Chapter 4 - Network Protocols and Routing Exam
The CTRL + S key combination can be used to stop an actively running command. True or False
False CTRL + C is typically used to stop an actively running command, while CTRL + S pauses the output to the terminal.
IPv4 and IPv6 use the same packet format. True or False
False IPv4 and IPv6 use different packet formats. IPv6 has a simplified header and larger address space compared to IPv4.
Routing Information Protocol (RIP) is an interior gateway protocol that uses a link-state algorithm. True or False
False RIP uses a distance-vector algorithm, not a link-state algorithm, to determine the best routing path.
TCP uses a four-step process called a four-way handshake to establish a TCP connection. True or False
False TCP uses a three-step process called a three-way handshake to establish a connection.
The pathping utility sends 10 pings per hop by default. True or False
False The pathping utility sends 100 pings per hop by default, not 10.
UDP provides error checking, but not sequencing. True or False
False UDP does not provide error checking or sequencing. It is a connectionless protocol that focuses on fast transmission without guaranteeing delivery, order, or integrity.
What is MAC address spoofing?
MAC address spoofing is the practice of changing or faking the Media Access Control (MAC) address of a network interface on a device, often used to bypass network restrictions, enhance privacy, conduct security testing, or avoid device identification on public networks. This can be accomplished through various software tools and operating system features, allowing users to either temporarily or permanently alter their MAC address; while it can have legitimate uses, it may also be employed for malicious purposes, such as impersonating another device or gaining unauthorized access to a network.
What is routing protocol convergence time defined as? a.) It is the time it takes for the protocol to recognize the best path in the event of a network change. b.) It is the time it takes for the protocol to recognize that a change has occurred. c.) It is the amount of time it takes after initial configuration of the protocol for all routes to become known. d.) It is the amount of time involved in configuration of the routing protocol.
a.) It is the time it takes for the protocol to recognize the best path in the event of a network change. Routing protocol convergence time is the time it takes for routers to update their routing tables and agree on the best paths after a network change occurs.
You have been tasked with maintaining a network that is jumbo frame enabled. What does this mean? a.) The MTU for the network can be as high as 9198 bytes. b.) The network is not based on the Ethernet standard. c.) Fragmented frames will be consolidated into whole frames before being sent. d.) The MTU for the network is set at 65,535 bytes.
a.) The MTU for the network can be as high as 9198 bytes. A jumbo frame-enabled network allows for larger frames with a Maximum Transmission Unit (MTU) of up to 9198 bytes, which can improve efficiency for large data transfers.
What happens when a router receives a packet with a TTL of 0? a.) The router drops the packet and sends an ICMP TTL expired message back to the host. b.) The router attempts to forward the traffic on a local network. c.) The router resets the TTL to 128. d.) The router marks the packet as corrupted and forwards it to the next hop.
a.) The router drops the packet and sends an ICMP TTL expired message back to the host. When a packet's TTL (Time to Live) reaches 0, the router discards the packet and sends an ICMP TTL expired message to the sender, indicating that the packet's lifetime has expired.
What utility is the equivalent to the pathping command on a Linux system? a.) mtr b.) tracepath c.) traceroute d.) hping
a.) mtr The "mtr" (My Traceroute) utility on Linux combines the functionality of both ping and traceroute, making it the equivalent of the pathping command on Windows.
What tcpdump command can be used to filter out all traffic except SSH traffic? a.) tcpdump port 22 b.) tcpdump -p 22 c.) tcpdump only ssh d.) tcpdump -f +ssh
a.) tcpdump port 22 The command "tcpdump port 22" filters traffic to show only SSH traffic, which typically uses port 22.
The Border Gateway Protocol is considered to be a hybrid routing protocol. True or False
True BGP is considered a hybrid routing protocol because it combines aspects of both distance-vector and link-state routing protocols.
IP is an unreliable, connectionless protocol, as it does not establish a session to send its packets. True or False
True IP is a connectionless protocol that does not establish a session or guarantee packet delivery, making it unreliable in terms of ensuring data integrity.
In general, a Layer 3 or Layer 4 switch is still optimized for fast Layer 2 data handling. True or False
True Layer 3 and Layer 4 switches are designed to handle routing and filtering at higher layers while still maintaining efficient Layer 2 switching for fast data handling.
