Intro to Networking
How will the source and destination IP and MAC addresses of a response from the server to a request from a notebook look like travelling on subnet marked III?
#
What information is usually dynamically chosen by a client connecting to a server?
#
Which of the following addresses represents a correct computer address?
#
Which of the following protocols is not a protocol of the TCP/IP application layer?
#
Which statement about possibilities of the author to affect the dynamic nature of pages is not correct?
#
Which of the following combinations represents a minimum network covering these unicast addresses: 10.1.1.106, 10.1.1.111, 10.1.1.119?
(only the last two numbers change so this is a /27 mask)
The default router for a network has address 172.31.219.33/27. Which of the following settings may be a correct computer address in this network?
(the netmask is /27, so the one where only the last 5 bits are changing).
What TLD (Top Level Domain) can we find in the following URI? ftp://sunsite.mff.cuni.cz/Network/RFCs/rfc-index.txt
.cz
How many and how large subnets are required to cover a network with the following needs for number of connected hosts when using VLSM (Variable Length Subnet Mask)?
/n - there are n 1s in the netmask /32 - 1 address,/31 - 2 addresses, /30 - 4 addresses, /29 - 8 addresses, /28 - 16 addresses, /27 - 32 addresses, /26 - 64 addresses, /25 - 128 addresses, /24 - 256 addresses
How many bits are there in an IPv6 address?
128 bits
If an FTP client sends a request to an FTP server on a standard port, which of the following ports may contain the response as a source port?
21 (the response comes over the same channel).
How many times does a CRC calculation (for Frame Check Sequence) run during transmission of a message between end devices in the figure?
2: before it leaves and when it arrives.
If we call the ping program to the address 127.0.0.1, what can we gather from the result:
4 packets transmitted, 0 packets received, 100.0% packet loss None of the packets have been delivered, so something is blocking the connection. The internet might be down and you should contact your ISP, your router may be preventing access to the Internet or the connection between your computer and your router may be severed or blocked.
How many conductors are in a cable denoted as an unshielded twisted pair (UTP)?
8
If a web browser sends a request to a web server on a standard port, which of the following ports may contain a response as a source port?
80 (the response comes over the same channel) HTTP port
What is the purpose of a default gateway?
A default gateway is a router that connects the host to remote network segments. It's the exit point for all the packets in your network that have a destination outside your network.
What addresses does a hub, switch, or router work with?
A hub doesn't use addresses. A switch uses a MAC address. A router uses IP addresses.
Which of the proxy server characteristics is correct?
A proxy server is software that controls the operation of a particular protocol (usually on a local network/Internet interface). It operates either transparently or non-transparently. A transparent version of a proxy server works on a network's border router. The router intercepts a client's request and hands it over to the proxy server. The proxy server checks the request against the rules of the organization's security policy, and if the request is okay, it establishes a connection to the actual destination server as a client and sends the request to it. Once a response arrives, it is checked again (e.g. by an antivirus program) and sent to the client. The advantage of a transparent proxy is that there is no need to change the configuration on the clients - each request reaches the proxy without the client having to know about it. In the case of a non-transparent proxy, a client needs to know about the existence of the proxy because each request needs to be sent to the proxy server and not to the target server. A disadvantage of this solution is therefore that clients need to be properly configured (manually or automatically). An advantage is that the proxy server can run on a more suitable hardware or operating system than the router. But this solution is only available for those protocols that have support for it - the client must specify when sending the request that it is targeted to a proxy rather than to a server. Using proxy servers has also security benefits (the proxy server can filter operations at the application protocol level) and performance benefits (the same request does not have to be sent repeatedly by the proxy server to the actual server; the response can be cached and sent to other clients by the proxy). However, the last point may gradually become less relevant for HTTP, as caching cannot be used together with HTTPS.
What's a proper description of repeater, hub, bridge and switch?
A repeater is a device that receives a signal and retransmits it. Used to extend the range of the transmission. Works on the physical layer. A hub is a device that allows multiple computers to communicate with each other over a network. Hubs broadcast all incoming data to all active ports. Works on the physical layer. A hub is a repeater. A bridge is a device that connects segments of a network together. It can read the MAC addresses and send the data to the appropriate segment. It solves the throughput issue by splitting the collision domain. In a structured network, a bridge is called a switch. It works on the data link layer.
What is the correct sequence of layers in the OSI model from top to bottom?
Application, Presentation, Session, Transport, Network, Data Link, Physical
Mark true statement regarding MAC addresses (in a functional network).
At the data link layer, Media Access Control (MAC) addresses are used. Since they are quite closely connected to hardware, they are sometimes called "physical" address, even though they have nothing to do with the OSI physical layer! Examples of MAC addresses are Ethernet addresses. They are six bytes long and consist of the manufacturer's prefix (3 bytes) and network interface card (NIC) number (3 bytes). The address was originally burned into the NIC and so it was possible to effectively restrict access to network resources by the sender's MAC address. However, current NICs have the MAC address stored in memory and so it can be easily faked. Due to their nature, these addresses cannot be used for internetwork communication since they do not respect any particular network topology.
Which application protocol is used for finding IP addresses corresponding to host names?
BOOTP or DHCP
In which case is destination host addressing not necessary?
Broadcast
What is the primary purpose of the trailer in a data link frame?
Checks the accuracy of the delivery with the Frame Check Sequence (FCS) - error detection and error correction.
comparison of the packet switching and circuit switching method
Circuit-switching - generally used for voice and video calls. When you make a call, the network finds a continuous sequence of nodes needed to connect to the end device. It's fast and provides continuous transfer of data because the line is not bogged down by other users, but it's inefficient (there's unused bandwidth) and unreliable (if a node is broken, the message cannot be sent or the connection ends). Packet switching - this is the principle on which the Internet operates. The data is broken down into smaller chunks (packets) and each packet finds its own way to the target node down different routes. If a node is disrupted, the packet will find a different way to the recipient. This is slower, but more reliable (if a packet is lost, only that packet needs to be resent) and efficient (no bandwidth is wasted).
Which statement about security of SSH access is correct?
Clients verify servers - done by a server certificate or the user decides if the fingerprint of the server key is correct. The application saves this data and doesn't ask again at the next login. The risk of attack is normally very low, verification can generally be skipped. However, if a server we've been using for a while changes its key, it may be a sign of an attack. We should verify with the server administrators or terminate the login, because we're in danger of a "man-in-the-middle" attack. Servers authenticate users Name and password - at this point the communication is already encrypted, so this is safe. Keys - the user has a public key on the server and can prove their ownership with their private key. This is risky because if the account is attacked, the attacker can access other servers and machines. So a two-tier key system can be used: one pair of keys for low importance accounts and one for high importance (where the private key is protected by a password). The less important accounts can have password-less login, but never mutually. The attacker can take a key that has not been password protected and use it to log onto other machines. Theoretically, the attacker has no information about what other machine he should try to log into. However, he has information about other computers from which you are allowed to access this account (just going through the list of stored public keys). So he can try to log into each account from this list, in case you also happen to have reciprocally set up login without a password there. And if so, he'll get to another computer. This is the working principle of Internet worms.
Which command is not an SMTP protocol command according to RFC 821?
Commands: HELO, EHLO, MAIL FROM, RCPT TO, SIZE, DATA, VRFY, TURN, AUTH, RSET, EXPN, HELP, QUIT
What belongs among the tasks performed by the application layer in TCP/IP model?
