TCP/IP Basics

Question 1

IP Packet

Answer 1

Composed at Layer 3, includes IP info and payload from Layer 4

Gets encapsulated at Layer 2

Question 2

Internet Control Message Protocol

Answer 2

ICMP

Important role in error reporting and diagnostics

Operates at Layer 3

Question 3

Transmission Control Protocol

Answer 3

TCP

Connection-oriented protocol

Question 4

User Datagram Protocol

Answer 4

UDP

Connectionless protocol

Question 5

Three way handshake

Answer 5

Part of TCP

SYN - SYN-ACK, ACK

Sender sends syn, receiver responds with syn-ack, sender sends final ack

Question 6

Main TCP Header parts

Answer 6

Source Port - Destination Port - Sequence Number - Acknowledgement Number

Will also include:

Flags: individual bits that give info on state of connection
Checksum - recipient can use this to validate data

Question 7

User Datagram Protocol

Answer 7

UDP

Unlike with TCP, data does not get segmented in Layer 4.

Question 8

UDP Datagram Header

Answer 8

Source port - destination port - length - checksum

Question 9

Universal Broadcast MAC Address

Answer 9

FF-FF-FF-FF-FF-FF

Question 10

CLI terms to get IP and MAC on:

MacOS
WinOS
Linux

Answer 10

ifconfig
ipconfig /all
ip (or ifconfig, but that is depreciated)

Question 11

Bits in an IP(v4) address?

Answer 11

32

4 octets

Question 12

Network ID

Answer 12

The shared portion of clients on a LAN

client unique portions will be written as a 0

Question 13

Default Gateway

Answer 13

IP address of the router for a LAN

Frequently will be given the lowest or highest possible IP address within the network ID range

Question 14

Subnet mask

Answer 14

Series of ones followed by zeroes

The ones stop where the network ID stops in dotted decimal, generally.

Computers can compare their IP with another against the subnet mask - if they are identical up to where the ones stop, they share the same subnet.

Question 15

Address Resolution Protocol

Answer 15

ARP

An ARP request broadcasts to all MAC addresses on LAN. Sends destination IP, gets a response from destination IP with corresponding destination MAC, allows NIC to create frame with destination now

Question 16

CIDR notation

Answer 16

/[NUMBER]

Number = the number of ones in the subnet mask

Automatically know the subnet mask from CIDR notation

Question 17

IP Class Blocks

Answer 17

Sections of IP addresses distributed out to ISPs

Question 18

Class A addresses

Answer 18

First octet 1-126

Subnet mask always 255.0.0.0

Binary always starts with 0xxxxxxx.

Question 19

Class B addresses

Answer 19

first octet 128-191

Subnet mask always 255.255.0.0

Binary always starts with 10xxxxxx.

Question 20

Class C addresses

Answer 20

first octet 192-223

Subnet always 255.255.255

Binary always starts with 110xxxxx.

Question 21

Class D addresses

Answer 21

First octet 224-239

Binary always starts with 1110xxxx.

Question 22

Class E addresses

Answer 22

First octet 240-255

Binary always starts with 1111xxxx.

Question 23

Multicast

Answer 23

Sending a packet to a group of specific computers from one source

Question 24

Anycast

Answer 24

sending a packet to the nearest computer of a pool that share the same address

Question 25

CIDR

Answer 25

Classless Interdomain routing

Question 26

Subnet Host Calculation

Answer 26

2^x - 2

x = number of 0s in the subnet mask’s binary representation

Remember - subnet masks always have 32 digits, so just subtract the /number from 32 to get your 0s.

Question 27

Available Subnet Calculation

Answer 27

Start with your Network ID and convert to binary

Then move to the right y number of digits

2^y = the number of subnets you are creating

Question 28

Manual Dotted Decimal to Binary Conversion

Answer 28

128 64 32 16 8 4 2 1

If the number in your dotted decimal is greater than the leftmost number above, subtract the left-most number from dotted decimal value. Assign a 1 to the first binary value. Take remaining value and place it above next value. If it is more, follow same process. If not, assign a 0 to the respective binary value and move on down the line.

Question 29

Convert binary to dotted decimal

Answer 29

128 64 32 16 8 4 2 1

Write the binary under each number, add the numbers that have a 1 under them.

Question 30

4 basic network assignment principles

Answer 30

1) Default gateway should get the first or last IP address in the network ID
2) Try to use IP addresses in sequential order
3) Separate servers from clients - keep servers in blocks of addresses
4) Document it all

Question 31

DHCP Server Port
DHCPS Client Port

Answer 31

UDP - 67
UDP - 68

Question 32

DHCP Scope

Answer 32

the pool of available IP addresses it can give out

Question 33

DHCP Relay

Answer 33

Feature of routers to take a DHCP client’s discovery broadcast and send it as unicast to a known DHCP server on the network

Question 34

IP Helper Address
UDP Helper Address

Answer 34

The IP address of the DHCP server given to routers so they can relay broadcasts

Question 35

IP Exclusion Range

Answer 35

A subset of IP addresses you tell the DHCP server not to assign dynamically, setting them aside for static reservation devices (printers, servers, cameras, etc.

Question 36

MAC Reservations

Answer 36

reserving IP addresses on a DHCP server using MAC addresses of clients - any time they get a request from that MAC, they know what to give already

Question 37

APIPA

Answer 37

IP in the range of 169.254.0.0/16

Automatic Private IP Addressing, happens when a DHCP server is unreachable

Question 38

DHCP Release/Renewals for:

Windows
MacOS
Linux

Answer 38

ipconfig /release
ipconfig /renew

sudo ifconfig eth0 down
sudo ifconfig eth0 up

sudo dhclient -r
sudo dhclient

Question 39

DHCP Failover

Answer 39

A pair of DHCP servers that share the same scope, provide redundancy for large enterprises

Question 40

Rogue DHCP Server

Answer 40

A DHCP server connected to the network that is handing out incorrect IP addresses and/or default gateways.

Can be used in cyberattacks

Question 41

Private IP address Blocks

Answer 41

Class A: 10.0.0.0 - 10.255.255.255
Class B: 172.16.0.0-172.31.0.0
Class C: 192.168.0.0-192.168.255.255