Networking Fundamentals

Question 1

Fundamentals

Framework that the major n/w and s/w components can be placed to give every item a common reference point

Answer 1

Open systems Interconnection Model
(OSI) model

Question 2

Fundamentals

OSI Layer 7 -
Application

Answer 2

APIs

Question 3

Fundamentals

OSI Layer 6 -
Data conversion

Answer 3

Presentation

Question 4

Fundamentals

OSI Layer 5
Sessions tracking/naming

Answer 4

Session

Question 5

Fundamentals

OSI Layer 4
End-to-end communication

Answer 5

Transport

Question 6

Fundamentals

OSI Layer 3
Router
Ip addresses
Internet protocols

Answer 6

Network

Question 7

Fundamentals

OSI Layer 2
Switch

Answer 7

Data Link

Question 8

Fundamentals

OSI Layer 1
Cables
Wierless
NIC

Answer 8

Physical

Question 9

Fundamentals

What happens to frames at layer 1

Answer 9

they are turned into 1s and 0z and transmitted as bits and bytes

Question 10

Fundamentals

sublayer of the Data Link Layer is responsible for flow control and error management functions, which were used in the past by now obsolete protocols. It was also used to multiplex protocols, when IP wasn’t the end-all-be-all protocol as it is today. You’ll only see the 802.2 LLC header today for management protocols, like VTP (VLAN Trunking Protocol), CDP (Cisco Discovery Protocol), and STP (Spanning Tree Protocol).

Answer 10

Logical Link Control (LLC)

LLC Sublayer

Question 11

Fundamentals

sublayer is responsible for addressing network devices by using the physical address—that’s the MAC address burned in to the ROM chip of each NIC. The physical address for both the sending and receiving devices are placed in the Layer 2 frame header. This layer also adds and verifies the FCS.

Answer 11

Medium/Media Access Conrol (MAC)

Mac sublayer

Question 12

Fundamentals

These do not exist at any other layer and should not be stated as
“Ethernet packet”
“TCP packet”
“UDP Packet”

Answer 12

IP packets only exist on layer 3

Question 13

Fundamentals

data from OSI layers 7 through 5 is encapsulated into a TCP segment or UDP datagram at

Answer 13

Layer 4

Question 14

Fundamentals

The segment or datagram is encapsulated in an IP packet at

Answer 14

Layer 3

Question 15

Fundamentals

IP packet is encapsulated inside a frame at

Answer 15

Layer 2

Question 16

Fundamentals

Frames are transmitted as 1s and 0s at

Answer 16

Layer 1

Question 17

Fundamentals

TCP flag is a relic of the past and is not really used by modern protocols. It used to be a way to tell a destination system to prioritize data in a segment, at a location specified by the Urgent Pointer field in the TCP header.

Answer 17

URG

Question 18

Fundamentals

TCP flag used to tell the sending system to push the data down and out immediately without waiting for a buffer to accumulate (which would normally happen for efficient data transfer when many TCP segments are sent), as well as to tell the receiving system to push the received data up to the receiving application without waiting for a buffer to accumulate (which would normally happen for efficient data transfer when many TCP segments are received). The PSH flag is used at the end of an HTTP or TLS session, when there’s no more data to be sent or received, as well as during an SSH session, where the keystrokes need to be sent immediately to a remote system, in addition to other instances. Without the PSH flag there could be significant latency, making the communication unbearable.

Answer 18

PSH

Question 19

Fundamentals

TCP flag is used to tear down an established TCP connection in a similar fashion to the way that the SYN flag is used to establish the connection. The teardown process uses four steps (two separate two-way handshakes), unlike the TCP three-way handshake, which uses three steps. First, the side that starts the TCP connection termination (also known as the TCP teardown) sends a TCP segment with the FIN flag set. Second, the other side sends a TCP segment with the ACK flag set. Third, the same side that sent the segment with the ACK flag set in the second step now sends another segment, this time with the FIN flag set. Fourth, the side that started the teardown sends a segment with the ACK flag set.

Sequence and acknowledgment numbers are used here as well. The sequence numbers pick up from where they were at the end of the data exchange process, and the acknowledgment numbers increment the sequence numbers sent with the FINs by 1.

Answer 19

FIN

Question 20

Fundamentals

TCP connection can be terminated gracefully with the FIN flag from each side or abruptly with the RST flag. Reasons for sending an RST to abort a connection include receiving an invalid header, not having enough resources present to support the connection, not receiving any response from the other side, and even optimizing—getting rid of the other side as quickly as possible instead of a graceful close with FINs that take more time and resources.

Answer 20

RST

Question 21

Fundamentals

Unskilled attackers pester real security folks

Answer 21

URG, ACK, PSH, RST, SYN, FIN)

Question 22

Fundamentals

Maximum transmission unit (MTU) of Ethernet is

Answer 22

1500 bytes

Question 23

Fundamentals

if a packet exceeds 1500 bytes - consisting of an IP header and data

Answer 23

cant be placed inside of an Ethernet fram.

Question 24

Fundamentals

Fragments of the same packet are linked together with the same value that acts as a label to group frames togehter

Answer 24

Identification (2-byte value)

Question 25

Fundamentals

field consists of Reserved bit (always 0), Don’t Fragment (more on this in a bit—pun intended), and More Fragments (all fragments but the last will have a value of 1, indicating to the destination that more fragments are on the way).

Answer 25

Flags (1-bit values)

Question 26

Fundamentals

This field helps the destination put received fragments in order. The first fragment offset is 0, and each subsequent offset increases by the size of the previous fragment. For example, fragments in a sequence could have offsets of 0, 1480, 2960, and 4440. These numbers allow the fragments to be reassembled, like puzzle pieces, should they arrive in nonsequential order (which is common).

Path MTU Discovery, described in RFC 1191, takes a different approach. Imagine the path between a Web server and Web client has an MTU of 1000 between two routers. The Web server would send 1500 bytes in a single packet, which would be fragmented into two packets, and then reassembled at the destination. When routers fragment packets and when hosts reassemble fragments, this creates latency. A Web server and Web client would both prefer to cut down on the latency.

Answer 26

Fragment offset (2-byte value)

Question 27

Fundamentals

This flag starts off the TCP three-way handshake

Answer 27

The SYN (Synchronize) fla