The cost of upgrading infrastructure has been a major factor in the slow adoption of IPv6. True or False
True The cost and complexity of upgrading existing infrastructure to support IPv6 have contributed to its slow adoption.
What field in an IPv4 packet informs routers the level of precedence they should apply when processing an incoming packet? a.) Differentiated Services (DiffServ) b.) Internet header length (IHL) c.) Time to Live (TTL) d.) Padding
a.) Differentiated Services (DiffServ) The Differentiated Services (DiffServ) field in an IPv4 packet indicates the priority or precedence level that routers should apply when processing the packet.
How can a network switch be said to operate at Layer 4 of the OSI model?
A network switch can be said to operate at Layer 4 of the OSI model when it has the capability to make forwarding decisions based on transport layer information, such as port numbers associated with protocols like TCP and UDP. This type of switch, often referred to as a Layer 4 switch or multi-layer switch, can inspect Layer 4 headers to manage traffic, prioritize critical applications through Quality of Service (QoS), distribute incoming traffic across multiple servers for load balancing, maintain session awareness for effective communication management, and implement security policies based on port numbers. In summary, a Layer 4 switch provides advanced functionalities beyond basic Layer 2 switching by analyzing and utilizing transport layer information.
ARP tables might contain two different types of entries. What are they, and how are they created?
ARP tables contain two different types of entries: dynamic entries and static entries. Dynamic entries are created automatically by the Address Resolution Protocol (ARP) when a device sends an ARP request to resolve an IP address to a MAC address; this occurs when a device broadcasts a request asking who has a specific IP address, and the corresponding device replies with its MAC address, prompting the requesting device to create a dynamic entry in its ARP table. In contrast, static entries are manually configured by network administrators and do not expire, making them useful for devices that require a consistent mapping between IP addresses and MAC addresses, such as servers or critical infrastructure devices. Administrators can add static entries to the ARP table through command-line interfaces or network management tools, ensuring that these mappings remain unchanged unless manually modified or deleted.
How does IPv6 utilize Neighbor Discovery Protocol to detect neighboring devices?
IPv6 utilizes the Neighbor Discovery Protocol (NDP) to detect neighboring devices through several processes. When a device joins an IPv6 network, it sends a Router Solicitation (RS) message to request information from neighboring routers, which respond with Router Advertisement (RA) messages that provide configuration details like network prefixes and default gateway addresses. To determine the link-layer (MAC) address of a neighbor, a device sends a Neighbor Solicitation (NS) message to the target device, which replies with a Neighbor Advertisement (NA) message that includes its MAC address. Additionally, before assigning itself an IPv6 address, a device uses NDP for Duplicate Address Detection (DAD) by sending an NS message with its intended address; if no NA is received, the address is considered unique. Through these mechanisms, NDP enables IPv6 devices to discover and communicate with other devices on the same local network while maintaining a mapping of IP addresses to MAC addresses.
What are the different categories of routers, and how do they compare?
Routers can be categorized into several types based on their functionality, application, and operational environment. Core routers operate within the core of the internet, handling large amounts of data traffic efficiently and designed for high performance and reliability, often used by internet service providers (ISPs). Edge routers are positioned at the edge of a network, connecting internal networks to external networks like the internet, focusing on security and traffic management. Branch routers serve remote offices or branches within an organization, connecting them to the main corporate network while prioritizing cost-effectiveness and specific applications like VPN support. Wireless routers provide wireless connectivity to devices within a local area network, combining router and access point functions for convenience and mobility. Virtual routers are software-based and run on virtualized hardware or in cloud environments, offering flexibility, scalability, and cost savings. Lastly, routers can also be classified as static or dynamic; static routers use manually configured routing tables suitable for smaller networks, while dynamic routers automatically adjust routing tables using protocols like RIP, OSPF, or BGP, making them ideal for larger, more complex networks. Overall, each category of router serves specific functions and is optimized for different scenarios, from high-capacity data handling in core routers to user-friendly connectivity in wireless routers.
How are routing paths determined?