Covers functions of OSI layers 5, 6 and 7: communication rules between client and server, dialog status, data interpretation
Which statement regarding URI is correct?
Created to enable easier addressing of different services in web browsers. Was meant to be divided into URL and URN, but URN wasn't implemented so now it's interchangeable with URL. Uniform Resource Identifier. Contain a scheme, an authority and a path
What does CRC stand for?
Cyclic Redundancy Check - a hash function
Which of the following statements correctly describes the function of a particular application protocol?
DNS - resolves domain names to IP addresses and vice versa FTP - transferring files SMTP - sending email POP and IMAP - remote access to email HTTP - transfer of web pages Telnet and SSH - remote login to a server and file transfer H.323, SIP, SDP, RTP, RTCP - VoIP NFS, SMB - file system sharing NTP - clock synchronization BOOTP, DHCP - getting an IP address from a network
Which of the following statements about the nature of the DNS protocol is correct?
DNS is a binary protocol that can be used both over UDP and TCP on port 53.
The user is not able to display a web page. When using an IP address in the URL, the page is displayed correctly. Which protocol is responsible for the error?
DNS protocol.
Which statement correctly describes a common implementation of the operation system service "find out the IP address for a given domain name"?
DNS sends a query to a name server in the domain where the query originated. The query will be recursive, which means that the server takes responsibility for complete processing of the query and sending the response. If the selected server does not currently have any relevant information in its cache, it needs to start looking for it. The server has no information about the domains mff.cuni.cz, cuni.cz or cz. It must therefore contact one of the so-called root name servers, whose addresses it has in its configuration. However, these servers do not handle queries recursively - they will only find the most relevant answer to the question in their database and send it. In our case, it will be an answer such as "send your query to the name server named... cz, whose address is...". The server caches this information and continues by querying the proposed server. In this way, all intermediate servers are cached until the query arrives at some authoritative server, which sends the final response. This response is also cached and finally sent to the client.
Which of the following protocols is used in TCP/IP on the application layer?
DNS, FTP, SMTP, POP, IMAP, HTTP, Telnet, SSH, SIP, SDP, RTP, RTCP, NFS, SMB, NTP, BOOTP, DHCP
With what OSI layer is the term Ethernet related?
Data link layer
What information from the packet does every router use to determine the path?
Destination IP address
Mark an existing field (column) of a routing table.
Destination, netmask, gateway, interface, metric.
What is the primary function of CSMA/CD?
Detects if a collision occurs on the communication line. If it does, it stops the transmission, alerts other nodes, then tries again after waiting a while (the wait period increases exponentially).
Which statement correctly describes TCP or UDP?
Differences: TCP is a connection-oriented protocol, whereas UDP is a connectionless protocol. The speed for TCP is slower while the speed of UDP is faster TCP uses handshake protocol like SYN, SYN-ACK, ACK while UDP uses no handshake protocols TCP does error checking and also makes error recovery, on the other hand, UDP performs error checking, but it discards erroneous packets. TCP has acknowledgment segments, but UDP does not have any acknowledgment segment. TCP is heavy-weight, and UDP is lightweight. How each works: How TCP work? A TCP connection is established with the help of three-way handshake. It is a process of initiating and acknowledging a connection. Once the connection is established, data transfer begins, and when the transmission process is finished, the connection is terminated by the closing of an established virtual circuit. How UDP work? UDP uses a simple transmission method without implied hand-shaking dialogues for ordering, reliability, or data integrity. UDP also assumes that error checking and correction is not important or performed in the application, to avoid the overhead of such processing at the network interface level. It is also compatible with packet broadcasts and multicasting.
Which of the following statements about domain names is correct?
Domain names have a hierarchical structure from the right to the left. Top-level domains are the rightmost part. They are administered by a central internet administration called the ICANN. In the past there were only a few domains, some of which were reserved for particular applications, some for specific countries. But now, there's no strict restriction of top-level domains. There can be a hierarchy of domains (second-level domains, third-level domains). For example ".mff.cuni.cz"
On what principle does electronic signature work?
Electronic signatures use a combination of asymmetric cryptography and a hash function. The sender hashes the text and encrypts the hash with their private key, then sends the message, the hash value and the hash algorithm to the recipient. The recipient hashes the text again using the hash algorithm provided and decrypts the hash with the sender's public key. Then it compares the two hash values. If they are the same, the sender is legit.
What properties are required for hash algorithms used in cryptography?
Even a minor change in the original data must produce a drastic change in the hash value, so the hash is "almost unique". The function must be a one-way function: finding a text that corresponds to a given hash must be 'difficult', as must be finding another text that has the same hash value as a given text.
Which statement about IP address types is true? Mark the incorrectly classified IP address (on condition that default network masks have been used).
Every IP address belongs to a class. If it is Class A, then the first byte is the network address and the next three are the host address (netmask /8). If it is Class B, the first and second bytes are network, the third and fourth are host (netmask /16). And if it is Class C, the first three bytes are network and the last is the host address (netmask /24). An address with all zeros is used as the source in a situation where we need to communicate but we do not yet know our address. The address 127.0.0.1/8 is reserved for a special interface existing on each node of the network and representing "this computer", the so-called loopback address. When we need to establish communication between a client and a server both running on our computer, they can both use this address. An address with an all-zeros host part is the network address. The last IP address in the address block of a (sub)network represents a network broadcast, an address that we can use if we want to address all computers in the network. The host part is all ones. In addition to the network broadcast address, which is normally delivered across networks, there is also a limited broadcast (255.255.255.255) that must not leave the network where it originated.
How does the message sender find out which part of the destination IP address pertains to the network and which to the host?
Every IP address belongs to a class. If it is Class A, then the first byte is the network address and the next three are the host address. If it is Class B, the first and second bytes are network, the third and fourth are host. And if it is Class C, the first three bytes are network and the last is the host address. If we use the classless approach, we just look at the netmask.
How does the vertical cooperation work between layers work?
Every layer can only send or receive data from its adjacent layers. This data exchange between layers is called an interface and the exchange format is the Interface Data Unit (IDU). There are several management protocols that represent a kind of link between layers, ARP (Address Resolution Protocol) and ICMP (Internet Control Message Protocol).
What information is added to a packet in course of encapsulation on the network layer?
FIRST WORD - Version, header length, QoS information, packet length SECOND WORD - Fragment identification, flags, fragment offset THIRD WORD - time-to-live, protocol, header checksum FOURTH WORD - Source IP address FIFTH WORD - Destination IP address SIXTH WORD - Options and padding (if necessary)
Which application protocol is used for file transmission?
FTP
Which statement about the nature of the FTP protocol is correct?
FTP is a text-based protocol. The 'control connection' (the one used to transfer commands and responses) occurs on port 21 and the additional data connection occurs on port 20 (ftp-data). FTP is one of the first protocols to identify responses with a 3 digit code. It uses the TCP protocol.
Which of the following statements about FTP security issues is correct?
FTP transported passwords in the clear in the past. That was fixed with the anonymous approach, in which the user is authenticated by an email address, not a password. FTP also does not use encryption.
What steps does the client have to do for correct sending out a packet in case the destination server is not in the same network?
Find a suitable next-hop router and pass the packet to the link layer along with instructions how to get to that router or send the packet to the default router.
Choose a correct statement about router functions.
Find the most efficient route to the destination server, forward packets there, IP filtering.
