Networking+ - Chapter 4

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What command can be used to check a domain computer's time source from a Command Prompt window?

w32tm /query /source

What utility is the equivalent to the pathping command on a Linux system?

mtr

When using DHCP for IPv6 (i.e. DHCPv6), what port do clients receive responses on?

port 547

At the Transport layer of the OSI, what is used to find and communicate with a particular application running on a host?

port numbers

Routers can:

Filter broadcast transmissions, prevent certain types of traffic from getting to a network, support simultan. local & remote connectivity, provide high network fault tolerance, monitor network traffic & report statistics, diagnose internal or other connectivity probs and trigger alarms

tcpdump

Free command-line packet sniffer that runs on Linux and other Unix Oss, captures traffic that crosses a computer network interface, output can be saved to a file that you can filter or play back, must either use the sudo command or log in as root to access

Routing protocols that enable routers to communicate beyond neighboring routers, allowing each router to independently map the network, are known as which type of protocols?

Link-State protocols

Netstat

Displays TCP/IP statistics and details about TCP/IP components and connections on a host. Info includes: the port on which a TCP/IP service is running, which network connection are currently established for a client, how many messages have been handled by a network interface since it was activated, how many data errors have occurred on a particular network interface

ARP two types of entries:

Dynamic (created when a client makes an ARP request that could not be satisfied by data already in the ARP table) Static (Those someone entered manually using the ARP utility (arp command) ) To view a Window's workstations ARP table enter the command arpa -a

IP (Internet Protocol)

A connectionless Network-layer protocol that is responsible for sending data packets across a network. Traverses more than one LAN segment and more than one type of network through a router. IP is unreliable connectionless protocol doesn't guarantee delivery of data

ICMP (Internet Control Message Protocol)

A core protocol in the TCP/IP suite (network layer) that notifies the sender that something has gone wrong in the transmission process and that packets were not delivered. It can indicate when part of a network is congested, when data fails to reach its destination, when data has been discarded because of the allotted TTL has expired but does not correct errors it sees. ICMPv6 on IPv6 networks performs the functions of ICMP and ARP on IPv4 networks

Routing Table

A database that maintains info about where hosts are located and the most efficient way to reach them, routers rely on them to identify which router is the next hop to reach a particular host, routing tables contain IP addresses & network masks that identify a network that a host or another router belongs to

Router

A router joins two or more networks and passes packets from one network to another. Connect dissimilar networks (LANs and WANs), interpret layer 3 and often layer 4 addressing, determines best path for data to follow A - B not always straight, reroute traffic if first choice is down

TCP/IP

A suite of protocols including TCP, IP, UDP, AR. Data is stripped when recieved

Layer 4 switch

A switch capable of interpreting Layer 4 data, also known as content or application switches, enables switch to perform advanced filtering, keep statistics, and provide security functions.Typically used as a part of a networks backbone

Pathping

A windows utility that combines elements of both ping and tracert to provide deeper info about network issues along a route, sends multiple pings to each hop along a route, them compiles info into a single report

ARP (Address Resolution Protocol)

ARP works in conjunction with IPv4 to discover MAC address of a host or node on the local network and maintains it, ARP is layer 2 protocol that uses IP in layer 3, operates only in its local network, replies on broadcasting, ARP table: the database of the Ip-to-MAC address mappings (IP address + MAC address)

What statement regarding the differences between the Windows tracert utility and the Linux/UNIX/macOS traceroute utility is accurate?

By default, the tracert utility uses ICMP echo requests, while traceroute uses UDP datagrams or TCP SYN message

Layers 7, 6, and 5

Data and instructions, known as payload, are generated by applications running on source host

IPv6 packets:

Different format from IPv4, accommodate the much longer IPv6 address, there is no fragment offset field, IPv6 hosts adjust their packet sizes to fit the requirements of the network before sending IPv6 messages

What field in an IPv4 packet informs routers the level of precedence they should apply when processing an incoming packet?

Differentiated Services (DiffServ)

Which routing protocol started as a Cisco proprietary protocol and combines some of the features of a link-state protocol with that of distance-vector protocols?

