CIT 372 Review Questions quizzes
Which of the following path discovery command-line parameters turns off reverse DNS lookups?
-d
Which of the following command-line parameters for the ping command governs the Time to Live value?
-i
Which of the following command-line parameters for the ping command governs the Reply Timeout value?
-w
What range of addresses traditionally defines a well-known port address?
0-1023
What is the maximum number of primary database servers allowed in any single DNS database zone?
1
How many link-local IPv6 addresses does a node have?
1 per interface
What range of addresses corresponds to the registered port numbers?
1024-49151
The first byte or 8 bits of an IPv6 multicast address must be set to which of the following values? FFFF 0000 1010 1111
1111
For an IPv6 multicast address, how many bits are assigned to the group ID?
112
ICMPv6 messages are organized by Type codes. Which range of codes is used for ICMPv6 informational messages?
125-255
How large is the IPv6 address space?
128 bits
Which value in bytes is the default MTU for IPv6 packets?
1280
Which of the following ICMPv6 type numbers relates to Neighbor Solicitation messages?
135
Which RFC covers Classless Inter-Domain Routing (CIDR)?
1519
For a 6to4 address prefix, how are the first 16 bits always expressed?
2002::/16
For an IPv6 aggregatable global unicast address, the FP or Format Prefix field contains how many bits in the identifier?
3
How many steps occur in the TCP handshake process?
3
The IPv4 header's Options field provides additional IP routing controls. What is the boundary where the options must end?
4-byte boundary
Which RFC describes the ICMPv6 error message type Packet Too Big?
4443
Which RFC most completely defines Neighbor Discovery for IPv6?
4861
What range of addresses corresponds to the dynamic port numbers?
49152-65535
Which of the following UDP port numbers are associated with DHCPv6?
546 & 547
Which of the following UDP port numbers are associated with DHCP?
67 & 68
For the 6to4 transition technology, which device is capable of forwarding 6to4 packets to both 6to4 nodes and IPv6 nodes across an IPv4 network infrastructure?
6to4 relay
Which of the following accurately represents the default advertising rate for unsolicited ICMP Router Advertisements?
7 to 10 minutes
Which of the following RFCs describes ICMP?
792
The loopback address for a network interface using IPv4 is 127.0.0.1 and lets the computer user test the interface. What is the loopback address using IPv6?
::1
Which DNS resource record maps domain names to IPv4 host addresses?
A
By default, which of the following IP services send(s) accounts and passwords in clear text when authenticating users? (Choose all that apply.) A=FTP B=TELNET C=STELNET D=WEB ACCESS USING SSL
A & B
Which of the following IPv6 addresses are the same based on the correct use of zerocompression? (Choose all that apply.) A=FE80::2D57:C4F8:0000:80D7 (NOTE: Textbook answer "A" of FE80::2D57:C4F8::80D7 is incorrect and should be FE80::2D57:C4F8:0000:80D7) B=FE80:0000:2D57:C4F8:0000:80D7 C=FE8::2D57:C4F8::8D7 D=FE80:0:2D57:C4F8:0:80D7
A & B
What kinds of devices require public IP addresses? (choose all that apply) A=ANY DEVICE ATTACHED DIRECTLY TO THE INTERNET B=ANY SERVER WHOSE SERVICES SHOULD BE AVAILABLE TO THE INTERNET C=EVERY CLIENT ON AN INTERNAL NETWORK D=EVERY SERVER ON AN INTERNAL NETWORK
A & B (Any device attached directly to the internet, any server whose services should be available to the internet)
