The Bits and Bytes of Computer Networking Flashcards
If a computer were to perform a full DNS lookup using TCP, how many packets would have to be sent between it and all name servers?
44
Using UDP, how many packets would need to be sent to perform a full DNS look up?
8
What Transport layer protocol does DNS normally use?
UDP (User Datagram Protocol)
A DNS TTL determines what?
How long a DNS entry is allowed to be cached in the Recursive Server
What is DNS Round Robin?
A method of load balancing where multiple IP addresses are assigned to a domain name. During DNS Resolution, all IPs are shared but the order rotates in each look up to spread out traffic.
In DNS Resolution, what is an A Record used for?
To point a certain domain name at a certain IPv4 IP Address
What is a AAAA - Quad A Record?
Used to point a domain name at a certain IPv6 IP Address during DNS Resolution
What is a CNAME Record?
Canonical Name Record
Used to redirect traffic from one domain to another (Eg: microsoft.com to www.microsoft.com). Setting up a CNAME means you only need to update the IP of one domain name if it changes.
What is an MX Record?
Mail Exchange Record
Used to deliver email to the correct server
What is an SRV Record?
Service Record
Used to define the location of various specific services.
(Like how MX is for email, SRV is for many service types)
What is a TXT Record?
Text Record
Used to provide the ability to associate text with a zone. This record allows domain administrators to insert any text content into DNS records. These records are used for various purposes. One example is ownership validation: To prove you own the domain, a provider may require you to add a TXT record with a particular value to your domain.
What are the 3 main parts of a domain name?
1) Subdomain - Or Host Name, eg: www.
2) Domain - The name portion, eg: google in google.com. Stored on the Authoritative Name Server.
3) TLDs (Top Level Domains) - the final portion of the domain name, eg: .com. Stored on TLD Name Servers.
How does UDP differ from TCP when transmitting data?
TCP requires constant connection and acknowledgement for every segment of a data packet to ensure nothing is lost
UDP just sends the data to it’s destination port. No string of acknowledgement means more available bandwidth. Good for streaming videos where a few missing frames won’t matter
Cat 5, Cat 5e, and Cat 6 cables are made with increasingly strict specifications to avoid _______.
Crosstalk
What does BGP stand for?
Border Gateway Protocol
What does Modulation do when transmitting data across cables?
Modulation is a way of varying the voltage of the charge moving across a cable in a constant ‘on’ state.
What does the Physical Layer consist of?
Devices and cables, means of transmitting bits across a computer network
What are the 2 main network protocols?
-TCP (Transmission Control Protocol)
-IP (Internet Protocol)
What does UDP stand for?
User Datagram Protocol
What is Crosstalk?
When an electrical pulse on one wire is accidentally detected on another wire
When a TCP Socket sends a FIN, but the corresponding ACK from the other end hasn’t been received yet, what will it’s state be?
FIN_WAIT
What does the TCP socket state SYN_SENT mean?
A synchronization request has been sent, but the connection hasn’t been established yet. (Client side only)
When a TCP Connection is ready to be closed, a four-way handshake occurs, in order, what TCP Flags are sent?
1) FIN - I’m ready to close the connection
2) ACK - I hear you
3) FIN - I am also ready to close the connection
4) ACK - Cool, let’s stop being connected
Every time a TCP connection is established, a ____________ occurs.
Three-way handshake
What TCP Flags in the correct order are involved in the Three-Way Handshake?
1) SYN - Let’s connect! Look at my sequence number field so we know where the conversation starts!
2) SYN/ACK - Sure, let’s connect! I acknowledge your sequence number!
3) ACK - I acknowledge your response, let’s start sending data!
What is POP?
Post Offic Protocol
A way for email clients to retrieve emails from a mail server before storing them locally. This is good for temporary or intermittent internet connections
What is an ethernet frame?
A data packet at the ethernet level, on the data link layer
What are two other names for the Data Link Layer in network models?
1) Network Interface Layer
2) Network Access Layer
Routers sharing data using __________ protocols are all under control of the same organization.
