IST201 journal8,9,10,11

mapping

Reconnaissance attacks are the unauthorized discovery and ___________ of systems, services, or vulnerabilities.

Addresses for Servers and Peripherals

Any network resource, such as a server or a printer, should have a static IP address. The client hosts access these resources using the IP addresses of these devices

1.ping of death 2. smurf attack 3. SYN flood 4.DDoS

List the DoS attack examples discussed in the reading:

Host confirmation Destination or Service Unreachable Time exceeded Route redirection Router Solicitation Router Advertisement Neighbor Solicitation Neighbor Advertisement

List the common message types of ICMPv6 (listed in the reading)

MX

Mail exchange record; maps a domain name to a list of mail exchange servers for that domain

computer programs

Malicious code attacks are _______________ that are created with the intention of causing data loss or damage.

243

What is the decimal equivalent of the hex number 0xF3?

ipv6 unicast-routing

An router becomes a member the All-routers multicast group when it is enabled as an IPv6 router with the ______________ global configuration command.

Addresses for Hosts That are Accessible from the Internet

-In most internetworks, only a few devices are accessible by hosts outside of the corporation. For the most part, these devices are usually servers of some type. The IP addresses should be static

AAAA

128-bit IPv6 address that stores a single IPv6 node address

Global unicast

A ______ address is similar to a public IPv4 address. These are globally unique, Internet routable addresses. Global unicast addresses can be configured statically or assigned dynamically. There are some important differences in how a device receives its IPv6 address dynamically compared to DHCP for IPv4.

broadcast, multicast, unicast

A host can communicate in an IPv4 network three ways A directed ___[a]___ is a message sent to all hosts on a specific network. It is useful for sending a message to all hosts on a nonlocal network. A ___[b]___ message is a message sent to a selected group of hosts that are part of a subscribing group. A limited broadcast is used for a communication that is limited to the hosts on the local network. A ___[c]___ message is a message sent from one host to another.

DHCPACK

A message that is used to acknowledge that the lease is successful

DHCPREQUEST

A message that is used to identify the explicit server and lease offer to accept

DHCPDISCOVER

A message that is used to locate any available DHCP server on the network

DHCPOFFER

A message that is used to suggest a lease to a client

application

A peer-to-peer ___________ allows a device to act as both a client and a server within the same communication

true

A ping issued from a Cisco IOS will yield one indicator for each ICMP echo that was sent

IMAP

A protocol used by email clients to retrieve email from a remote server

POP

A protocol used by email clients to retrieve email from a remote server

FTP

A protocol used for interactive file transfer between systems

DHCP

A protocol used to assign an IP address, subnet mask, default gateway, and DNS server addresses to a host

manipulation

Access attacks are the unauthorized ___________ of data, system access, or user privileges.

The Apple Macintosh operating systems also support resource sharing using the SMB protocol. Clients can access the resources on the server as if the resource is local to the client host Only SMB provides printer services Clients establish a long-term connection to servers

Although FTP and SMB both provide file sharing, SMB does have some distinct advantages:

daemon

An FTP server runs an FTP __________, which is a program that provides FTP services.

two, mask

An IPv4 address is divided into ___[a]___ parts: network portion - to identify the specific network on which a host resides host portion - to identify specific hosts on a network. A subnet ___[b]___ is used to identify the length of each portion

uspecified address

An _______ is an all-0s address represented in the compressed format as ::/128 or just :: in the compressed format. It cannot be assigned to an interface and is only be used as a source address in an IPv6 packet. An unspecified address is used as a source address when the device does not yet have a permanent IPv6 address or when the source of the packet is irrelevant to the destination.

NS

An authoritative name server

A Match the record types for DNS server to their description:

An end device address

Addresses for Clients

Because of challenges associated with static address management, end-user devices often have addresses dynamically assigned using DHCP.

true

Broadcast traffic is not permitted to cross a router and therefore will be contained within the respective subnets where it originated.

60

Consider the following range of addresses: 2001:0DB8:BC15:00B0:0000:: 2001:0DB8:BC15:00B1:0000:: 2001:0DB8:BC15:00B2:0000:: ... 2001:0DB8:BC15:00BF:0000:: The prefix-length for the range of addresses is

hierarchy

DNS relies on this ___________ of decentralized servers to store and maintain these resource records.

1. Formats, or presents, data from the source device into a compatible form for receipt by the destination device. 2. Compression of the data in a way that can be decompressed by the destination device. 3. Encryption of the data for transmission and the decryption of data upon receipt by the destination.

Describe the three primary functions of the Presentation layer of the OSI model.

HTTPS

For secure communication across the Internet, the ___________ protocol is used for accessing or posting web server information.

session, restart sessions

Functions at the ____[a]____ layer create and maintain dialogs between source and destination applications. The layer handles the exchange of information to initiate dialogs, keep them active, and to ____[b]____ those that are disrupted or idle for a long period of time.