Which statement about the media used in computer networking is correct?
For local networks, Unshielded Twisted Pair (UTP) cable is used. If there's too much noise, Shielded Twisted Pair (STD) cable is used. Optical Fibre cables propagate an electrical signal by light pulses. It has very low attenuation and a high bandwidth. The downside is the higher price and demanding handling. There are single-mode cables (smaller refraction, longer distance) and multimode cables (larger refraction, used for LAN).
What does not belong among protocol functions?
Functions of protocols: Data Sequencing, Data Flow, Data Routing, Encapsulation, Segmentation & Reassembly, Connection Control, Multiplexing, Ordered Delivery, Transmission Services, Addressing, Flow Control, Error Control.
What doesn't belong among the tasks performed by the network layer in TCP/IP model?
Functions: addressing - network layer protocols define the format and structure of communicating partners' addresses, encapsulation - control data needed for the transfer (namely addresses) must be included into PDU, routing - searching the best way to the target through intermediate networks, forwarding - passing the data from the input network interface to the output one, decapsulation - unpacking the data and passing to the transport layer.
Highlight a task that is not subject to the operation of any transport layer protocol.
Functions: is responsible for end-to-end data transfer, mediates network services for application protocols having various requirements to the transfer channel, allows running of multiple applications (both clients and servers) on the same network node - multiplexing, (optionally) guarantees data transfer reliability, (optionally) segments data for smoother transfer and puts them back together in proper order for applications, (optionally) provides data flow control (e.g. "egress speed")
Which of the following methods ("commands") exists in HTTP protocol?
GET, HEAD, POST, PUT, DELETE, CONNECT
How do we call the protocol used to transmit web pages?
HTTP
How will the source and destination IP and MAC addresses of a packet sent from a notebook to a server look like on the route between routers A and B?
Has the MAC addresses of the routers, the source IP address of the notebook and the destination IP address of the router B.
Mark the header that does not occur in messages according to RFC 822.
Headers: Date, From, Sender, Reply-To, To, Cc, Bcc, Message-ID, Subject, Received
What does the acronym HTML signify?
Hyper-Text Markup Language
What are the functions of ICMP (Internet Control Message Protocol)?
ICMP is an auxiliary protocol that IP networks use to send information about different situations, which can be used to better control the network. The most important types of messages are Destination Unreachable - the router has no way to deliver a packet. This is usually due to a failure to find a matching record in the routing table. ICMP Echo and ICMP Echo reply - used in the Ping program, to test the accessibility of a remote network node. Time Exceeded - related to the TTL field in the IP header, it is used to prevent packets from running in an infinite loop due to an error in the routing tables.
Which protocol provides unreliable data transfer service on the network layer?
IP
The user moved a host to another subnet within the network without VLSM (Variable Length Subnet Mask) and Proxy ARP. Which of the following will certainly have to be changed?
IP Address
What happens when one of the partners sends a TCP packet with a FIN tag?
If either party wants to end the connection, it sends a packet containing the FIN flag. This tells the other party that the sender no longer intends to send any data. Usually, the other party immediately sends a FIN packet as well, but if it does not want to terminate the connection, it can continue to send its data. In that case, the party that FIN has already sent will have to forward its ACK packets so that the connection does not break.
Mark an untrue statement regarding layered network architecture.
In a layered network, communication is split into different layers, each performing a particular task. The layers are independent of each other. Tasks are broken down into smaller, more manageable chunks. If a method is to be changed, only a single layer will need to be reworked, not the entire system. Resources are saved due to cooperation and specialization.
Which statement about the nature of HTTP protocol is correct?
In its basic version (1.1), HTTP is a text protocol. The request and response contain an initial line followed by headers, a blank line and sometimes the body of the document. HTTP runs on TCP port 80. HTTP v2 is a binary protocol, though HTTP became a binary protocol with the introduction of HTTPS.
What procedures does TCP use to ensure data transfer reliability?
In order for TCP to guarantee the completeness of the transmission, a unique identification number must be added to each segment. Each segment contains a Sequence number, which is a relative offset to the beginning of the stream. The Acknowledgement number is the analogous field in the opposite direction. The recipient acknowledges the delivery of a block by sending a packet to the sender with the ACK flag set and the acknowledgement number value set to the end of the data offset that was delivered. It will wait to see if another piece of data is heading to the recipient that it can attach the ACK to. If such data doesn't come, it sends the ACK separately. Similarly, the communication channel would be used inefficiently if the sender had to wait for confirmation of the previous packet before sending any new packets. Therefore, TCP allows both parties to agree on a range of data that the sender may send without waiting for confirmation. This limit is called a window size, and a node may announce a proposed size in the Window field in the TCP header.
Which statement about SMTP extensions for file transmission and diacritics is correct?
In the original email protocol, only ASCII characters were allowed in the message, but people wanted to also transfer other characters and binary files. ESMTP - An extension of the protocol that allows the client and server to agree to accept 8-bit characters. UUENCODE - 3 bytes of the original file are taken, and these 24 bits are split into 4 groups of 6 bits and these are converted to four printable characters using a fixed table. The table has only 26 uppercase messages, 10 digits and 28 special characters. This made the encoded file 33% larger than the original. This way, it is possible to insert an encoded file into the text of an email message by surrounding it with beginning and end lines. The only problem is that the files can only be seen by analyzing the entire text of the message. MIME - solved the problem of structuring emails. It enables sending non-ASCII characters and files. It can encode in either Base64 or Quoted-Printable method. When we choose an encoding type, it is crucial to look at coding efficiency (the ratio of ASCII to non-ASCII characters). If we encode a text containing only non-ASCII characters, in Quoted-Printable we get a code size 300% of the original, compared to the fixed 133% for Base64. For pure ASCII, the code size is slightly above 100%. In addition to advantages in transferring documents, MIME also enables inserting non-ASCII characters into some headers (the Subject). The encoding starts with "=?" followed by an identifier of the character set used, a question mark, an identifier of the encoding ('b' or 'q'), a question mark, the encoded text, and the final sequence "?=".
Mark a true statement about autonomous systems (AS)?
Individual blocks of networks consist of so-called autonomous systems (AS). The exact definition is not very exact, it basically just means networks with a common routing policy. Typically, AS are owned by ISPs or large companies. In 2009, it was necessary to switch from the previous 16-bit AS numbers to 32-bit ones. The purpose of autonomous systems is to unify routing for a whole group of networks at a global level. Routing between the different AS's then takes place on the basis of slightly different conditions than the one that takes place within each AS. It is not the network addresses that play a major role here, but the AS numbers. The protocols we have studied so far are called internal routing protocols (IGPs); so-called external routing protocols (EGPs) are used to manage routing between autonomous systems. The most common representative of an EGP is the Border Gateway Protocol (BGP). The critical features of an EGP are the inclusion of other factors in the evaluation of path metrics (similar to the calculation of path cost in the OSPF) and the avoidance of loops. Therefore these protocols work with a path-vector, a sequence of AS numbers through which the path leads, which prevent loops.
What are the main properties of the Diffie-Hellman algorithm?
Information exchange between two partners via an open channel to get a common secret (e.g. a symmetric key). Based on the mathematical principle of one-way functions The idea is that if both sides keep a secret number and share only products of the one-way functions, then no one else can calculate the final shared secret
Which step follows after the computer running www server reads the Ethernet frame from the network interface card?