Interior Gateway Protocols
What is a Link State Protocol?
When all routers on an autonomous system share their state with eachother in order to determine the best routing path more quickly than distance-vector protocols
A device that knows how to forward data between independent networks on the network layer, is what?
A router!
What are the layers in the Fiver-Layer Network Model?
1) Physical Layer
2) Data Link Layer
3) Network Layer
4) Transport Layer
5) Application Layer
What does the Transport Layer do?
Sorts out which client and server programs are supposed to receive data
Name the 7 main parts of an Ethernet Frame
1) Preamble
2) Recipient MAC
3) Sender MAC
4) Ether Type Field
5) Data/Payload
6) Pad
7) FCS
What are the seven layers in the OSI Networking Model?
1) Physical Layer
2) Data Link Layer
3) Network Layer
4) Transport Layer
5) Session Layer
6) Presentation Layer
7) Application Layer
What are the two most common materials used in networking cables?
Copper and Fiber
What is the SFD?
Start Frame Delimiter
The last byte of the preamble in an Ethernet Frame, letting the receiving device know the preamble is over and actual frame contents will now follow
What are the two categories that make up Interior Gateway Protocols?
Link State Protocols
and
Distance-Vector Protocols
What does OSI stand for?
Open Systems Interconnection
Which network layers do switches and hubs belong to?
Switches belong to the Data Link Layer
Hubs belong to the Physical Layer
What is a Collision Domain?
A network segment where only one device can communicate at a time
What is the FCS?
Frame Check Sequence
A 32 bit (or 4 byte) number that represents the checksum value for an entire ethernet frame
What does DHCP stand for?
Dynamic Host Configuration Protocol
What are the 3 primary types in the IP Address Class Sytem?
Class A (1st Octet = 0-127)
Network ID = Octet 1, Host ID = Octets 2,3,4
Class B (1st Octet = 128-191)
Network ID = Octets 1,2, Host ID = Octets 3,4
Class C (1st Octet = 192-223)
Network ID = Octets 1,2,3, Host ID = Octet 4
Routers use ______________ protocols when they need to share information across different organizations
Exterior Gateway Protocols
What is an ASN?
Autonomous System Number
Numbers assigned to individual Autonomous Systems
What does ARP stand for?
Address Resolution Protocol
What is a multicast frame?
A network transmission sent to all devices on the network, but is accepted or discarded by each device depending on criteria other than their own MAC address
What port does DNS listen on?
53
What is an Authoritative Name Server?
It is responsible for the last 2 parts of any domain name, where a single organization may be responsible for DNS lookups
When a TLD name server receives a DNS lookup, what does it tell the computer performin the name lookup?
Which authoritative name server to contact for name resolution
What is a TLD?
Top Level Domain
The last part of any domain name (.com, .org etc)
What are Root Name Servers responsible for?
Directing queries from the recursive name server to the appropriate TLD server to match a domain name with an IP address
How many total Root Name Servers are there?
13
Which 2 types of DNS servers are generally provided by your ISP or Local Area Network to store known domain name lookups for a certain amount of time?
Caching Name Servers and Recursive Name Servers
What are the four main parts of a standard modern network configuration?
-IP Address
-Subnet Mask
-Gateway for a host
-DNS Server
What TCP socket state confirms the TCP connection is in working orer and that both sides are now free to send eachother data?
ESTABLISHED
What does a TCP socket state of SYN-RECEIVED mean?
A socket previously in a LISTEN state has received a synchronization request and has sent a SYN/ACK back. (Server side only)
The TCP socket state ___________, means a TCP socket is ready and waiting for invoming connections
LISTEN
(Server side only)
What are the 6 types of TCP Flags?
URG (Urgent)
ACK (Acknowledge)
PSH (Push)
RST (Reset)
SYN (Synchronize)
FIN (Finish)
What is the Application Layer?
It allows network applications to communicate in a way they understand
What is the Transport Layer?
It allows traffic to be directed to specific network applications
What is the TCP responsible for?