3

How many bits must be borrowed from the host portion of an address to accommodate a router with five connected networks?

1022

How many host addresses are available on the network with a subnet mask of 255.255.252.0?

IP telephony

IP phone itself performs voice-to-IP conversion.

IP telephony

IP phones use a dedicated server for call control and signaling.

unique local

IPv6 ______ addresses have some similarity to RFC 1918 private addresses for IPv4, but there are significant differences as well. Unique local addresses are used for local addressing within a site or between a limited number of sites. These addresses should not be routable in the global IPv6. Unique local addresses are in the range of FC00::/7 to FDFF::/7

hexadecimal

IPv6 addresses are represented by __________ numbers and are 128 bits in length

VoIP

Implemented in an organization that still uses traditional telephones.

/25

In a network that uses IPv4, what prefix would best fit a subnet containing 100 hosts?

four

In an IPv6 /64 address, the first ______ groups of hexadecimal digits represent the network and subnet fields

flash, text editor, interfaces

In order to restore a configuration backup file from a USB ____[a]____ drive, it is necessary to edit the USB Config file with a _______[b]_______ to make it a valid config file; otherwise, there are a lot of entries that are invalid commands and no ____[c]____ will be brought up.

client, server

In the client-server model, the device requesting the information is called the [a] and the device responding to the request is called the [b].

Addresses for Intermediary Devices

Intermediary devices are also a concentration point for network traffic. Almost all traffic within or between networks passes through some form of intermediary device. Therefore, these network devices provide an opportune location for network, management, monitoring, and security. Because we must know how to communicate with intermediary devices, they should have predictable addresses. Therefore, their addresses are typically assigned manually.

decentralize

P2P networks ___________ the resources on a network.

PUT

POST and _______ are used to upload data files to the web server.

false

Ping is a testing utility that uses DNS echo request and echo reply messages to test connectivity between hosts. Ping works with both IPv4 and IPv6 hosts

Containment - Contain the spread of the worm within the network. Compartmentalize uninfected parts of the network. Inoculation - Start patching all systems and, if possible, scanning for vulnerable systems. Quarantine - Track down each infected machine inside the network. Disconnect, remove, or block infected machines from the network. Treatment - Clean and patch each infected system. Some worms may require complete core system reinstallations to clean the system.

Properly sequence of steps to mitigate a worm attack

VoIp

Routers convert analog voice from traditional telephone signals into IP packets

spools

SMTP _________ messages if a destination email server is offline or busy when email messages are sent.

::1

The IPv6 address _______ is the loopback address.

loopback

The _______ address is used by a host to send a packet to itself and cannot be assigned to a physical interface. Similar to an IPv4 loopback address, you can ping an IPv6 loopback address to test the configuration of TCP/IP on the local host. The IPv6 loopback address is all-0s except for the last bit, represented as ::1/128 or just ::1 in the compressed format.

tunneling

The _________ migration technique encapsulates an IPv6 packet inside an IPv4 packet.

server message block

The ____________ protocol is a protocol for file, printer, and directory sharing

dual-stack

The _____________ migration technique allows IPv4 and IPv6 protocol stacks to coexist on the same network simultaneously.

application

The _______________ layer is closest to the end user.

CNAME

The canonical name (or Fully Qualified Domain Name) for an alias

IPv4 embedded

The last type of unicast address type is the ________ address. These addresses are used to help transition from IPv4 to IPv6. IPv4 embedded addresses are beyond the scope of this course.

255.255.255.255

The limited broadcast is used for communication that is limited to the hosts on the local network. These packets always use a destination IPv4 address [a].[b].[c.].[d]

27

The prefix length notation for the subnet mask 255.255.255.224 is /_____

subnetting

The process of segmenting a network, by dividing it into multiple smaller network spaces, is called _____

true

The show version command that is issued on a router displays the value of the configuration register, the Cisco IOS version being used, and the amount of flash memory on the device.

duplication, unique, controlling, security, packets

There are three primary considerations when planning address allocation. Preventing ____[a]____ of Addresses - Each host in an internetwork must have a ____[b]____ address. Without the proper planning and documentation, an address could be assigned to more than one host, resulting in access issues for both hosts. Providing and ____[c]____ Access - Some hosts, such as servers, provide resources to internal hosts as well as to external hosts. The Layer 3 address assigned to a server can be used to control access to that server. If, however, the address is randomly assigned and not well documented, controlling access is more difficult. Monitoring ____[d]____ and Performance - Similarly, the network as a whole must be monitored. As part of the monitoring process, network traffic is examined for addresses that are generating or receiving excessive ___[e]___. If there is proper planning and documentation of the network addressing, problematic network devices can be easily found.