It checks the destination MAC address to see if the data has been sent to the correct node. If not, it rejects the packet. If yes, the decapsulated package is passed to the Network layer where the process is repeated.
Which statement about the security aspects of the DNS protocol is correct?
It is difficult for an attacker to get the content of a DNS query and modify it. It is possible to intercept the query in the local network, but afterwards it is not. The other option is to try to guess the contents, but that's near impossible. The attacker can use cache poisoning. They can operate a server for a domain and force the user to send a DNS query to it (by spamming ads). The answer contains a correct answer but there's faked data in the AUTHORITY section that is cached by the user, so the attacker gains control over some queries from the client. The solution is for the client to only cache information from authoritative responses. DNSSEC is an extension of DNS, the essence of which is the signing of all records in the domain with a key that is stored in the parent domain. An attacker who does not know the key cannot forge records, and cannot forge the key without access to the server of the parent domain. The problem with DNSSEC is that to ensure sufficient security, the protocol is extremely complicated, as is the management of signed domains, and as a result it has spread very slowly
Which statement about VLAN is true?
It is used when one physical network needs to be split into multiple logical networks. A principle of the method is to insert a four-byte portion (the so-called VLAN tag) into the frame, after MAC addresses, thus changing the frame type to a special "VLAN type", and the inserted portion carries information about a virtual network number (VLAN ID). But an important feature is that this operation can happen transparently. There are some nodes in a network that need to have access to frames from all virtual networks (e.g. a central router). For them, the mount point is then configured as a so-called trunk, in which case the switch does not do any operations with the frame, and VLAN tag handling is left at the end node. A slight complication is that each frame is lengthened by adding a tag, so that all the network devices that tagged frames pass through must be able to work with frames longer than the maximum allowed. Another option is to inform all stations on the network that the maximum allowable frame is 4 bytes shorter than the standard.
Which of the following statements regarding LAN is true?
LAN means Local Area Network and it is the network that connects computers which are relatively near to one another (in the same building, campus, etc...). There's no clear definition of a Local Area Network. In the past there was, but through time they disappeared and now the difference between LAN and WAN is only in the ownership: LAN is built by a company and is private and the users are mostly employees and customers of the company. WAN is built also by a company, but it's public and the users aren't only the employees of the company.
Which IPv4 address has all ones in the host part?
Local broadcast address.
What type of addresses are used on the data link layer?
MAC addresses
What characteristics in terms of transmission parameters do the following types of applications or protocols have?
Multimedia applications are robust against data loss, but high latency can be critical when used in real time (e.g. phone calls), but doesn't have an effect when watching a movie. If the jitter is high, no multimedia application will work well. High data loss is bad for applications based on entire data transmission, like web or email. It can tolerate some latency, but high jitter is also detrimental.
Which statement about network topology is true?
Multipoint: Bus - all nodes are connected serially to the same media. Can more or less simultaneously receive and send signals. Risk of collisions. Easy to add a new computer to the network, but if the line is disrupted somewhere, the entire network goes down. Star - one segment contains a central device and individual nodes are bound to that. That device is usually a switch. If there is a problem, only a single workstation will go down. Circle - individual nodes are connected in a circle. Token-right and FDDI technologies work this way. Point-to-point: Only two nodes can be connected to each other by a single cable. The range can be extended by replacing a part of the line with another technology, like using a modem to modulate data traffic so it can be transmitted using a telephone connection. The latest group of technologies using the point-to-point model are wireless links based on laser or radio waves.
Which application protocol is used for file system sharing?
NFS or SMB
Mark a true statement regarding nameservers.
Nameserver is a server on the internet specialized in handling queries regarding the location of a domain name's various services. There are three types of name servers: Primary: manages the domain RR database Secondary: downloads and keeps a copy of the RR database Caching-only: keeps just (un)resolved requests within their validity time Every domain must have at least one authoritative (primary or secondary) server. Data exchanges run over TCP with regular query/answer form (send as DNS RRs). Database updates are initiated by secondary servers depending on a period defined by the SOA record. This mechanism reduces the volume of communication between the servers, but it can cause outdated data.
By means of which command can we dump the contents of a routing table?
Netstat -r or router print command
Which OSI layer works with IP addresses?
Network layer
Mark the term, which is not a network layer function.
Network layer functions are: Address scheme - a way to identify individual nodes in the network so that it is possible to distinguish which network they belong to. Routing - a way to find a valid path from a source to a destination network based on the address. Encapsulation - adds an IP header that contains information important for delivery. Forwarding - the principle that a router can receive a packet even though it is not the packet's final destination and tries to deliver it one step further to the destination as if the packet originated directly on the router.
What type of addresses are used on the physical layer?
None
Which statement about the Ethernet is correct?
Originally by Xerox, taken over by IEEE. This caused a split in development and resulted in a different format of the two most common versions of the protocol. The CSMA/CD method is used to deal with collisions on multipoint segments and half-duplex point-to-point segments. Ethernet addresses are 6 bytes long, of which the first three are a card manufacturer's prefix and the second three are the card's own number. The address is stored by the manufacturer into the card; formerly this was done in a fixed way, today it can be changed by software. Can flexibly react to new hardware evolution. Can adapt to a wide range of transmission media.
Mark true statement regarding P2P and/or the client-server application models.
P2P - Client is able to find if some other computer is able to communicate in this application. There's no idea of client and server, all computers are equal. Your application will be able to get data from other partners in the network and it's able to serve. If you are sharing data which is illegal to share, you will get in trouble. Client/Server - Mainly used in TCP/IP. The client needs to know the concrete server address and port number. The server is able to listen to more than one client and serve all of them at the same time.
Choose a correct statement about the purpose and principle of the ping program.
Ping is an essential tool for network diagnosis that is used to test the accessibility of a remote network node. It uses the ICMP Echo and ICMP Echo reply messages. When we run the ping program, it will begin to periodically broadcast ICMP Echo messages to a specified destination machine. When each of these messages reaches the target, its network software will respond with an ICMP Echo Reply. When the answer comes back, ping writes a line with information about how long it took to arrive. The program broadcasts messages with a period of 1 second, until we interrupt it or it has sent a given number of messages. It then prints statistics, i.e. the number and percentage of responses received and the minimum, maximum, average and standard deviation of a value called the round-trip time (bidirectional delay). The important fact is that no special server has to be running on the target machine, ICMP handling is the responsibility of the network software itself. By using ping, however, we will only verify that our packets can travel to and from the target, not that the target will be willing to provide any application services. In reality, the opposite may even be the case: we may be able to make an HTTP connection with a computer even though a ping attempt failed - either the target machine may have ICMP Echo responses disabled in its configuration, or ICMP Echo/Echo reply packets may be withdrawn by some router along the way.
What are ports in OSI 4 used for?
Ports are used to distinguish individual communication channels/applications.
Which device implements a security policy of a local network for using the Internet?
Proxy server
Which of the following statements about RFC is true?
RFC is a means of internet standardization. It is the place where protocols are published. It used to be used for presenting and discussing ideas and publishing data (ex. Changes of computer addresses). This ended in the 70s. The IAB (Internet Advisory Board) controls the publishing of new protocols through the IRTS (Internet Research Task Force) and the IETF (Internet Engineering Task Force) and several working groups. A new protocol receives a number and is published as "for commenting" if the working groups deem it useful. The text of the document never changes, updates to protocols receive new numbers. When there are a sufficient number of changes, the document is reissued with a new number. Number changes can be tracked in an index file called "rfc-index.txt". Old RFCs can be marked as either "Obsolete" or "Updated." It is very important to adhere to the protocol rules, however, many violate the more restrictive ones. The general recommendation is: "Be as tolerant as possible on the receiving side and be as conservative as possible on the sending side"Each server has the newest edition of the RFC.