Which of the following best explain why a DHCP Discover packet is broadcast to the local network segment? (Choose all that apply.) A=BECAUSE THE ADDRESS OF A DHCP SERVER IS NOT KNOWN B=BECAUSE THE CLIENT HAS NO IP ADDRESS AND CANNOT SEND A UNICAST C=BECAUSE THE CLIENT'S NETWORK ADDRESS IS UNKNOWN D=BECAUSE THE CLIENT'S HOST ADDRESS IS UNKNOWN
A & B (because the address of a DHCP server is not known because the client has no IP address and cannot send a unicast)
Which activities occur during the process of IPv6 autoconfiguration? (Choose all that apply.) A=THE NODE CHECKS ITS CALCULATED LINK-LOCAL ADDRESS WITH A NEIGHBOR SOLICITATION TO MAKE SURE THAT ADDRESS IS NOT ALREADY IN USE. B=THE NODE MAKES A ROUTER SOLICITATION TO OBTAIN ROUTER ADVERTISEMENTS FROM ATTACHED ROUTERS. C=THE NODE ATTEMPTS TO CALCULATE A LINK-LOCAL ADDRESS BY PREPENDING ITS EUI-64 INTER- FACE ID WITH THE WELL-KNOWN LINK-LOCAL PREFIX. D=ONCE A DHCP SERVER IS IDENTIFIED, IT ALWAYS PROVIDES ALL NECESSARY INFORMATION TO COMPLETE THE AUTOCONFIGURATION PROCESS. E=ALL OF THE ABOVE
A & B (the node checks its calculated link-layer address with a Neighbor Solicitation to make sure that address is not already in use the node makes a Router Solicitation to obtain Router Advertisements from attached routers.)
Which of the following could be examples of the desired affect of a DoS attack? (Choose all that apply.) A=INTERRUPTING OPERATIONS B=POWERING DOWN OPERATIONS C=COMPLETELY DISRUPTING OPERATIONS D=UPGRADING OPERATIONS
A & C
DNS functions on which UDP and/or TCP ports? (Choose all that apply.) A=TCP 53 B=TCP 21 C=UDP 21 D=UDP 53
A & D
Which statements define the edges of the TCP sliding window mechanism? (Choose all that apply.) A=ACKNOWLEDGED DATA PLUS THE RECEIVER'S WINDOW SIZE B=ALL DATA THAT WAS RECEIVED C=ALL DATA PENDING TRANSMISSION D=ALL DATA THAT WAS ACKNOWLEDGED
A & D
Which of the following ICMP Type numbers identify Echo and Echo Reply messages? (Choose all that apply.) A=0 B=1 C=3 D=8 E=30
A & D (0 & 8)
Which of the following ICMPv6 type numbers relate to Router Solicitation and Router Advertisement messages? (Choose all that apply.) A=133 B=135 C=137 D=134 E=136
A & D (133,134)
To which of the following limitations are private IP addresses subject to? (Choose all that apply.) A=MAY NOT BE ROUTED ON THE INTERNET B=MAY NOT BE USED WITHOUT PERMISSION FROM ICANN OR AN ISP C=WILL NOT WORK WITH NAT SOFTWARE D=MAY NOT WORK WITH PROTOCOLS THAT REQUIRE SECURE END-TO-END CONNECTIONS
A & D (may not be routed on the internet, may not work with protocols that require secure end-to-end connections)
According to the host sending algorithm, which two conditions must be met in order for a host to send a packet to a destination node's link-layer address? (Choose all that apply.) A=DESTINATION ADDRESS IS IN THE DESTINATION CACHE. B=DESTINATION ADDRESS IS IN THE PREFIX LIST. C=LINK-LAYER ENTRY IS IN THE ROUTER CACHE. D=LINK-LAYER ENTRY IS IN THE DESTINATION CACHE. E=LINK-LAYER ENTRY IS IN THE NEIGHBOR CACHE.
A & E (destination address is in the destination cache & link-layer entry is in the neighbor cache
False
A Best Current Practice (BCP) RFC is a special form of Standard RFC.
When a node receives a Router Advertisement, what flag is required to be set to "on" in order for the node to perform SLAAC?
A flag
1. capture filter 2. Pre-filter
A packet filter that's applied to incoming data in a protocol analyzer may be called a ____________.