Telnet

This is used to provide remote access to servers and networking devices

BOOTP

This protocol is a precursor to the DHCP protocol. BOOTP is a network protocol used to obtain IP address information during bootup

TFTP

This protocol is used for connectionless active file transfer

DNS

This protocol resolves Internet names to IP addresses

HTTP

This protocol transfers files that make up the web pages of the World Wide Web

SMTP

This protocol transfers mail messages and attachments

true

To determine traffic flow patterns, it is important to capture traffic during peak utilization time

no cdp run, no cdp enable

To disable CDP globally, use the global configuration command ______[a]______. To disable CDP on an interface, use the interface command ______[b]______

delay-sensitive, control, scalability, quality of service, latency

To transport streaming media effectively, the network must be able to support applications that require ____[a]____ delivery. Real-Time Transport Protocol (RTP) and Real-Time Transport ____[b]____ Protocol (RTCP) are two protocols that support this requirement. RTP and RTCP enable control and ____[c]____ of the network resources by allowing ________[d]________ mechanisms to be incorporated. These mechanisms provide valuable tools for minimizing ____[e]____ issues for real-time streaming applications.

hop limit

Traceroute makes use of a function of the TTL field in IPv4 and the __________ field in IPv6 in the Layer 3 headers, along with the ICMP time exceeded message.

Address for the Gateway (Routers and Firewalls)

Unlike the other intermediary devices mentioned, routers and firewall devices mentioned, routers and firewall devices have an IP address assigned to each interface. Each Interface is in a different network and serves as the gateway for the hosts in that network. Typically, the router interface uses either the lowest or highest address in the network.

VoIP

Uses voice-enabled routers.

waste

Using the VLSM subnets, the LAN and WAN segments can be addressed without unnecessary ______

IP telephony

Voice-enabled routers are not required within a network with this integrated solution.

IMAP can provide long-term storage of email messages on mail servers and allows for centralized backup. It also enables employees to access email messages from multiple locations, using different devices or client software. Users can create a file hierarchy on the server to organize and store mail. When a user decides to delete a message, the server synchronizes that action and deletes the message from the server.

What are three advantages for small organizations adopting IMAP

For an ISP, IMAP may not be the protocol of choice. It can be expensive to purchase and maintain the disk space to support the large number of stored emails. Additionally, if customers expect their mailboxes to be backed up routinely, that can further increase the costs to the ISP.

What are two disadvantages?

255.255.255.128 Each subnet in the topology has 100 hosts in it so the subnet mask must have at least 7 host bits in it (27-2=126). 255.255.255.0 has 8 hosts bits, but this does not meet the requirement of providing the maximum number of subnets.

What is the smallest usable subnet mask in a Class B address that provides: At least 100 hosts per subnet At least four subnets The subnet mask = [a].[b].[c].[d]

application, presentation, session

What layer(s) of the OSI model most closely resemble those services provided by the application layer of the TCP/IP model?

true

When a host needs to find the MAC address of a destination host, the IPv6 host device will send a neighbor solicitation (NS) message to the solicited node multicast address.

contiguous

When designing the addressing scheme on a new network, the address blocks can be assigned in a way that keeps unused blocks of addresses _________

nibble

When extending the subnet ID by borrowing bits from the interface ID, the best practice is to subnet on a __________ boundary.

WPA

Which WLAN security protocol generates a new dynamic key each time a client establishes a connection with the AP?

true

With IPv6 bits can be borrowed from the interface ID to create additional IPv6 subnets.

VLSM

With ________________, the network is first subnetted, and then the subnets are subnetted again. This process can be repeated multiple times to create subnets of various sizes

link-local

_____ addresses are used to communicate with other devices on the same local link. With IPv6, the term link refers to a subnet. Link-local addresses are confined to a single link. Their uniqueness must only be confirmed on that link because they are not routable beyond the link. In other words, routers will not forward packets with a link-local source or destination address.

Subnet ID

_____ is used by an organization to identify subnets within its site.

encapsulation

_______ assembles a message and adds information to each layer in order to transmit the data over the network.

translation

_______ is a migration technique that allows IPv6-enabled devices to communicate with IPv4-enabled devices using a translation technique similar to NAT for IPv4.

Password

________ attacks can be implemented using a packet sniffer to yield user accounts and passwords that are transmitted as clear text.

DHCP

________ is generally the preferred method of assigning IP addresses to hosts on large networks because it reduces the burden on network support staff and virtually eliminates entry errors.

Interface ID

_____is equivalent to the host portion of an IPv4 address. The term Interface ID is used because a single host may have multiple interfaces, each having one or more IPv6 addresses.

Global routing prefix-

_____is the prefix, or network, portion of the address that is assigned by the provider, such as an ISP, to a customer or site. Currently, RIRs assign a /48 global routing prefix to customers. This includes everyone from enterprise business networks to individual households. This is more than enough address space for most customers.

FF02::1 is the all-__________ multicast group within the scope of the local link.

node