Mark true statement about distance-vector routing protocols.
Routers periodically send their routing tables to their neighbors, who check to see if they can change any of the records in their routing tables. The advantage of these protocols is relative simplicity and easy implementation. However, there are some drawbacks such as a slow response to errors, an insufficiently fine evaluation of individual paths and limited network range. But the absolutely fundamental problem is that if a router makes a miscalculation, it will spread it and may render the entire network inoperable.
Which statement about routing is true?
Routing is used to determine the correct way to send a packet to a particular destination. Routing uses routing tables to find the path.
What does the SIP (Session Initiation Protocol) term denote?
SIP is the modern solution for establishing connections and negotiating device properties. It is a text protocol that can run on both TCP and UDP. SIP has replaced H.323 and is the standard for telephone networks in new buildings.
Which application protocol (set) is used for VoIP?
SIP or H.323
Which application protocol is used for electronic mail?
SMTP
Which of the following statements about the use of mail transfer protocols is correct?
SMTP is a text based protocol on TCP port 25 with the principle of sending messages and replies, similar to FTP. The client sends individual commands as text lines and the server responds, using the 3 digit codes: 1xx - positive preliminary reply 2xx - positive completion reply 3xx - positive intermediate reply 4xx - transient negative completion reply 5xx - permanent negative completion reply The following commands can be used by the client: FROM command - begins a new message. Includes sender's address. RCPT TO command - address of one recipient. The server confirms each recipient separately. If it does not accept one, we get message code 450 (temporary error) or 550 (permanent error) instead of message code 250. If it answers with code 250, it takes responsibility for the delivery of the message or reporting a delivery failure - Delivery Status Notification (DSN). DATA command - after the server responds with message code 354, the client starts sending the text of the message. It ends with a line containing only a dot. The server responds to the terminating line with a standard response (250, 450, 550) and the client can finish with a QUIT command or send with another message.
Which of the following statements about SMTP protocol is correct?
SMTP is a text-based protocol on TCP port 25 with the principle of sending messages and replies similar to FTP. It is used in mail transmission. SMTP doesn't use authentication.
Which statement about SSL and/or TLS is true?
SSL (Secure Socket Layer) - used in the old TCP/IP model, SSL is a layer between the transport and application layers which manages authentication and data encryption. An 's' is added at the end of protocol names when it is used ("https" - HTTP over SSL). TLS (Transport Layer Security) - the new version of the SSL - SSL 3.0. It has some minor changes, but the names can be used interchangeably. The newest versions of TLS are 1.1 and 1.2.
What does the acronym STP stand for?
STP cable (Shielded Twisted Pair) or Spanning Tree Protocol.
How can the Spanning Tree Protocol or Spanning Tree Algorithm be described?
STP is used to prevent a segment from being connected by two switches, which would make it flood with frame forwarding and stop the leaning bridge method from working. It looks for a spanning tree of the network to prevent loops from happening.
Which of the IP filtering characteristics is correct?
Security protocol at the router that connects a local network to the Internet. Runs on the transport layer and defines on which port the traffic is allowed. The most trivial configuration only allows traffic from the internal network to the Internet, and only on selected ports. This configuration is only acceptable for single channel protocols such as HTTP or SMTP. When a protocol needs additional channels for its operation, the filter prevents opening them. The only option in this case is to use a filter that also understands that particular application protocol. For example, if filtering software intercepts an FTP communication in which a server and client are negotiating to open a data channel, it can "make a hole in the filter" for the two specific addresses, one inside and one outside the network, for a limited period of a few seconds so that the data link can be established. A more typical configuration is not so restrictive regarding the list of ports that local clients are allowed to access. With such a configuration, for example, passively opening data channels in FTP will no longer be an issue. The issue will remain only with active channels or where more channels need to be opened (e.g. with SIP). Here, we can no longer get around without working with the application layer. Another problem for filtering is providing services for the public Internet. In the past, this was a common problem, e.g. for a web server. Today, web servers are usually run by various hosting houses. However, if we want to run a server or other service on our own network, we will need to open a permanent hole in the filter allowing traffic from the external network to access a specific server and port. This obviously poses a risk, as once a potential attacker has an access into the internal network, he or she can exploit any software bug or server configuration error. Therefore, it is common to make a special segment of the network, a so-called demilitarized zone (DMZ), for such services. From the point of view of protecting the network, we consider it as a world that is neither completely safe nor completely unsafe. Therefore, filtering rules at the DMZ's borders with the internal network and the Internet are slightly more permissive than those at the border between the internal network and the Internet.
Mark the untrue definition of the terms segmentation, fragmentation, multiplexing and encapsulation.
Segmentation - if a protocol receives a packet that exceeds the size of data that can be passed across the network, it can divide it up into even smaller pieces. Example: TCP. Fragmentation - If the network layer receives a packet that exceeds the Maximum Transmission Unit (MTU), it can further divide it into smaller pieces. Multiplexing - enables several communication channels from an upper layer to use the same channel on a lower layer. Encapsulation - takes a data unit from an upper layer and prefixes it with a header containing information necessary for proper handling of the data on a particular layer on the recipient side.
What takes place during the three-way handshake?
Sequential numbers do not start from zero, for security reasons, but from a random number chosen by the sending party. Therefore, it is necessary to send the initial value to the counterparty. This agreement takes place at the beginning of the connection using three special packets that have an empty data part and carry information only in the header, and is called a three-way handshake. The first of these packets has the SYN (synchronization packet) flag set and has the initial value selected by the client as the Sequence number; let's call it c. The server acknowledges receipt by sending a packet with the ACK flag and the Acknowledgement number set to c + 1. At the same time it generates its initial value of the sequence number (s) and adds the SYN flag as well. The client then completes the procedure by sending a packet in which it acknowledges receipt by sending an ACK with a value of s + 1. From now on, both parties can send data and gradually increase the values of the sequence numbers by the data length.
Which statement about the authenticity of the message origin is correct?
Since anyone can write anything on the mail envelope or in the message, the recipient is never sure who the real sender is. Mail servers attempt to prevent mails from an insecure sender, but that's not entirely reliable. Some systems use the well-known challenge/response method, but only an electronic signature provides fully reliable protection.
What is the difference between single-mode (SM) and multi-mode (MM) optical fibre?
Single-mode cables have a narrower silicon core and a laser is used as a light source. As a result, the refraction of light rays is significantly reduced, fundamentally increasing the range and transmission capacity. And the price. Therefore, these fibers are typically used for long-distance transmissions. In multimode cables, the silicon core is wider and LEDs can also be used as a light source. The beams are more refractory here, so the range and transmission capacity are smaller and are used most often for the LAN backhaul.
What information can we find in both TCP and UDP header?
Source port, destination port, checksum, length.
Which statement about routing table management is true?