IPv6 uses what means to provide source and destination address selection?
A source address selection algorithm and a destination address selection algorithm are used
In 6to4 addressing, what does the w.x.y.z colon hexadecimal notation represent?
A unicast IPv4 address
Which of the following are examples of malicious code? (Choose all that apply.) A=VIRUS B=WORM C=TROJAN HORSE D=WINDOWS 7
A, B & C
Which tools should you include in a test lab? (Choose all that apply.) A=TRAFFIC SIMULATOR B=PROTOCOL ANALYZER C=AED BOX D=JUMP BOX
A, B & D
Your decision to multihome your enterprise network will increase the number of prefixes in the default-free zone. How will this affect routers in the IPv6 Internet? (Choose all that apply.) A=INCREASES MEMORY REQUIRED TO STORE THE ROUTING TABLE B=INCREASES TIME TO LOOK UP ENTRIES IN THE ROUTING TABLE C=INCREASES THE SIZE OF PACKETS IN THE ROUTERS D=INCREASES THE NUMBER OF PREFIX ANNOUNCEMENTS BETWEEN ROUTERS
A, B, & D
Which fields in an IPv6 header do packet classifiers use to identify a packet's flow if it is part of a flow? (Choose all that apply.) A=DESTINATION ADDRESS B=FLOW LABEL C=HOP LIMIT D=SOURCE ADDRESS
A, B, & D (Destination address, flow label, source address)
The IPv4 Protocol field contains the value of the protocol that is coming next. Of the following, which are valid protocols for this field? (Choose all that apply.) A= EGP B= ICMP C= NAND D= OSPF
A, B, & D (EGP ICMP OSPF)
Peer Name Resolution Protocol (PNRP) is supported on which of the following Windows operating systems? (Choose all that apply.) A=WINDOWS XP SP2 B=WINDOWS VISTA C=WINDOWS SERVER 2003 D=WINDOWS SERVER 2008
A, B, & D (Windows XP SP2, Windows Vista, & Windows Server 2008)
Which of the following represents an improvement of IPv6 over IPv4? (Choose all that apply.) A=LARGER ADDRESS SPACE B=BETTER SECURITY C=IMPROVED BROADCAST SUPPORT D=BETTER SUPPORT FOR MOBILE IP
A, B, & D (larger address space, better security, better support for mobile IP)
Which of the following tools are candidates for an attack toolkit? (Choose all that apply.) A=WIRESHARK B=NMAP C=TCPDUMP D=FOOTPRINTING TOOLS
A, B, C, & D
Which of the following services are characteristic of a connection-oriented protocol? (Choose all that apply.) A=CONNECTION HANDLING B=DELIVERY GUARANTEES C=SEGMENTATION AND REASSEMBLY D=MESSAGE-LEVEL CHECKSUM IN HEADER E=EXPLICIT TRANSMISSION ACKNOWLEDGMENT
A, B, C, & E
Which of the following represent a valid enhancement found in DHCPv6 or a valid related enhancement that is part of the basic IPv6 environment? (Choose all that apply.) A=IPV6 INTERFACES SUPPORT MULTIPLE ADDRESSES IN DHCPV6. B=IPV6 NODES MUST LISTEN FOR ADDRESS UPDATES TO SUPPORT AUTOMATIC RENUMBERING. C=NODES UNDER IPV6 CAN OBTAIN LOCALLY FUNCTIONING ADDRESSES WITHOUT ANY INTERACTION WITH DHCP. D=DHCPV6 SERVERS AND ROUTERS CAN BE CONFIGURED TO SEND ADVERTISEMENTS IN AUTHEN- TICATED FORM. E=DHCPV6 CAN BE SET UP TO DYNAMICALLY UPDATE DNS RECORDS