Routing paths are determined through a combination of algorithms, metrics, and routing tables. Routers use routing algorithms, such as distance-vector and link-state, to calculate the best path for data packets based on various metrics. Common metrics include hop count, which measures the number of routers a packet must pass through; bandwidth, which indicates the capacity of the network link; latency, which refers to the time it takes for a packet to travel from source to destination; and load, which assesses the current utilization of a link. Each router maintains a routing table that stores information about available routes, including destination addresses, next-hop routers, and associated metrics. Dynamic routing protocols, such as RIP, OSPF, and BGP, facilitate communication between routers, allowing them to share routing tables and adapt to changes in the network. In some cases, network administrators may also configure static routes manually, providing predictable routing paths for specific traffic. Overall, this process enables routers to efficiently find the most effective paths for data packets as network conditions change.
What are some examples of routing metrics that can be used to determine the best path for a network?
Some examples of routing metrics used to determine the best path for a network include hop count, which measures the number of routers a packet must pass through; bandwidth, representing the capacity of a network link often measured in bits per second; and latency, the time it takes for a packet to travel from the source to the destination. Additionally, load reflects the current utilization of a network link, with lower load paths being preferred for efficiency. Reliability indicates the stability and consistency of a network link, while cost may be assigned to each link based on factors such as bandwidth and delay. The maximum transmission unit (MTU) refers to the size of the largest packet that can be transmitted without fragmentation, with paths accommodating larger MTUs typically favored. Lastly, some advanced routing protocols consider path history, which includes previous performance data like packet loss rates or transmission delays, to make informed routing decisions. Together, these metrics help routers evaluate and select the most efficient and effective paths for data transmission across the network.
What are some of the basic functions of a network router?
Some of the basic functions of a network router include packet forwarding, where it determines the best path for data packets to reach their destination; routing table maintenance, which involves keeping track of available routes; interconnecting networks to enable communication between local area networks (LANs) and wide area networks (WANs); performing Network Address Translation (NAT) to allow multiple devices to share a single public IP address; managing traffic to prioritize certain types for better performance; providing security features like firewalls to protect the network; supporting dynamic routing protocols such as OSPF, BGP, or RIP for automatic updates to routing tables; and managing multiple interfaces for connecting to different networks or devices.
How is the TTL (Time to Live) field utilized in IPv4?
The TTL (Time to Live) field in IPv4 is utilized to prevent packets from circulating indefinitely in the network by specifying the maximum number of hops a packet can take before being discarded; each time a packet is forwarded by a router, the TTL value is decremented by one, and if it reaches zero, the packet is discarded, which helps prevent routing loops and reduces unnecessary traffic. Additionally, when a packet is discarded due to a zero TTL, the router sends an ICMP (Internet Control Message Protocol) Time Exceeded message back to the original sender, assisting in diagnosing routing issues.
There are several interior gateway protocols, but only one current exterior gateway protocol. What is this protocol, and what characteristics does it have?
The only current exterior gateway protocol (EGP) is the Border Gateway Protocol (BGP), which is a path vector protocol designed for routing between autonomous systems (AS) and allows for policy-based routing, enabling network administrators to control traffic flow based on various attributes. BGP is highly scalable, operating over the Transmission Control Protocol (TCP) to ensure reliable communication, and it includes mechanisms for loop prevention by maintaining a list of traversed ASes. Additionally, BGP supports route aggregation to reduce routing table size and is capable of handling both IPv4 and IPv6 addresses, making it adaptable to the evolving internet architecture.
Which of the following is not a task handled by a router? a.) A router forwards broadcasts over the network. b.) A router can reroute traffic if the path of first choice is down but a second path is available. c.) A router can interpret Layer 3 and often Layer 4 addressing. d.) A router can connect dissimilar networks.
a.) A router forwards broadcasts over the network. Routers do not forward broadcast traffic; they isolate broadcast domains to prevent network congestion.
When using the Routing Information Protocol (RIP), what is the maximum number of hops a message can take between its source and its destination before the destination is considered unreachable? a.) 8 b.) 15 c.) 20 d.) 32
b.) 15 RIP has a maximum hop count of 15, meaning that after 15 hops, the destination is considered unreachable.
By default, what is the MTU size on a typical Ethernet network? a.) 1492 bytes b.) 1500 bytes c.) 1518 bytes d.) 1522 bytes
b.) 1500 bytes The default Maximum Transmission Unit (MTU) size on a typical Ethernet network is 1500 bytes.