Reliable delivery of information from one network to another using a constant stream of acknowledgements
How many bits are there in an IPv6 address?
128 - Separated into 6 groups
What is CSMA/CD for?
Carrier Sense Multiple Access with Collision Detection
Ethernet protocol on the data link layer
Used to determine when the communication channels are clear and when a device is free to transmit data
What does the Network Layer do?
Allows different networks to communicate with eachother using devices known as routers
What is SMTP?
Simple Mail Transfer Protocol
A standard method of outgoing communication via email, sending messages to a mail server for relaying
(Using port 584 or 465)
What does URL stand for?
Uniform Resource Locator
What does a Firewall do?
Blocks traffic that meets a certain criteria such as a range of IPs or certain ports
What networking layer are Firewalls primarily used on?
The Transport Layer
In the transport layer, what is a Port?
A 16-bit number that’s used to direct traffic to specific servers/services running on a networked computer
What are multiplexing and demultiplexing?
(Transport Layer)
Multiplexing is when the nodes of the network direct traffic towards many different receiving services
Demultiplexing is when traffic all aimed at the same node is delivered to the proper receiving service
How many bits are reserved for TCP Flags?
6
Ports that are generally used to establish an outbound connection are known as ______ ports.
Ephemeral
Ports 1024-49151 are known as ________ ports.
Registered or User Ports
Ports 1-1023 are known as _________ ports.
System Ports
Which network layer is this:
Protocol = HTTP, SMTP, etc
Protocol Data Unit = Messages
Addressing = n/a
The Application Layer
Which network layer is this:
Protocol = IP
Protocol Data Unit = Datagram
Addressing = IP Address
The Network Layer
Which network layer is this:
Protocol = TCP/UDP
Protocol Data Unit = Segment
Addressing = Port Numbers
The Transport Layer
Which network layer is this:
Protocol = Ethernet, WIFI
Protocol Data Unit = Frames
Addressing = MAC Address
The Data Link Layer
Which network layer is this:
Protocol = 10 Base T, 802.11
Protocol Data Unit = Bits
Addressing = n/a
The Physical Layer
What are the 4 steps in DHCP Discovery?
1) Server Discovery Step - Client machine sends DHCPDISCOVER message
2) DHCP server decides how and if it will assign an IP via DHCPOFFER
3) Client machine inspects the DHCPOFFER and if it wants to accept responds with DHCPREQUEST
4) Server responds with DHCPACK and the client is now able to use the network
What port are DHCP discovery messages always sent on?
68
What is NTP?
Network Time Protocol
Used to keep all computers on a network synchronized in time
How are DHCP Dynamic Allocation and Automatic Allocation different?
Both have a range of IP addresses set aside for assignment, BUT
-Dynamic allocation happens with each instance of connection and the IP address assigned to the device can change between connections
-Automatic Allocation has the DHCP server keep track of assigned IPs and if possible will assign the same IP when the device connects again
In a FQDN, how many characters can each section be?
63
In a FQDN, what is the total character limit?
255
How many levels of domain can DNS technically support for a single FQDN?
127
What is an FQDN?
Fully Qualified Domain Name
A combination of subdomain (www.), domain (google), and Top Level Domain (.com)
A TCP socket state of ____________ means that the connection has been fully terminated and that no further communication is possible
CLOSED
What does the TCP socket state CLOSE_WAIT mean?
The connection has been slosed at the TCP layer, but the application that opened the socket hasn’t released it’s hold on the socket yet
What is a TCP socket?
When an IP address is followed with a colon and the service’s port number
Ports are normally denoted with a _____ after the IP address (aka socket number or socket port)
Colon
If the least significant bit in the first octet of a destination address is set to ONE, it means you’re dealing with a _________.
Multicast Frame
What does a PTR do?
Pointer Resource Record
Resolves an IP into a name
What network layer does DHCP belong to?
Application layer
What are the 5 primary types of DNS servers?