A, B, C, D, & E
Which of the following values are valid TCP Flag settings? (Choose all that apply.) A=SYN B=ACK C=NUL D=FIN E=PSH
A, B, D, & E
Which of the following are network elements that support a network infrastructure? (Choose all that apply.) A=CLIENTS B=NETWORK MANAGEMENT AND UTILITIES C=ROUTERS D=VOIP NETWORKS
A, C, & D
Which of the following are reasons to implement tunnels as part of an IPv6 migration?(Choose all that apply.) A=YOU HAVE AN IPV4 HOST THAT CANNOT BE UPGRADED BUT NEEDS TO TALK TO THE REST OF THE IPV6 NETWORK. B=YOU HAVE A DUAL-STACK HOST CONNECTED TO AN IPV4 NETWORK, AND IT NEEDS TO TALK TO THE REST OF THE IPV6 NETWORK. C=YOU HAVE TWO ISLANDS OF IPV6 HOSTS SEPARATED BY AN IPV4 NETWORK. D=YOU HAVE TWO ISLANDS OF IPV4 HOSTS SEPARATED BY AN IPV6 NETWORK
A, C, & D
A Windows Server 2008 R2 DHCPv6 server can supply which of the following to a node in response to a DHCPv6 request? (Choose all that apply.) A=AN IPV6 ADDRESS B=AN IPV6 DEFAULT GATEWAY ADDRESS C=A DNS SERVER IPV6 ADDRESS D=THE DOMAIN NAME
A, C, & D (an IPv6 Address, a DNS server IPv6 address, and the domain name)
Which of the following characterize valid aspects of DNS? (Choose three all that apply.) A=LOCAL CONTROL OVER DOMAIN NAME DATABASE SEGMENTS B=DESIGNATION OF OPTIONAL PRIMARY NAME SERVERS AND MANDATORY SECONDARY NAME SERVERS C=DATA FROM ALL DATABASE SEGMENTS, AVAILABLE EVERYWHERE D=HIGHLY ROBUST AND AVAILABLE DATABASE INFORMATION
A, C, & D (local control over domain name database segments data from all database segments, available everywhere highly robust and available database information)
Which of the following address types are supported by IPv6? (Choose all that apply.) A=ANYCAST B=BROADCAST C=MULTICAST D=UNICAST
A, C, & D (anycast, multicast, unicast)
Which DNS resource record is used for IPv6 host addresses?
AAAA
Where can you get a block of IPv6 addresses if you are in the United States and plan to multihome your network?
ARIN
Which of the following protocols translates from a numeric IP address to a physical numeric address?
ARP
Which of the following terms describe a single group of IP addresses managed by DHCP? (Choose all that apply.) A=ADDRESS POOL B=ADDRESS GROUP C=ADDRESS SCOPE D=ADDRESS SUPERSCOPE
Address pool address scop (A& C)
Which of the following definitions best describes a network that is in a converged state?
All routers know current available networks and their associated costs
Which of the following statements best explains the importance of applying system and application patches and fixes?