EIGRP

You have been tasked with the replacement of OSPF with EIGRP throughout your organization, which consists of a mixture of Cisco routers and routers from other vendors. What statement is accurate?

EIGRP may not be available on non-Cisco routers

A Windows computer on your network is having issues resolving queries for a specific domain, but not other domains. Other computers on the same network resolve the name just fine. What command can you issue that might fix the problem?

ipconfig /flushdns

What routing metric affects a path's potential performance due to delay?

latency

What command will list only current connections, including IP addresses and port numbers?

netstat -n

Which command will produce statistics about each message transmitted by a host, separated according to protocol type?

netstat -s

Layer 2

packet is passed to Data Link layer on NIC, which encapsulates data with its own header and trailer, creating a frame (switches)

Routing Metrics

properties of a route used by routers to determine the best path to a destination: hop count, theoretical bandwidth & actual throughput, delay, latency on a potential path, load/ traffic or processing burden, MTU. routing cost/value assigned to particular route, reliability of potential path, topology of network

You are connected to your network's Cisco router, and need to verify the route table. What command should you enter?

show ip route

In a TCP segment, what field indicates how many bytes the sender can issue to a receiver before acknowledgment is received?

sliding-window

What tcpdump command can be used to filter out all traffic except SSH traffic?

tcpdump port 22

Ethernet Header

the header of FCS makes up the 18-byte "frame" around the data, the data portion of an ethernet frame may contain from 46 to 1500 bytes.

A trace test might stop because:

The device the trace is attempting to reach is down, its too busy to process low-priority messages such as UDP or ICMP, it doesn't accept the UDP or ICMP transmissions being sent because of a firewall blocks these types of messages, a trace can't detect router configuration probs or predict variations of routers over a period of time

Routing Protocols:

Used by routers to communicate with each other to determine the best path. They rate reliability & priority of a routing protocol data by: Administrative distance (AD, a number indicating the protocols reliability) convergence time (time it takes to recognize a best path in the event of change/network outage) overhead (burden placed on underlying network to support protocol)

UDP

User Datagram Protocol. Used for information that requires no response. For example streaming audio or video. UDP provides no error checking, sequencing or flow control, makes UDP more efficient than TCP

Tracert/traceroute

Windows tracert utility uses ICMP echo requests to trace path from 1 network node to another, identifies all intermediate hopes between the nodes. Linux, UNIX, and OS X systems use the traceroute utility to send UDP messages to a random port on destination node (concept is same as tracert) both utilities employ a trial-error approach to discover the nodes at each hop from source to destination

What is not a range of IP addresses recommended for use in private networks?

127.0.0.0 through 127.255.255.255

Ethernet

Most important data link standard, capable of running on a variety of network media, offers excellent throughput at a reasonable cost, most popular network technology used on modern LAN's, Ethernet 2 is the current standard, adds both a header and a trailer to the payload, creates a frame around the payload

Static routing

Network administrators configures a routing table to direct messages along specific paths, ex: a static route between a small business and its ISP

Layer 3

Network layer adds its own header and becomes a packet

Originally codified by ISO, what does the "intermediate system" in IS-IS (Intermediate System to Intermediate System) stand for?

An IS-IS capable network router

Dynamic routing

Automatically calculates the best path between two networks and maintains this information in a routing table. Routers can detect problems with failed or congested routers and reroute messages through a different path

which statement regarding the border gateway protocol (bgp) is accurate?