What statement regarding the differences between the Windows tracert utility and the Linux/UNIX/macOS traceroute utility is accurate? a.) Only tracert can send UDP messages for tracing a path. b.) By default, the tracert utility uses ICMP echo requests, while traceroute uses UDP datagrams or TCP SYN messages. c.) The Windows tracert utility does not place limits on the TTL of repeated trial messages. d.) The tracert utility expects an ICMP port unreachable error message as the final reply to a trace.
b.) By default, the tracert utility uses ICMP echo requests, while traceroute uses UDP datagrams or TCP SYN messages. The Windows "tracert" utility sends ICMP echo requests, while the "traceroute" utility in Linux/UNIX/macOS sends UDP datagrams or TCP SYN messages by default.
What is the purpose of the checksum TCP field? a.) It specifies special options, such as the maximum segment size a network can handle. b.) It allows the receiving node to determine whether the TCP segment became corrupted during transmission. c.) It identifies the data segment's position in the stream of data segments being sent. d.) It confirms receipt of data via a return message to the sender.
b.) It allows the receiving node to determine whether the TCP segment became corrupted during transmission. The checksum field in a TCP segment ensures data integrity by allowing the receiving node to detect any corruption that occurred during transmission.
What command will list only current connections, including IP addresses and port numbers? a.) show ip stats b.) netstat -n c.) netstat -s d.) portstat
b.) netstat -n The "netstat -n" command lists current connections, displaying IP addresses and port numbers in numerical form.
Which command will produce statistics about each message transmitted by a host, separated according to protocol type? a.) ipconfig -s b.) netstat -s c.) ipstat -a d.) netstat -an
b.) netstat -s The "netstat -s" command displays statistics for each protocol, showing details about messages sent and received for each protocol type.
You are connected to your network's Cisco router, and need to verify the route table. What command should you enter? a.) route print b.) show ip route c.) route -a d.) show route-table
b.) show ip route The "show ip route" command on a Cisco router displays the route table, showing all learned routes and their status.
In a TCP segment, what field indicates how many bytes the sender can issue to a receiver before acknowledgment is received? a.) urgent pointer b.) sliding-window c.) URG flag d.) PSH flag
b.) sliding-window The sliding-window field in a TCP segment indicates how many bytes the sender can send to the receiver before it must wait for an acknowledgment.
Which statement regarding the Border Gateway Protocol (BGP) is accurate? a.) BGP is limited to a single autonomous system. b.) BGP is exclusively a distance-vector protocol. c.) BGP utilizes TCP for communicating updates. d.) BGP is a more advanced version of OSPF.
c.) BGP utilizes TCP for communicating updates. BGP uses TCP (port 179) to communicate routing updates between peers, ensuring reliable transmission of routing information.
You have been tasked with the replacement of OSPF with EIGRP throughout your organization, which consists of a mixture of Cisco routers and routers from other vendors. What statement is accurate? a.) EIGRP will increase CPU utilization on core routers. b.) Increased traffic will result from the switch to EIGRP. c.) EIGRP may not be available on non-Cisco routers. d.) Convergence time will be increased with EIGRP.
c.) EIGRP may not be available on non-Cisco routers. EIGRP started as a Cisco proprietary protocol, so it may not be supported on non-Cisco routers unless those routers specifically support EIGRP.
What is NOT one of the three characteristics of TCP in its role as a reliable delivery protocol? a.) Connection-oriented Protocol b.) Sequencing and checksums c.) Framing d.) Flow Control
c.) Framing Framing is not a characteristic of TCP. TCP's key characteristics include being connection-oriented, using sequencing and checksums, and providing flow control. Framing is typically associated with the Data Link layer.
The IP connectionless protocol relies on what other protocol to guarantee delivery of data? a.) UDP b.) ICMP c.) TCP d.) ARP
c.) TCP TCP is the protocol that ensures reliable delivery of data over IP, providing features like error checking, retransmission, and sequencing.