Static management - a computer has data for all the needed records stored somewhere, and adds them to the table one by one after it boots. The advantage of this method is its stability - if the network does not change often and is not too complex, this method guarantees proper functioning in all circumstances and with different types of nodes. This method is used, by the way, when we plug our computer into a network and it gets the address of the default router of the local network through DHCP. That's all it needs for routing. But if the network is too large or changes dynamically, this approach is not appropriate. Dynamic management - managing tables based on the information exchanged between neighboring routers used to adjust their routing tables. The routers communicate with each other using one of the routing protocols. A network so controlled can adapt itself to current conditions, and configuration changes can be made centrally in one place. A small cost of this approach is a certain load on the network from routing protocol messages and a greater vulnerability of the network to errors caused by software attacks or errors. Routing protocols for local networks are divided into distance-vector protocols (e.g., RIP) and link-state protocols (e.g., OSPF).
Which statement about symmetric and asymmetric encryption algorithms is true?
Symmetric: ancient, needs a key, very fast, can encrypt a lot of data and compress it, but it needs to transport the encryption key Asymmetric: a pair of keys are used for encryption and decryption. A one-way function is used to make sure we cannot obtain one key from the other. We publish one key (the public key) and we keep the other secret (the private key). The advantages are that there is no shared secret, but the process is slow and suitable only for small data (like an encryption key used for symmetric encryption). We also have to trust the published key i.e. believe it is correct and belongs to the correct person.
Which of the following protocols is used in TCP/IP on the transport layer?
TCP and UDP.
What TCP description is not correct?
TCP is designed for connection-oriented services. The entire responsibility lies in the lower levels, the application just calls a function and waits, it has no control over the transmission. Reliable packet delivery guaranteed. Best for the FTP, HTTP and SMTP protocols. TCP has a large overhead and is generally slower than UDP.
What will happen if TCP packets arrive in incorrect order?
TCP will wait until all the packets have been received, then reassemble them in correct order when they arrive. If too many packets arrive out of order, TCP will request retransmission of the packets just as if they had been dropped.
Which of the following protocols does not work with IP addresses?
TCP, UDP and IP work with IP addresses.
Which field in the IP header prevents from endless loops occurring during mail delivery?
TTL
Which field in the IP header does the router change under normal circumstances?
TTL field and checksum is recalculated (but not in IPv6)
Choose a correct statement about the purpose or usage of the IP header field TTL (Time To Live).
TTL is used to prevent packets from running in an infinite loop due to an error in the routing tables. If a loop appears, TTL will prevent it from having fatal consequences. It expresses the number of routers allowed to forward the packet (the number of "hops"). At each hop, the TTL is decremented and if it reaches 0, the packet is dropped and the router sends an ICMP Time Exceeded message to the original sender. TTL is also used in traceroute for network diagnostics.
Which statement correctly describes the issues of remote login by means of telnet and SSH protocols?
Telnet - The message does not indicate whether it is a command or response, so a slight desynchronization could be catastrophic. Passwords are transmitted in the open. SSH - Might be susceptible to a "man-in-the-middle" attack or worms if the client is not careful.
The notebook in the picture sent out an HTTP request, which reached the server. Which statement about ARP cache contents on a notebook, switch, router and server is true?
The ARP client saves IP-to-MAC address assignments for further use in an ARP cache, in which a record lasts for a configurable time (of the order of minutes). The server will perform the same caching operation. It is assumed that the communication that has just started will continue and the server would soon have to trace the client's address by itself. And that's why we can see machines in our ARP cache that we haven't communicated with - such hosts have simply sent us an ARP query.
Which statement about ARP is true?
The Address Resolution Protocol is an ancillary technical protocol that represents a connection between the network and link layers. It allows nodes on a network to discover data link (MAC) addresses corresponding to specific network addresses. It's a generic protocol, it can be used for any network and data link addresses. The link layer needs to correctly fill in a destination MAC address corresponding to a specific IP address in its data link header. To find this MAC address, it sends a frame to the target node with an ARP query. However, it does not yet know the destination MAC address, so it will use the broadcast MAC address (FF:FF:FF:FF:FF:FF). This causes the frame to be delivered to all nodes on a given data-link network segment, but the frame will be ignored by everyone except the queried IP address holder. The node (i.e. an ARP server for this moment) responds to the query with a unicast ARP response containing the requested MAC address. The ARP client saves IP-to-MAC address assignments for further use in an ARP cache, in which a record lasts for a configurable time (of the order of minutes). The server will, however, perform the same caching operation. It is assumed that the communication that has just started will continue and the server would soon have to trace the client's address by itself. Therefore, the assignment of the client's IP and MAC address will be recorded in the server's cache, too. And that's why we can see machines in our ARP cache that we haven't communicated with - such hosts have simply sent us an ARP query. We can list the contents of the ARP cache with the arp -a command. A problem with ARP is its lack of security, i.e. that the broadcast query will reach everyone, so any node of the network can answer us. Worse, a potential attacker doesn't even have to wait for our request. An unsolicited ARP message (a so--called Gratuitous ARP) is possible, which is actually an answer without a prior query. Such messages are used e.g. for cluster solutions -- important machines in the network can run redundantly, both sharing the same IP address. An active machine of the pair informs other machines on the network using gratuitous ARP about its MAC address as the one that they are currently expected to use for the shared IP address. Some increase in security in certain types of networks can be achieved by denying certain important nodes (servers, routers) from using the ARP protocol and fixing their ARP cache content by a configuration.
Mark an untrue alternative, how can a host learn the IP address it is allowed to use?
The IP addresses are assigned by DHCP now, by BOOTP in the past.
Which step follows after the web client finds out the destination server address and prepares the packet in IP protocol to be sent?
The IP protocol must decide whether the destination address belongs to the same network. According to this decision, a next-hop node is chosen and the data+the next-hop address are passed to the data link layer. If the server is in the same network as the client, the next hop is the server. Otherwise, a router capable of forwarding packets to the destination network must be found and this router is the next hop.
Choose a correct statement about the principle of a routing algorithm.
The algorithm must be run on all computers in a network. In the routing table, the algorithm searches for all records that match the packet's destination. If no such record is found, the packet can not be delivered. However, this can only be the case if the routing table does not contain a default record. If the table contains one, at least this record will always match. The most specific record (the one with the widest mask) is chosen from the records found. The default record, if any, will therefore only be used if the table does not contain another record that matches the target. If the record references our own computer (loopback), the packet is placed on the input as if it had just arrived from the network. If the record is a direct one, the packet is directly passed to the link layer to be sent to the recipient. If the record is an indirect one, the packet is passed to the link layer with instructions to send it to the next-hop router.
What does the term MAC (Media Access Control) describe?
The bottom sub-layer is called Media Access Control (MAC) and handles both the addressing and access control of individual nodes to physical media they share within the same line (physical) segment of the network.
How does DHCP protocol work?
The client sends a DHCPDISCOVER request using the limited broadcast address. All DHCP servers in the network send their offers (DHCPOFFER). The client waits for a specific timeout, collects and checks responses. It chooses the best offer it has received. The client sends a DHCPREQUEST message that contains the address it has chosen. This message is still a broadcast because all servers must receive it. After sending their offer, they block the offered address for a while, so that they do not offer it to two clients. If a client has not chosen their offer, they must unblock the address again. The server whose offer the client has chosen will then confirm with a DHCPACK message that the address is really still available. From this moment, the lease-time period begins. Halfway through this time, the client should send a DHCPREQUEST message, this time only to the selected server, to make sure the address is still available. If it receives a response, a new lease-time period is started. If the client does not receive a response, it sends a new DHCPREQUEST within seven eighths of the lease-time period, but this time again by a broadcast. If it still does not receive an address, it must start the procedure again from scratch after the lease-time period has expired.
