an IPv4 Header, what value is in the protocol field for UDP?

A

17

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

In an IPv4 Header, what value is in the protocol field for TCP?

A

6

17
Q

How many bytes are in a ICMP header?

A

8

18
Q

What is ICMP primarily used for?

  • Determines which ports and services are open on a remote system.
  • Verifies and Authenticates session activity for remote users.
  • Communicate information about network connectivity issues back to the source of the compromised transmission.
  • Manages and Configures BIOS settings over a remote connection.
A

Communicate information about network connectivity issues back to the source of the compromised transmission.

19
Q

What does MTUs stand for?

A

maximum transmission unit

20
Q

What concept allows packets to break down data into serialized chunks to be recreated at the destination.

It also has the advantage of allowing information to cross over more diverse network paths.

  • Fragmentation
  • Decentralization
  • Encapsulation
  • Manipulation
A

Fragmentation

21
Q

How many bits are needed to represent the default hop limit in IPv6?

A

8

22
Q

What IPv6 header field classifies the priority of an IPv6 packet?

  • Next Header
  • Flow Label
  • Version
  • Traffic Class
A

Traffic Class

23
Q

What is priority 6 in traffic control for IPv6?

A

interactive traffic

24
Q

The payload length in IPv6 is a 16-bit signed integer field.

True

False

A

False (16 bit unsigned integer field)

25
Q

The Hop limit in IPv6 is the same as what in IPv4?

A

ttl

26
Q

What is the byte offset of the “Protocol Type” field in the ARP header?

A

2

27
Q

Using the IPv6 header, what is the BPF for the “Payload Length”? Example syntax: tcp[2:2]

A

ip6[4:2]

28
Q

What is the start byte of the “Protocol Address Length” field in the ARP header?

A

5

29
Q

What is another name for ARP spoofing?

A

man in the middle attack

30
Q

What is the Wireshark filter to show all ARP requests?

A

arp.opcode==1

31
Q

IPv6 supports fragmentation.

True

False

A

False

32
Q

2

What IPv6 header field replaced IPv4 “Options” field?

A

extensions

33
Q

What is the Code for an Echo Reply message?

A

0

34
Q

What is the Code for a Router Advertisement?

A

9

35
Q

What is the value of the More Fragments bit in the IPv4 header?

A

32

Module H: Protocol Analysis (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions