Networks 4 Flashcards
What kinds of network traffic can I expect to see from a normal switch port?
Unicast
Multicast
Broadcast
What is a SPAN port?
A specially configured switch port to monitor/mirror traffic
What is a TAP?
A physical piece of equipment inserted into traffic flow to monitor traffic
Name 1 pro and 1 con (each device) for the use of a TAP or a SPAN port.
TAP
Pro: can see everything
Con: have to break network
SPAN
Pro: don’t have to break network
Con: only see what switch lets you see
How does APIPA work/what does it do?
It kicks in if you don’t have a DHCP server and no IP is statically assigned
What are the general characteristics of TCP?
Connection-oriented and reliable
Name 4 TCP/IP protocols and the ports they use.
SSH – 22
Telnet – 23
HTTP – 80
HTTPS – 443
What are the general characteristics of UDP?
Simple and fast (streaming)
Name 3 UDP/IP protocols and the ports they use.
DNS – 53 (primarily uses UDP)
DHCP – 68
DHCP – 67
In reference to Wireshark, what is a “capture filter?”
Determines what packets the interface collects
In reference to Wireshark, what is a “display filter?”
What you see of the collected packets
In reference to Wireshark, why should a tech always use a port number, as opposed to the service name, when building display filters especially when it comes to TCP traffic?
Port number filters allow you to see session setup (3-way handshake)
What is the generic operating frequency of IEEE 802.11a devices?
5.2 GHz
What is the generic operating frequency of IEEE 802.11b devices?
2.4 GHz
What is the primary weakness of IEEE 802.11 management frames?
Management frames are NOT encrypted/authenticated