Which entry might be a valid row in the routing table of router B from the following figure?
The columns in a routing table are: destination, netmask, gateway. Types of records: direct (sending in the same network), indirect (denotes a router), default. Types by creation: implicit, explicit, dynamic.
Which step follows after the web server prepares the text of a page, divides it into pieces and forms TCP segments?
The communication channel gets the socket addresses (IP address + port number) of the client and server. The transport layer hands over the data along with the target IP address to the network layer.
In what manner is binary representation of integers handled in TCP/IP application protocols?
The data is structured as a stream of blocks, bytes or even bits, so to understand it you must use a piece of software that converts it into a textual form, e.g. integer values are sent as a sequence of bits representing the value.
Mark a true statement about the relation of data link and physical layers in OSI and TCP/IP.
The data link and physical layer aren't considered a part of the TCP/IP architecture, they are called "network interface".
If a host has a wrong default router setting, what will it not be able to do?
The host will not be able to send packets to other networks.
Which statement about cables for interconnection of two nodes of an Ethernet network is true?
The input pin should be connected to the output pin. If we have a switch and a computer, we can use a direct cable because that's how the pins are aligned, but if we want to connect two computers or two switches, we have to use crossover cables. Nowadays, network cards can negotiate the connection using MDI/MDIX auto-detection.
Which of the following statements about roles of particular components in electronic mail transmission is true?
The mail program checks the domain of the address and finds the server the domain belongs to. Then it sends the message to the mail forwarder of the network, which further processes, then sends the mail. The mail travels between MTAs until it finds the server that has the destination mailbox. The last MTA will attempt to deliver to the mailbox, but if that's impossible, the mail will remain in the queue of that MTA. If the destination mailbox has an DNS MX record, the last MTA will read the record and try to contact all the Mail Exchangers by priority, until it succeeds.
Which statement about security aspects of email protocols is correct?
The message is not automatically encrypted. It could fall into the wrong hands. Since anyone can write anything on the mail envelope or in the message, the recipient is never sure who the real sender is. Mail servers attempt to prevent mails from an insecure sender, but that's not entirely reliable. Some systems use the well-known challenge/response method, but only an electronic signature provides fully reliable protection. A server should be able to distinguish between mails sent by its users, which it should deliver without restriction, and those coming from the outside, which should be accepted if they are addressed to some of its users. If the server allows anyone to connect and send an email anywhere, it is called an open-relay server and runs the risk of being misused to send bulk mail. Spammers try to cover their tracks by forwarding mail via several open-relay servers, so finding the originator is complicated. Also, there are organizations that scan servers around the world, look for those that are open-relay, and compile a list of them so mail server admins block the receipt of mails from them. A problem occurs when one of the server's own users needs to connect to his mail server from the outside. From the server's point of view, it is a foreign client and sending the mail will be rejected. Also, the user has no way to prove their identity to the server, because SMTP doesn't use authentication. However, there is an extension the server can use on port 587 to force authentication. Securing the content of the message is entirely a matter for the end users. Therefore, the connection between MTAs is usually not encrypted. There are some exceptions, for example, corporate mail servers connected by a public network. The ESMTP extension includes a STARTTLS command that asks the server to start encryption using the Transport Layer Security interlayer. Spam protection: Gray-listing - uses protocol properties and the fact that spam machines do not check delivery success. The server will respond to the first attempt to deliver a message to the recipient with the 450 response to the RCPT TO command. If it was a genuine message, the sender will attempt to resend (usually after 15 minutes), so the server will answer with a 250 response and the message will be delivered. The server will mark the time of the last delivery attempt and for some time, it will pass messages without a delay, shifting the time stamp each time. So if the partners exchange one message a month, their communication will be carried out without delay. If there's no attempt to reconnect, the sender will be blacklisted from a period of time. The name gray-list comes from the combination of white and black list. Sender Policy Framework - a domain defines a list of servers it uses to send mails, and no one should accept mails coming from that domain with unauthorized clients. The catch to the principle is that if a message arrives in a mailbox whose user has set it to forward emails to a different address, the verification fails. Correction mechanisms were established, but the system proved to be inflexible, so DNS SPF has been withdrawn. DomainKeys Identified Mail - the replacement for DNS SPF. The basic idea is the same, the difference is that a sending machine digitally signs all mails. More specifically, it signs the mail body and selected headers. The receiving server checks the signature and either delivers or rejects the mail. Forwarding does not affect it in any way. All sending MTAs can be equipped with a separate key, so sending can be distributed to multiple machines and the list of them changed flexibly. Spam blockers - algorithms that attempt to predict if the message is spam. They use attributes relating to form and content. Based on a resulting score, the message can either be completely discarded, quarantined, or just tagged and delivered. Unfortunately, these aren't entirely effective, because spam machines are very skilled at imitating real messages, or there can be false positives.
Mark an untrue statement about IP address assignment.
The method of assigning addresses to connected end stations is decided by the network administration. Each network uses certain ranges of addresses for its nodes - either private ones (these are chosen by the network administration itself) or public ones (these are assigned by the ISP that connects the network to the Internet). ISPs receive blocks of addresses from superior ISPs; at the top of the hierarchy is IANA (the Internet Assigned Numbers Authority, part of ICANN), which has five regional registries under it.
What happens if the destination is not found in the routing table?
The packet is sent to the default router or, if that's not possible, the packet is unable to be sent.
Mark true statement about link-state routing protocols.
The second group of routing protocols are called link-state protocols. The name is based on the basic principle of these protocols, that instead of a table with distances, only information about line states is sent. Each router holds the entire network map on its own and calculates optimal paths on its own, according to the line status messages it receives. Even though this approach requires more computing power and, in the case of rapidly changing conditions, a certain network burden, the benefits outweigh the disadvantages. Two of the benefits are substantial: the network can react far more flexibly to changes or outages, and each router makes its own calculations, so any mistakes won't affect any of its neighbors.
Which statement regarding cookies is correct?
The server doesn't keep track of what we have previously requested from it, so if we need to follow up on some request, we need to send all the data over again. This is solved by cookies. Cookies are pieces of data that the server generates based on information from the client. These are generated during the response to a query and take the form of Set-Cookie headers. The browser saves this data and sends the same header during each request submitted to the same server. The cookie allows a server to identify the connection and user and ensure the user's request is processed properly. Cookies themselves pose no security risk (they can't have viruses), but the web server can store any information it finds about the user in them and use them at will (for example, for personalized advertising). There's also a risk if your computer falls into the wrong hands. The cookies reveal information about you (passwords, website visits...).
Which statement about WiFi is correct?
The term WiFi refers to a group of IEEE 802.11 protocols that are used for wireless communications in the unlicensed 2.4 and 5 GHz frequency bands. Common features include the use of CSMA/CA as well as star network topology. Although a WiFi network can also be used in an ad-hoc peer-to-peer variant, it is usually used with a kind of infrastructure where there are access points (AP) at the center of each star, to which each individual terminal device connects within its reach. Planning the signal coverage of a campus or a building is complicated, because individual APs must either broadcast on non-overlapping frequency channels (of which there are only 13) or have a central control mechanism, which is relatively expensive. A problem with WiFi networks is security. Since a potential attacker does not need physical access to the network (they can just stand outside the building), all possible security features must be taken into serious consideration on private networks. Each network is identified by a Service Set Identifier (SSID), but it is not used for security, only to distinguish different networks.