1) Caching Name Servers - Stores IP addresses of known sites for a while
2) Recursive Namer Servers - Finds IP addresses to match web domain names
3) Root Name Servers
4) TLD Name Servers
5) Authoritative Name Servers
What is DHCP Fixed Allocation
Usually used for security - The DHCP has a list of MAC addresses and corresponding IPs for assignment. If the device MAC is not found ther server could either fall back to Automatic/Dynamic allocation, or refuse to assign an IP altogether
What is Port Forwarding?
A technique where speific destination ports can be configured to always be delivered to specific nodes - Good for NAT
What type of DNS server performs a full name resolution request?
Recursive Name Servers
An IT systems engineer creates a new DNS zone that contains PTR resource records. Which zone type has been created?
Start of Authority (SOA)
What is the IP responsible for?
Internet Protocol is responsible for delivering packets to the right destination
What is the TTL Field?
Time to Live
An 8-bit field in an IP datagram that indicated how many router hops a datagram is allowed before it is thrown away
A transmission that is meant for just ONE receiving address is known as what?
A Unicast Transmission
An ________ in computer networking is any number that can be represented by 8 bits
Octet
A Unicast Transmision is sent out to a single destination when the least significant bit in the first octet is set to ______.
Zero
What are the three types of ethernet transmission?
Unicast
Multicase
Broadcast
What is an Ethernet Broadcast?
Uses a broadcast address (MAC is all Fs, FF:FF:FF etc) to send information to all devices on a network
Define Subnetting
The process of taking a large network and spliting it up into many individual and smaller subnetworks
What is NAT?
Network Address Translation
Lets organizations use on public IP address and many private IP addresses within the network. The router will rewrite the sending IP with it’s own before sending a packet out, and will rewrite the destination address when receiving a packet to reach the correct device
What is IMAP?
Internet Message Access Protocol
A way for email clients to retrieve emails from the server online, where they are stored.
(Typically listens on port 143)
What is a preamble?
A 64-bit header at the start of an ethernet frame letting the receiving node know that an ethernet frame is coming
What is an OUI?
Organizationally Unique Identifier
The first 3 octets of a MAC address assigned to individual hardware manufacturers by the IEEE
What is the IEEE
Institute of Electrical and Electronics Engineers
What is the difference between a static IP address and a dynamic IP address
-Static IP addresses must be manually configured on a node, usually for servers or network addresses
-Dynamic IP addresses are automatically assigned via DHCP when a new device is connected to the network
What is DHCP?
Dynamic Host Configuration Protocol
A protocol that automatically assigns an IP address to a new device connecting to the network
What is Duplex Communication?
The concept that information can flow in both directions across a cable
What is half-duplex communication?
When information can flow both ways across a cable but only one device can speak at a time
What is the most common plug in cable networking
Registered Jack 45 (RJ45)
Most network ports have 2 small LEDs, what are they called?
Link LED and Activity LED
In a network port, what is the Link LED for?
It lights up when a cable is properly connected to two devices that are both powered on
What does a Distance-Vector Protocol do?
A router uses this to share it’s routing table with other routers, showing that path it plans to use when sending data. If a more effiecient path with less router hops exists, other routers will share this data and the routing table will be updated
What are the two main categories for routing protocols?
Interior Gateway Protocols, and Exterior Gateway Protocols
_________________ is a way to represent numbers 0 to 15 using the following characters - 0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F
Hexadecimal
What is the function of a patch panel?
It acts as a container for many runs of cabling. To have any further function it requires network connection via other cables.
What is a packet at the Network Layer called?
An IP Datagram
What does CIDR stand for?
Classless Inter-Domain Routing
Simplifies subnet masks by adding /__ to signify the subnet mask
eg: 9.100.100.100/23
What is a MAC address?
Media Access Control Address
A globally unique identifier for each device attached to an individual network interface. A 48-bit number normally represented by 6 groupings of 2 hexadecimal numbers
What is a CRC?
Cyclical Redundancy Check
Uses math to calculate a number representing a larger set of data. This should always match the checksum number to confirm data has arrived uncorrupted
When modulation is used for networking, it is known as ______.
