Unit 8 Review Question Bank

Set by the type of data or service being requested

Destination Port

Which connection status should be reviewed to determine if a remote host is actively connected to a computer?

ESTABLISHED

Which IPv6 address is not valid?

FEC0::2B:7:H210

If the _ flag in a TCP segment is set to 1, the packet is the last transaction in a sequence.

FIN

Second channel used to provide secure transmissions for file transfers

FTPS

Which of the following handles notifications if TTL reaches 1?

ICMP

Which is true about a ping sweep?

ICMP queries each IP address on a host for a response

Most commonly used protocol for network communication

IPv4

Numbering scheme that uses decimal and hexadecimal values

IPv6

Which of these statements regarding Denial of Service attacks is true?

If the attacker spoofs their source IP address, firewall blocking will not help

What is the best defense against a DoS attack?

Implementation of a flood guard to stop packets

Which is not true about a link-local IPv6 address?

It can be routed throughout a business network, but not on the public Internet

Which is not true about DDoS attacks?

It is a combined Smurf attack and SYN flood

Which of the following is true about an IPv6 address that begins with 2002?

It is a global unicast address

Which of the following is true regarding FTPS?

It is a secure transmission method using SSL

The physical address of a network card is its ____.

Media Access Control address

A(n) ____ converts a private IP to a public IP.

NAT device

Used to view TCP and UDP connections with other computers

Netstat

A packet showing the ACK flag turned on indicates _____.

a response to a SYN packet

A TCP packet is a _____________ packet.

connection-oriented

The _ command will identify the connection information of a host with other computers.

netstat

Which command syntax lists the current statistics of the Internet connection, including those that were sent and received?

netstat -e

A ____________________ is used to compare bits against the IP address to determine the network address.

network address

Each portion of an IPv4 address is called a(n) _.

octet

A(n) ____ is a tool that allows you to capture raw data on a network.

packet sniffer

An IPv6 site-local address is similar to an IPv4 _ address.

private

When an IP address has an appended port number at the end of the address this is called a ____.

socket

A smurf attack occurs when ____.

the host is the recipient of repeated ICMP packets

Which of these network addresses could be publicly routed to sites on the Internet? (Choose 2)

- 2001:2344::A19B:27DE - 192.169.201.33

Which two represent the same subnet mask? (Choose 2)

- 255.255.252.0 - /22

Which of the following describes the two reasons that a TTL value would be reduced by 1? (Choose 2 )

- An established period of time has passed - The packet passes through a router

Which two methods can be used to minimize or block DoS attacks? (Choose 2)

- Block incoming ICMP packets - Incorporate a flood guard

Which two elements are incorporated into a frame? (Choose 2)

- CRC - MAC address

Which of the following will be unavailable if a firewall that blocks ICMP is configured? (Choose 2)

- Ping - Tracert

Which of the following uses port 22? (Choose 2)

- SSH - SCP

Which two programs act as packet sniffers? (Choose 2)

- tcpdump - Wireshark

What is the subnet mask of 255.255.128.0 in CIDR notation?

/17

A subnet mask of 255.255.255.224 is represented in CIDR as _.

/27

The subnet mask of 255.255.255.248 is ____ in CIDR notation.

/29

Which of these IP addresses is not considered a private address?

172.15.192.168

The network address of a host with an IPv4 address of 172.16.50.1/16 is _____________

172.16

Used to detect if there is any corruption with the transmission

Checksum

The decimal value of 11000000 is _.

192

A private IPv4 address in the Class C range begins with _.

192.168

A TCP/IP version 4 address is _ bytes in length.

32

In IPv6, the first _ bits of the address identify the network portion.

64

The local host address in IPv6 is _.

::1

The _ service used port-based tables to convert many private IP addresses to one public address.

PNAT

When set to 1, the sender is requesting the connection to be reset

RST

Secure method of transferring files that uses SSL in a single channel

SFTP

_ uses a single channel when sending data through an FTP connection.

SFTP

Remote management or remote copy is done with encrypted sessions

SSH

When set to 1, the sender is requesting synchronization of the two nodes

SYN

Which is the correct order of a three-way-handshake in TCP/IP?

SYN-SYN/ACK-ACK

32-bit number used to track how much data is sent

Sequence Number

Which of these is not included in a UDP packet?

Sequence number

A(n) _ attack occurs when an attacker uses ICMP to flood the host with packets.

Smurf

Dynamically assigned at the sending host

Source Port

Which of these statements is not true about IPv6 addresses?

Subnet masks are no longer part of an IPv6 address

The _ value in a packet controls the length of time a packet will search for its destination.

TTL

Insecure terminal emulation program used to manage remote systems

Telnet

____ is an insecure network service that runs via port 23.

Telnet

Which of the following scenarios best describe a situation in which a user with an IP address of 169.254.11.123 cannot access the network?

The DHCP server was unable to provide a leased address

Which best describes the results of the following command syntax. netstat-r

The local routing table will appear

_ packets are connectionless.

UDP

Which of the following describes a security tool for an administrator to find the lease holder of an IP address?

WHOIS