In the event of a duplicate MAC address shared by two hosts on a switched network, what statement is accurate? a.) The hosts that share the same MAC addresses will be completely unable to communicate with any other devices. b.) The hosts will generate new MAC addresses until the conflict is resolved. c.) The hosts will still send and receive traffic, but traffic may not always reach the correct destination. d.) The network switch will eventually crash due to being unable to properly forward traffic.
c.) The hosts will still send and receive traffic, but traffic may not always reach the correct destination. In the case of duplicate MAC addresses, both hosts may still communicate, but traffic may not reach the intended destination due to confusion at the switch, which relies on unique MAC addresses to forward traffic correctly.
In IPv6, what field is used to indicate what sequence of packets from one source to one or multiple destinations a packet belongs to? a.) traffic class b.) group ID c.) flow label d.) traffic exchange
c.) flow label The flow label field in IPv6 is used to identify packets that belong to the same flow, allowing the receiver to process them in a consistent sequence.
What IPv6 field is similar to the TTL field in IPv4 packets? a.) flow label b.) next header c.) hop limit d.) distance vector
c.) hop limit The hop limit field in IPv6 is similar to the TTL (Time to Live) field in IPv4, limiting the number of hops a packet can take before being discarded.
What routing metric affects a path's potential performance due to delay? a.) theoretical bandwidth b.) MTU c.) latency d.) load
c.) latency Latency is the routing metric that affects a path's potential performance due to the delay experienced as data travels through the network.
If the VLAN tag is present in an Ethernet frame, what is the maximum frame size? a.) 1492 bytes b.) 1500 bytes c.) 1518 bytes d.) 1522 bytes
d.) 1522 bytes When a VLAN tag is present in an Ethernet frame, the maximum frame size increases to 1522 bytes to accommodate the extra 4-byte VLAN tag.
Originally codified by ISO, what does the "intermediate system" in IS-IS (Intermediate System to Intermediate System) stand for? a.) The autonomous systems used by an organization. b.) An entire network consisting of various network devices. c.) The administrative boundaries of an organization. d.) An IS-IS capable network router.
d.) An IS-IS capable network router. In IS-IS, "intermediate system" refers to a network router that is capable of participating in the IS-IS routing protocol.
Which routing protocol started as a Cisco proprietary protocol and combines some of the features of a link-state protocol with that of distance-vector protocols? a.) IS-IS b.) BGP c.) OSPF d.) EIGRP
d.) EIGRP EIGRP (Enhanced Interior Gateway Routing Protocol) began as a Cisco proprietary protocol and combines features of both link-state and distance-vector protocols, making it a hybrid routing protocol.
What occurs when a collision happens on a network? a.) The collision goes undetected, and data transmission continues. b.) The collision will create an error in the network switch, but otherwise, no issues will occur as a result. c.) Each node on the network stops transmitting, until manually told to reconnect and transmit. d.) Each node on the network waits a random amount of time and then resends the transmission.
d.) Each node on the network waits a random amount of time and then resends the transmission. When a collision occurs, each node waits for a random amount of time before attempting to retransmit, following the Carrier Sense Multiple Access with Collision Detection (CSMA/CD) protocol.
Which statement does NOT accurately describe characteristics of the OSPF protocol? a.) OSPF maintains a database of other routers' links. b.) OSPF has no hop limits on a transmission path. c.) OSPF provides low network overhead. d.) OSPF requires very little CPU or memory resources.
d.) OSPF requires very little CPU or memory resources. OSPF requires significant CPU and memory resources to maintain its link-state database and compute the shortest path first (SPF) algorithm, especially in larger networks.
Routing protocols that enable routers to communicate beyond neighboring routers, allowing each router to independently map the network, are known as which type of protocols? a.) interior gateway protocols b.) border gateway protocols c.) distance vector protocols d.) link-state protocols
d.) link-state protocols Link-state protocols allow routers to map the entire network by sharing information with all routers, rather than just with neighbors, enabling more efficient and dynamic route calculations.
Which traceroute command will perform a trace using ICMP echo requests instead of UDP datagrams to the host srv1.mycompany.com? a.) traceroute -i srv1.mycompany.com b.) traceroute -w srv1.mycompany.com c.) traceroute -o ICMP srv1.mycompany.com d.) traceroute -I srv1.mycompany.com
d.) traceroute -I srv1.mycompany.com The "-I" option in the traceroute command specifies the use of ICMP echo requests instead of UDP datagrams.