Line coding
What is an MTA?
Message Transfer Agent
(AKA Mail Relay, Message Server, Mail Host)
The servers that receive emails and pass them along to their destinations
What does the Data Link Layer do?
It is responsible for defining a common way of interpreting network signals so network devices can communicate
What is the Ether Type Field?
The portion of an ethernet frame that tells the recipient basic data and protocols, such as IPv4 or IPv6, but not higher level data like email or web page.
Routers share data with eachother via THIS protocol, which lets them learn about the most optimal paths the forward traffic
Border Gateway Protocol (BGP)
In a network port, what is the Activity LED for?
It flashes when data is being actively transmitted accross the cable
When we move data across a network, we break it down into _______.
Packets
How many bits are there in an IPv4 address?
32 - Separated into 4 groups
What is ARP?
Address Resolution Protocol
A protocol used to discover the hardware address of a node with a certain IP address
What is a switch?
A device that allows for connections from many computers at once, and insects the contents of data being sent for the destination, ensuring it is only forwarded on to the intended device to reduce noise/interference
What is a hub?
A device that allows for connections from many computers at once. All devices connected this way communicate in a Collision Domain and it is up to each device to determine if incoming data is meant for them or if they should ignore it
What does the command ‘set debug ______’ do?
(_____ = websitename)
It displays the site’s full response packets down to TTL remaining or the serial number of the zone file the request was made against
What is the range of IP addresses for Level 3s public DNS servers?
4.2.2.1 through 4.2.2.6
What is the loop back IP for IPv4?
127.0.0.1
(Sends traffic in a loop right back to itself)
What is a Hypervisor?
A piece of software that runs and manages virtual machines while also offering these guests a virtual operating platform
What is IaaS ?
Infrastructure as a Service
Every IPv6 address beginning with 2001:0db8: has been reserved for ___________
Documentation, education, or for books and courses
Any IPv6 address that begins with FF00:: is reserved for ________
Multicast transmissions
Any IPv6 address that begins with FE80:: is reserved for ________
Link-Local Unicast
(This allows for local network segment communications and are configured based upon a host’s MAC address)
What record with ‘nslookup’ provide by default?
The website’s A Record
(Matching the DNS domain name with the IPv4 address assigned to it)
What command similar to ‘ping’ can be run in Windows but will show more detail?
Test-NetConnection google.com
(any website name can follow)
What does a -v flag mean with issued with a command like Netcat?
-v = Verbose
Verbose means lots of talking, so this command with share many details about a port’s status
If you issued the Netcat command with a -z flag, what would that do?
-z = Zero input/output mode
(This just lets you know the status of the port with no additional details)
What 3 things are required to run the Netcat tool command?
nc
nc host
nc hose port number
For example:
nc google.com 80
What 2 tools would you use to test connectivity at the Transport Layer?
netcat - Linus and MacOS
Test-NetConnection - Windows
How long does a pathping run in Windows before displaying aggregate data?
50 seconds
What tools are similar to Traceroute, but longer running?
mtr on Linux and MacOS
pathping on Windows
How would you run a Traceroute for Google.com in Windows?
tracert google.com
In Linux and MacOS, to run a Traceroute, you would type ____________________
traceroute google.com
What command is typed for a ping?
ping followed by an IP
Example:
ping 1.100.100.100
Traceroute works by manipulationg the ___________ field at the IP level.
TTL field
What is a Traceroute?
A utility that lets you discover the path between two nodes, and gives you information about each hop made along the way
Unlike Windows which responds to the Ping command with 4 echo requests, MacOS will continue until stopped. How would you interrupt a MacOS Ping?
By pressing the Control and C keys at the same time
What does an ICMP Echo Request do?
Asks a destination if it is there, and if it is functioning the destination will send back an Echo Reply
Ping lets you send a special type of ICMP message called an ________________
Echo Request
What is ICMP
Internet Control Lessage Protocol
(Used to communicate why a transmission has failed back to the origin of the transmission - Mainly used by routers and remote hosts)
What is MAC filtering?