As vulnerabilities or exploits are exposed, system and application vendors provide patches and fixes to repair, defeat, or mitigate potential attacks. Thus, it's usually a good idea to apply them
What does TCP use to track the transfer of data and its successful delivery? (Choose all that apply.) A=LOGICAL CONNECTION BETWEEN PEERS B=ACKNOWLEDGMENTS C=SEQUENCE NUMBERS D=RETRY MECHANISM
B & C
Which of the following TCP/IP protocols are Transport layer protocols? (Choose all that apply.) A=IP B=TCP C=UDP D=FTP
B & C
Which of the following are reasons for upgrading to IPv6? (Choose all that apply.) A=YOU CAN HAVE AS MANY PUBLIC ADDRESSES AS YOU WANT. B=YOU ARE OUT OF IPV4 ADDRESSES. C=YOU NEED FEATURES PROVIDED BY IPV6. D=IT IS LESS COMPLEX AND EASIER TO UNDERSTAND
B & C
Which two of the four main elements in a DDoS attack coordinate and execute the actual attack? (Choose two.) A=ATTACKER B=HANDLER C=AGENT D=VICTIM
B & C
Which of the following ICMP Type numbers relate to Router Advertisement and Router Solicitation messages? (Choose all that apply.) A=8 B=9 C=10 D=11 E=12
B & C (9 & 10)
What kinds of data are most likely to show up in a response to a DNS query of any kind? (Choose all that apply.) A=ADDRESS FORWARDING INSTRUCTIONS B=DNS RESOURCE RECORDS C=ADDRESS IMPERSONATION ALERTS D=ERROR MESSAGES
B & D (DNS resource records, error messages)
Which Neighbor Discovery messages will include the source link-layer address of the sender in its options field? (Choose all that apply.) A=NEIGHBOR ADVERTISEMENT B=REDIRECT C=ROUTER ADVERTISEMENT D=NEIGHBOR SOLICITATION E=REPLY SOLICITATION
B & D (Redirect & Neighbor Solicitation)
Which of the following address types are used for local network communications in IPv6? (Choose all that apply.) A=LINK-LAYER B=LINK-LOCAL C=LOCAL-USE D=SITE-LOCAL
B & D (link-local & site-local)
When used over an asynchronous connection like an analog telephone link, PPP supports which of the following WAN encapsulation services? (Choose all that apply.) A=ADDRESSING B=BIT-LEVEL INTEGRITY CHECK C=DELIMITATION D=PROTOCOL IDENTIFICATION
B, C, & D (Bit-level integrity, delimination, protocol identification)
When a DHCP server is not available on the same cable segment as a DHCP client, which techniques permit the DHCP client's initial DHCP broadcast requests to be serviced? (Choose all that apply.) A=NONE DO. A DHCP SERVER MUST BE AVAILABLE ON ANY CABLE SEGMENT OR BROADCAST DOMAIN WHERE A DHCP CLIENT RESIDES. B=INSTALLING A DHCP RELAY AGENT ON ANY CABLE SEGMENT OR BROADCAST DOMAIN WHERE A DNS SERVER IS NOT DIRECTLY ATTACHED. C=INSTALLING A REMOTE DHCP AGENT ON ANY CABLE SEGMENT OR BROADCAST DOMAIN WHERE A DNS SERVER IS NOT DIRECTLY ATTACHED. D=CONFIGURING INTERNAL ROUTERS TO FORWARD BOOTP FROM CABLE SEGMENTS OR BROADCAST DOMAINS WHERE DHCP CLIENTS RESIDE TO SEGMENTS WHERE DHCP SERVERS RESIDE. E=CONFIGURING INTERNAL ROUTERS TO FORWARD BOOTP FROM CABLE SEGMENTS OR BROADCAST DOMAINS WHERE DHCP SERVERS RESIDE TO SEGMENTS WHERE DHCP CLIENTS RESIDE.
B, D, & E (Installing a DHCP relay agent on any cable segment or broadcast domain where a DNS server is not directly attached Configuring internal routers to forward BOOTP from cable segments or broadcast domains where DHCP servers reside to segments where DHCP clients reside Configuring internal routers to forward BOOTP from cable segments or broadcast domains where DHCP clients reside to segments where DHCP servers reside.)