BGP utilizes TCP for communicating updates

What command on Linux will display TCP/IP information associated with every interface on the device?

ifconfig -a

Multilayer switches

Layer 3 switch & Layer 4 switch

BGP

(border gateway protocol) only current EGP known as protocol of the internet, can span multiple autonomous sytems, path-vector routing proto that communicates via BGP-spefic messages that travel between routers, determines best paths, can be configured to follow policies, most complex of routing protos

EIGRP

(enhanced interior gateway routing protocol) advanced distance-vector protocol, combines features of link-state protocol, referred as hybrid protocol, fast convergence time on low network overhead, easier to configure less CPU-intensive than OSPF, supports multiple protocols & limits unnecessary traffic between routers, originally proprietary to Cisco routers

EGP

(exterior gateway protocols) used by edge routers & exterior routers to distribute data outside of autonomous systems, the only EGP currently in use is BGP

IGP

(interior gateway protocols) used by core routers & edge routers within autonomous systems and are often grouped according to algorithms they use to calculate best paths: distance vector protocols- calculate path on basis of distance to destination. Link-state routing protocols- enables routers to communicate beyond neighboring routers to independently map the network & determine best path

IS-IS

(intermediate system to intermediate system) IGP & link-state routing protocol: uses a best path algo similar to OSPF, is designed for use on core routers only (unlike OSPF) not handcuffed to IPv4 (like OSPF) adaptable to IPv6, service providers prefer IS-IS because its more scalable than OSPF

OSPF

(open shortest path first) IGP & link-state protocol used on interior/border routers, improvement to RIP. Supports large networks,imposes no hop limits (unlike RIP), uses complex algo for paths, maintains a database of other router's links/shared data, low overhead, fast convergence, demands more memory & CPU but keeps network bandwidth to a minimum fast convergence time, stability, multi-vendor routers-supported by all modern routers

When using the Routing Information Protocol (RIP), what is the maximum number of hops a message can take between its source and its destination before the destination is considered unreachable?

15 hops

By default, what is the MTU size on a typical Ethernet network?

1500 bytes

If the VLAN tag is present in an Ethernet frame, what is the maximum frame size?

1522 bytes

What ipv6 address represent a global unicast address?

2000::/3

ICMP packet includes:

5 fields within a packet. TYPE (8 bits, indicates the type of ICMP message, such as Destination Unreachable) CODE (8 bits, indicates the subtype of the message, such as destination host unknown) CHECKSUM (16 bits, allows the receiving node to determine whether the ICMP packet became corrupted during transmission) REST OF HEADER (32 bits, varies depending one message type and subtype) DATA (variable bits, usually contains the IP header and the first 8 bytes of the data portion of the IP packet that triggered the ICMP message)

What are the three characteristics of TCP in its role as a reliable delivery protocol?

Connection-oriented Protocol, Sequencing and checksums, Flow Control

Router categories:

Core routers/interior routers (direct data between networks within the same autonomous system (AS)) Edge routers/border routers (connect an autonomous system with an outside network) Exterior routers (refers to any router outside the organizations AS, direct data BETWEEN autonomous systems)

What occurs when a collision happens on a network?

Each node on the network waits a random amount of time and then re-sends the transmission

Exceptions to Ethernet frame size limitations:

Ethernet frames on a VLAN can have an extra 4-byte field between the Source address field and the Type field. Some versions allow for a jumbo frame

What command can you utilize to display TCP/IP configuration information for each network adapter installed?

Ipconfig /all

what is the purpose of the checksum tcp field?

It allows the receiving node to determine whether the TCP segment became corrupted during transmission

What does the MX record do in a forward DNS zone?

It identifies the e-mail server to be used for e-mail traffic for the domain

What statement regarding the Server Message Block protocol is accurate?

It is used by Windows and UNIX-based operating systems to share files

what is the arpa domain suffix utilized for?

It is used for reverse DNS queries, and holds PTR records

What is routing protocol convergence time defined as?

It's the time it takes for the protocol to recognize the best path in the event of a network change

OSI or ISO?

OSI

Which statement does NOT accurately describe characteristics of the OSPF protocol?