When you configure your access points to only allow for connections from a specific set of MAC addresses belonging to devices you trust
How many bits are in a WPA encryption key?
128 bits
For an 802.11b network at a 2.4 ghz frequency, what are the only 3 channels that don’t overlap?
1, 6, and 11
What is WEP?
Wired Equivalent Privacy
(An encryption technology that provides a very low level of privacy on wifi, making it equal to contained wires transmitting data)
What are network channels?
Individual, smaller sections of the overall frequency band used by a wireless network. Helps avoid wireless collision domains.
What is a Mesh network configuration?
When lots of devices are constantly communicating with eachother wirelessly, forming a Mesh. Usually this is just many access points, increasing wifi range and performance.
What is a WLAN network configuration?
Wireless Local Area Network
(One or more access points act as a bridge between a wireless and a wired network)
What is an Ad-Hoc network configuration?
When there is no network infrastructure - All devices/nodes involved with the network communicates with every other device in range. This is similar to file sharing with phones.
What are the 5 most common 802.11 specifications?
b, a, g, n, and ac
In an 802.11 frame, there are 4 address fields. What are they?
-Address 1 - Source MAC
-Address 2 - Intended destination MAC
-Address 3 - Receiver Address (The MAC of the access point that should receive the frame)
-Address 4 - Transmitter address (The MAC of whatever device has just transmitted the frame)
802.11 protocols define how we operate at these 2 network layers
Physical Layer
and
Data Link Layer
The most common specifications for how wireless networking devices should communicate are defined by the IEEE ______ standards.
802.11
Define WAN
Wide Area Network
Acts like a single network, but spans across multiple physical locations (most useful when sending large amounts of data with many network users)
How fast is a T1 line?
1.544 Mb/s
How many bits does WEP use in it’s encryption keys?
40 bits
Mostly outdated and replaced by WPA2
T1 is short for _____________
Transmission System 1
What is WPA2?
Wifi Protected Access 2
And upgraded version of WPA with an encryption key of 256 bits instead of 128
What is WPA
The first version of Wifi Protected Access
(A replacement for WEP to provide wifi security via encryption)
What is an ONT?
Optical Network Terminal
Like a modem, but for fiber.
It converts data from protocls the fiber network can understand to those more traditional twisted-pair copper networks can understand
Instead of a modem, the demarcation point for Fiber Technoligies is known as ________
Optical Network Terminator
(ONT)
What is FTTX?
Fiber to the X
Where is is fill in the blank
Define the following:
FTTP
FTTB
FTTH
FTTN
Fiber to the Premesis
Fiber to the Building/Business
Fiber to the Home
Fiber to the Neighborhood
What is DSL?
Digital Subscriber Line
A method of using a different frequency for networking on copper phone lines that was faster at transferring data and didn’t interfere with calls
What does Broadband refer to?
Any connectivity that isn’t dial-up internet. This type of connection is always on and the links are always present
What is a Baud Rate?
A measurement of how many bits can be passed across a phone line in one second
What does Modem stand for?
Modulator, Demodulator
Takes computer data and uses the phone lines (POTS) to turn it into audible wavelengths for transmission between computers
Which 2 IPs are used by Google to operate their public name servers?
8.8.8.8
and 8.8.4.4
What is the loopback address for IPv6?
::1
What command executes a DNS Resolver Tool that is used to get details on a website’s server?
nslookup
What is Virtualization
A single physical machine called a Host, that can run many individual virtual instances, called guests
What are PaaS and SaaS?
Platform as a Service, and
Software as a Service
What are the 2 rules for shortening IPv6 addresses?
1) You can remove any leading zeros from a group
2) Any number of consecutive groups composed of just zeros can be replaced by 2 colons
The first 64-bits of any IPv6 address represent ________, and the second 64-bits represent ___________
The first 64 bits = The network ID
The second 64 bits = The host ID
