Section 9 & 10

Question 1

Protocol Data Units (PDU)

Answer 1

the info used by the different protocols provided in frame segments

Question 2

Ethernet Frame

Answer 2

FCS, Data, ACK, Sequence, Source Port, Dest Port, Source IP address, Destination IP address, source MAC, Destination MAC

Question 3

IP Packet

Answer 3

Data, ACK, Sequence, Source Port, Dest Port, Source IP address, Destination IP Address

Question 4

TCP & UDP

Answer 4

Data, ACK, Sequence, Source Port, Dest Port

Question 5

TCP

Answer 5

connection Oriented. Internet uses TCP

Question 6

UDP

Answer 6

Connectionless oriented. One-way communication

Question 7

TCP 3-way handshake

Answer 7

clients initiate contact with servers with a SYN. Servers send back a SYN/ACK. Then Client sends an ACK to the server

Question 8

ICMP (Internet Control Message protocol)

Answer 8

works at the IP layer. No port numbers or data. Ex: Ping

Question 9

IGMP (Internet Group Message Protocol)

Answer 9

Internet layer of TCP/IP model. Provides multicast support. Multicast address always start with 224

Question 10

Both tracert (Windows) and traceroute (Linux) commands

Answer 10

display the hops through a router to reach a destination.

Question 11

Using the alternative command “pathping”

Answer 11

can get a quick ping response from the routers.

Question 12

Bandwidth speed testing

Answer 12

helps verify the upload and download speeds to an individual computer.

Question 13

Wireshark

Answer 13

protocol analyzer. Allows us to dismantle everything going on in the system. Display the traffic flow of Ethernet frames and can drill down into the frame-viewing various protocols, ports, timelines, and services

Question 14

Netstat

Answer 14

lists all the open ports and connections on your computer

Question 15

Netstat commands

Answer 15

netstat -n presents the results numerically, netstat -b shows the executable for every connection, netstat -a shows all the open ports, netstat -r shows the local routing table

Question 16

HTTP

Answer 16

port 80, HTTPS uses TCP port 443 by default
Web sites host web servers: Web clients access Web servers
Anonymous accounts enable public access to FTP servers
FTP is not an encrypted protocol. SFTP is a more secure FTP. FTP servers listen on port 21 and send data back to the clients on port 20

Question 17

Traditional email

Answer 17

SMTP (Simple Mail Transfer Protocol) - port 25
IMAP (Internet Message Access Protocol v4) - port 143
POP3 uses port 110
All 3 port numbers are not encrypted
Implementing TLS
IMAP 143 -> 993 encrypted
POP3 110 -> 995 encrypted
SMTP 25 -> 465 encrypted
STARTTLS
IMAP, POP3, SMTP - Port 465
TLS/STARTTLS conflicted with Port 465
STARTTLS changed to port 587

Question 18

Telnet enables you to access a remote computer.

Answer 18

Telnet runs on TCP port 23
Telnet (unsecure) and SSH (secure) are both terminal emulators
SSH runs on TCP port 22
SSH uses an authentication key
Rlogin is not secure uses port 513 - replaced with SSH

Question 19

Network Time protocol

Answer 19

NTP runs on port 123
Hundreds of protocols rely on NTP
A system with incorrect time can cause trouble on a network

Question 20

DHCP Issues

Answer 20

IP reservation- reserve ip addresses for stuff that you dont want to change
Reduce your DHCP scope as much as possible
MAC reservation- can be used to define devices that have top priority for address assignment
Exhausted DHCP Scope- not set enough ip addresses aside for the scope. Coffee shop example

Question 21

IPAM

Answer 21

keep track of all IP addresses. Automatically create new DHCP scopes, set reservations, generate new blocks of addresses, and can keep your systems running no matter what happens

Question 22

Domain Name System (DNS)

Answer 22

resolve IP addresses from Fully Qualified Domain Name (FQDN) ex: www.totalsem.com
Typing ipconfig /all will show DNS server information
Computers and DNS servers cache IP address information for a time to enable faster resolution.

Question 23

Interior DNS

Answer 23

.local to show it’s an internal domain

Question 24

Authoritative DNS server

Answer 24

lookup zones

Question 25

SOA (start of authority)

Answer 25

the DNS that is the primary DNS server for the zone

Question 26

A record, AAAA record

Answer 26

A record= IPv4
AAAA record=IPv6

Question 27

Canonical name (CNAME)

Answer 27

makes an alias name, or “known name”, often created for user interfacing

Question 28

Reverse lookup zone

Answer 28

resolve an ip address to a fully qualified domain name

Question 29

Forward lookup zone

Answer 29

fully qualified domain name to ip address

Question 30

SRV record

Answer 30

VOIP systems. Instead of making a unique type for every possible system you have a SRV record

Question 31

TXT record

Answer 31

DKIM and SPF. SPF record looks and accepts any email that comes from this specific IP. DKIM allows us to authenticate any individual person trying to use the e-mail as a legitimate user. Used to reduce spam

Question 32

NET Command

Answer 32

net view- great way to make a quick and dirty look of what computers can my system see within my work group
net user- a quick i forgot who I logged in as are what am I right now.
net use- when you map a drive what you’re doing is you’re assigning a drive
letter to that particular shared folder.
net share-
net accounts- Net accounts is a pretty handy way to get an idea of what type
of settings you have for all of your accounts.
net start- showing you right here are all of the different services that are network based that are running on this particular system.
net stop-

Question 33

Netbios

Answer 33

is an old protocol that manages the connections based on the names of the computers within a LAN

Question 34

Link Local Multicast Name Resolution (LLMNR)

Answer 34

runs on UDP port 5355 and is a vastly improved name resolving server much better than NetB10S
nbtstat- diagnostic command that can be useful, but has some issues with LLMNR

Question 35

Registered names

Answer 35

names sent out into the world and confirms who you are

Question 36

Dynamic DNS (DDNS)

Answer 36

will go out onto the Internet and it will talk to a DNS service and there are companies out there that provide dynamic DNS as a service and they will talk and they’ll grab the WAN IP address. And these dynamic DNS service companies have their own DNS servers and my WAN IP address will be placed onto a domain name of my choosing.

Question 37

Dynamic DNS

Answer 37

enables you to use a DHCP-assigned IP address for connection. DDNS providers can update IP information.

Question 38

DNS troubleshooting

Answer 38

Try an IP address to test without DNS. Check for misconfiguration. Type “ipconfig /displaydns” in the command prompt. Type “nslookup” in the command prompt. Run nslookup to see default DNS server information. Use ping to check connectivity to an FQDN.
Run ipconfig /flushdns to clear the DNS resolver cache