TCP applications

Question 1

What is the six step three way TCP handshake

Answer 1

To open - SYN, SYN ACK, ACK (Client, server, client)

To close - FIN, FIN ACK, ACK (server, client, server)

Question 2

What is NTP

Answer 2

Network time protocol is responsible for synchronising computers across a network. This is used in things like kerberos and other security measures to ensure authenticity.

Question 3

What is an application of TFTP?

Answer 3

Trivial file transfer protocol is a lightweight protocol commonly used when interfacing with hardware such as routers. It is not for use across the internet due to its insecure nature.

Question 4

What is ICMP and an application of it

Answer 4

Internet control management protocol is a lightweight protocol that lacks the major overhead that TCP/UDP tends to have, making it useful for router advertisements and commands like ping. It’s a lightweight layer 3 protocol.

Question 5

What is a firewall

Answer 5

A device or software that filters packets between two devices

Question 6

What is IGMP and an application of it

Answer 6

Internet group management protocol is used to set up multi-casting.

Question 7

What is multi-casting?

Answer 7

When a group of computers consent to receiving the same packets and data by sharing an IP address between devices. This ranges from 224.0.0.x-239.255.255.255

Question 8

What is the range of well-known ports

Answer 8

0-1023

Question 9

What is the range of registered ports

Answer 9

1024-49151

Question 10

What is the range of ephemeral/dynamic ports

Answer 10

49151-65535

Question 11

What is a socket and endpoint

Answer 11

Endpoint and socket data is the info stored about a communication partner during a session. This includes IP, ports, TCP/UDP, etc. You see this information when you type netstat commands.

Question 12

What are the four switches to know for netstat

Answer 12

anob (lol)

Question 13

What does netstat -a do

Answer 13

Shows open and active ports

Question 14

What does netstat -b do

Answer 14

Shows application responsible for the session

Question 15

What does netstat -o do

Answer 15

Shows process ID

Question 16

What does netstat -n do

Answer 16

displays addresses and ports in numerical form

Question 17

What are the ports for Telnet/SSH

Answer 17

SSH 22

Telnet 23

Question 18

What are the ports for POP3, IMAP and SMTP

Answer 18

POP 110
IMAP 143
SMTP 25

Question 19

What does a relational database do

Answer 19

Focuses on potential relations between data entries

Question 20

What is a query language

Answer 20

They extract and organize data from databases

Question 21

What is passive FTP, why is it necessary and how does it work

Answer 21

FTP works by sending info on port 21 and receiving on 20
Sending info on port 21 opens up that port for responses, but the info comes back on port 20, which is then denied by your router as it counts as unsolicited information.
Passive FTP works by:
>Sending FTP server info from client
>Server sends random port number back on port 21
>Client then sends data out on the port given by the server
>FTP transaction then takes place using that port, as the client has initiated the session by sending out data on that port and thus can now receive info on that port also.

Question 22

What are the ports for DNS, DHCP and TFTP

Answer 22

DNS 53
DHCP 67/68
TFTP 69

Question 23

What is the port for NTP

Answer 23

123