What does the term LLC (Logical Link Control) describe?
The upper sublayer of the Data Link layer is called Logical Link Control (LLC) and is in charge of multiplexing. It is thus responsible for the correct storing of the data of various network protocols and identifying it so that the receiving data-link layer software is able to forward it to the corresponding network protocol software.
Choose the correct statement about dynamic web pages.
The webpage is customized to the user's requests. Web pages can be dynamically generated either on the server (serverside) or directly in the web browser (client-side). In the first case, the server generates the HTML that is sent to a client as a new page. In the case of client-side dynamic web pages, there is a script in JavaScript running in a browser. This script modifies a downloaded HTML page according to the actions without the need to communicate with a server. Generating a dynamic web page is based on the CGI concept. CGI is an interface specification for web servers to execute programs like console applications. User requests are delegated to an application that processes the request and provides the server with the dynamically generated, now static, web page. CGI specifies only a user interface, command-line program can use any programming language to process the request and generate HTML.
What will happen if UDP packets arrive out of order?
They won't be able to be reordered.
What statement about keys and certificates is true?
To use a key, we need to be sure that it is verified, i.e. that it really belongs to the person we think it belongs to. We can attach a tag to the key and let someone verify that the coupling is correct: Web of trust - a user creates a key and an identity tag and asks other users to sign the key+tag. This signed key is then published and all users that trust any of the signers' keys may decide to trust your key as well. The web of trust grows as you sign more keys. Used for PGP keys for email signing. Certification Authorities (CA) - special organizations that sign your key+tag pair and if someone trusts this CA, your key is trusted too. The problem is that from time to time, a CA with a bad reputation gets onto a list of trusted CAs and all keys signed by it must be revoked. Used by the Public Key Infrastructure. A certificate is a key with a tag signed by a Certification Authority. The list of "proven" CAs is distributed along with the operating system or the software that will use it.
Why do clocks in computers in a network synchronize?
Transferring files between network nodes (especially when sharing discs). If the time isn't synchronized, one file might be considered out of date and that can cause repeated unnecessary update attempts. Comparing log records from different computers. If the time stamps aren't synchronized it would be a nightmare.
Which of the following terms does not belong among transmission parameters of a computer network?
Transmission parameters of a network are: Latency / delay - lag Jitter - fluctuation of the delay Data loss - how often the data is not delivered Bandwidth - how much data can be transmitted
With what TCP/IP layer the term port is related?
Transport layer
Which statement about deterministic and non-deterministic access to a medium is true?
Two basic approaches are used for multipoint topologies: In a deterministic means of control, there are no problems. Someone or something determines who is allowed to broadcast at any given moment. The downside is that if the "next" node has nothing to broadcast, its broadcast frequency will remain unused, increasing overhead and reducing network capacity. In nondeterministic control (e.g. Ethernet), no one limits nodes in the broadcast, so collisions have to be dealt with subsequently.
Which of the network address translation (NAT) characteristics is correct?
Used to enable hosts with private addresses to connect to public networks (i.e. the Internet). The router at the perimeter of the private network modifies the content of the packet sent out by the private host so that the destination host can respond. The router stores the sender's socket address and replaces it with its own and a randomly selected free port. The destination host sends back the response to the router first, which changes the destination information back to the original data and delivers the response to the client.
What are the main properties of Dijkstra's algorithm?
Used to find the shortest path in a graph.
On what principle does electronic mail encryption work?
Using data encryption by combining symmetric and asymmetric cryptography. The symmetric key is encrypted by the recipient's public key, and then the recipient can decrypt it with their private key and use it on the text. Useful for email because if we have more than one recipient, we can encrypt the text once and only change the key encryption for each recipient.
What does the VoIP (Voice over IP) term denote?
VoIP is the general name for the many technologies used to transmit voice over a TCP/IP network.
Which of the following statements regarding WAN is true?
WAN means Wide Area Network and it is a global network that has replaced point-to-point connections between computers or computer centers that were built on demand. Its main purpose is interpersonal and inter-computer communication and data transfer. It is built and managed by many companies and used not only by people related to them.
Nodes A, B, C and D are connected to a hub. Node A is transmitting a frame to node D, when node B needs to transmit data to node C. What does node B need to do?
Wait for node A to finish transmitting
Which way do clients usually use to submit data filled out by users into dialogue/form widgets (controls) to servers?
When a form is submitted, the data is encoded into the HTTP request and sent to the selected URL using the given method (GET/POST). With GET, the query is encoded in the URL itself and is visible everywhere, even the passwords and with POST, the form is submitted in the body of the request.
Which data transfer parameter determines what data range a station may send without waiting for confirmation of the counterparty?
Window size
What way is clock synchronization of computers in a network performed?
With NTP (Network Time Protocol). The basis of the protocol is that somewhere, there are sources of absolute time (eg. atomic clocks). Every other time source is marked by its level of distance from the absolute time source which is at stratum 0. That prevents loops (clocks at stratum N ignore the time of clocks at stratum N+1). In a LAN, there can be one or more NTPs which are synchronized with the ISP's NTP. The clocks of the clients in the LAN are synchronized with the LAN NTPs.
In what manner is text line representation handled in TCP/IP application protocols?
You can look at the data sent by both sides in a text editor, e.g. integer values are sent in their text interpretation.
What can we deduce from (a complete) output of the netstat -an program run?
in computing, netstat is a command-line network utility that displays network connections for Transmission Control Protocol, routing tables, and a number of network interface and network protocol statistics. All TCP and UDP servers and open TCP connections (there are no connections in UDP). For TCP as a state protocol, the listing also contains the state of the connection in the last column. In the second column we have the address of the local socket; there we see either the actual address of a network interface or the address 0.0.0.0, which means that the server is listening on all interfaces that are on our computer. The third column is the socket address of the counterparty, here is either the actual address and port of the remote socket, or in the case of the server the value 0.0.0.0 or *, which means that any client can connect.
Which protocol provides reliable data transfer service on the network layer?
none
What can we deduce from the following packet description in tcpdump program?
tcpdump is a data-network packet analyzer computer program that runs under a command line interface. It allows the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. Distributed under the BSD license, tcpdump is free software The first packet is the first packet of a three-way handshake, which we can recognize by the fact that it carries only the SYN flag. At the beginning of the line, we see the source IP address and the dot-separated port number, and after the arrow, the destination IP address and port. This is port 25, so this will obviously be the first packet of an SMTP connection. We also see the initial sequence number (seq) and the window size (win). • The second packet is the server's response (it carries the SYN and ACK flags); we see the confirmed client sequence number (ack) and also a proposal of a larger window. • In the last three-way handshake packet we already see the value of the Acknowledgement number relatively. Tools such as tcpdump display sequence and acknowledgement numbers as offsets relative to the beginning of the communication (subtracting the initial value) for better readability. • The next packet is the server's introductory message. For the first time, we see a data length printed (length, 48 characters) and the PSH flag (push), because the line is complete. • The client apparently lingered a bit with the sending of its first command, so the TCP software sent a separate delivery acknowledgement for the start line from the server, in the fifth packet. It used the initial value plus the length of the previous data (in relative numbers 1 + 48 = 49) as the Acknowledgement number value. • In the sixth packet, we see the first client command.