OSPF requires very little CPU or memory resources

Connectivity device

One of several types of specialized devices that allows two or more networks or multiple parts of one network to connect and exchange data. Known by the highest OSI layer they read and process

Layer 1

Physical layer on the NIC receives the frame and places the transmission on the network

Common Routing Protocols:

RIP (routing information protocol, IGP type, distance-vector algorithm) RIPv2 (routing information protocol version 2, IGP, Distance-vector) OSPF (open shortest path first, IGP, Link-state), IS-IS (intermediate system to intermediate system, IGP, link-state) EIGRP (enhanced interior gateway routing, IGP, advanced distance-vector) BGP (border gateway protocol, EGP, advanced distance-vector or path vector)

TCP/IP Core Protocols

Receiving host de-encapsulates the message at each layer in reverse order and presents payload to the receiving applications. In transit, transmissions might pass through a number of connectivity devices.

Which of the following protocols is used as a signaling protocol for the initial connection between hosts, but does not participate in data transfer during the session?

SIP

What kind of document serves as a legally binding contract or part of a contract that defines, in plain language and in measurable terms, the aspects of a service provided to a customer?

Service level agreement

The IP connectionless protocol relies on what other protocol to guarantee delivery of data?

TCP

Encrypted control of remote computers using the RDP protocol is accomplished using what port number?

TCP 3389

TCP (Transmission Control Protocol)

TCP operates in the transport layer of the OSI model.

You have been tasked with maintaining a network that is jumbo frame enabled. What does this mean?

The MTU for the network can be as high as 9198 bytes

In the event of a duplicate MAC address shared by two hosts on a switched network, what statement is accurate?

The hosts will still send and receive traffic, but traffic may not always reach the correct destination

MTU (maximum transmission unit)

The largest IP packet size (network layer) in bytes allowable by routers in a path without fragmentation and excluding the frame size. It can be as high as 9198 bytes

The Route Command

The route command allows you to view a host's routing table: On linux or UNIX system use command route, Windows use command route print, on Cisco IOS, use command show ip route

What happens when a router receives a packet with TTL of 0?

The router drops the packet and sends an ICMP TTL expired message back to the host

How do routers create a broadcast domain boundary?

They do not forward broadcast traffic

Layer 4

Transport layer protocol, usually TCP or UDP, adds a header to the payload

Command-line utilities

arp, dig, ipconfig/ifconfig, netstat, nmap, nslookup, pathping/mtr, ping, route, tcpdump, traceroute/tracert

Layer 3 switch

capable of interpreting Layer 3 data and works much like a router, usually faster & less expensive, difference is how hardware is built

Three characteristics of TCP

connection-oriented protocol (TCP ensures that a connection or session is established by using a three-step process called a three-way handshake), sequencing and checksums (TCP creates a character string called a checksum that is checked by the destination host along with a sequence number for each segment), flow control (Gauges rate of transmission based on how quickly the recipient can accept data)

A UDP header:

contains only four fields: Source port, Destination port, Length and Checksum (use of checksum is optional in IPv4 but required in IPv6)

In IPv6, what field is used to indicate what sequence of packets from one source to one or multiple destinations a packet belongs to?

flow label

What is NOT one of the three characteristics of TCP in its role as a reliable delivery protocol?

framing

What IPv6 field is similar to the TTL field in IPv4 packets?

hop limit

TCP three-way handshake

three transmissions sent before data transmission: STEP 1- request for a connection (SYN) STEP 2- Response to the request (SYN/ACK) STEP 3- Connection established (ACK). After the three initial messages, the payload or data is sent. Sequence numbers will be increased by the number of bits included in each received segment, which confirms the correct length of the message was received. SYN - ACK/SYN- ACK

Which traceroute command will perform a trace using ICMP echo requests instead of UDP datagrams to the host srv1.mycompany.com?

traceroute -I srv1.mycompany.com


Ensembles d'études connexes

U.S. History Since 1865 Chapter 23 Study Guide

View Set

Chapter 7.2: THE POWER OF POSITIVE EMOTIONS

View Set

Chapter 2: Two Kinds of Reasoning

View Set

GOVT 2305 - Chapter 15. Foreign Policy

View Set

CHAPTER 12: Workers Compensation

View Set

Chap. 33: Disorders of Cardiac Conduction and Rhythm

View Set

Chapter 4 - The American Revolution, 1754-1783

View Set

Web Design Final Exam Study Guide

View Set