Of the following versions of Windows, which support an IPv4/IPv6 dual-stackconfiguration? (Choose all that apply.) A=WINDOWS XP B=WINDOWS SERVER 2003 C=WINDOWS SERVER 2008 D=WINDOWS VISTA SP1
C & D
20. Which of the following choices permit a node to consider a neighbor to be reachable? (Choose all that apply.) A=UNSOLICITED ROUTER SOLICITATIONS ARE RECEIVED WITHIN THE REACHABLE_TIME VARIABLE. B=UPPER-LAYER PROTOCOL INDICATES BACKWARD PROGRESS WITHIN THE REACHABLE_TIME VARIABLE. C=SOLICITED NEIGHBOR ADVERTISEMENTS ARE RECEIVED WITHIN THE REACHABLE_TIME VARIABLE. D=UPPER-LAYER PROTOCOL INDICATES FORWARD PROGRESS WITHIN THE REACHABLE_TIME VARIABLE. E=UNSOLICITED NEIGHBOR ADVERTISEMENTS ARE RECEIVED WITHIN THE REACHABLE_TIME VARIABLE
C & D (Solicited neighbor advertisements are received within the reachable_time variable & upper-layer protocol indicates forward progress within the reachable_time variable
What size or type of organization is most likely to benefit from a caching-only DNS server? (Choose all that apply.) A=SMALL B=MEDIUM C=LARGE D=SERVICE PROVIDER
C & D (large, service provider)
What is the first step that an IP host performs when it receives an Ethernet II frame?
Check the validity of the FCS value
Which of the following types of IP addresses includes the most host addresses?
Class A
Which of the following is a valid reason to use stateful autoconfiguration?
Clients need to know their DNS server and domain suffix
What will happen to a legacy IPv4 application that is not IPv6 native after you have upgraded your clients to be IPv6-only?
Clients will be unable to communicate with the application
What kind of DHCP packet does the server send to the client to denote completion of the DHCP Discovery process?
DHCP Acknowledgement (ACK) packet
Which of the following represent a valid DHCP software component? (Choose all that apply.) A=DHCP CLIENT B=DHCP RESOLVER C=DHCP SERVER D=DHCP PRIMARY MASTER E=DHCP SECONDARY MASTER F=DHCP RELAY
DHCP client, server, & relay (A, C, & F)
In a DHCPv6 server, IPv6 addresses are bound to which of the following:
DUID of the host
Of the following, which routing table types can an IPv6 routing table store? (Choose all that apply.) A=DEFAULT ROUTE B=DIRECTLY ATTACHED ROUTES C=NEXT-HOP ROUTE D=REMOTE ROUTES
Default route, directly attached routes, remote routes (A, B, & D)
What is the process whereby a DNS server higher in the domain name hierarchy confers responsibility for portions of the global DNS database on DNS servers lower in its hierarchy?
Delegation of authority
What is the most common step that attackers take to attempt to escape detection after a successful break-in?
Delete log files to remove all traces of the attack
Of the following, which extension header can appear more than once for an IPv6 packet?
Destination Options
Which of the following types of attack is the least likely to result in damage or loss of data?
DoS or DDoS attack
In an IPv4 Packet header, the Identification field contains a unique identifier for each packet; however, packets are sometimes fragmented further by routers to transverse a network that supports a smaller packet size. What happens to the value of the Identifi- cation field in a packet header if the packet is further fragmented?
Each fragment of the original packet maintains the original ID value in the header Identification field
Which of the following ICMP message types relates to reachability analysis?
Echo/Echo Reply
Which of the following is not a recognized principle of IP security?
Enable access by default, deny access by exception
The link-local scope all-nodes multicast address is which of the following?
FF02::1
The link-local scope all-routers multicast address is which of the following?
FF02::2
Any type of DNS server also can be a caching-only server
False
Both the IPv4 and IPv6 implementations of the OSPF routing protocol can manage multiple addresses and instances per interface.
False
DHCP manages only IP addresses.
False
Identical UDP and TCP port numbers always map to the same TCP/IP protocol or service.
False
It is mandatory to have one or more secondary DNS servers for any DNS database zone.
False
More than 70 percent of all network or system break-ins originate outside an organiza- tion's network boundary.
False
On Windows 7, the Teredo service is enabled and active by default.
False
On a computer running Windows 7, the correct command for discovering the name and address of www.ipv6testlabs.com is nslookup -aaaa www.ipv6testlabs.com.
False
Path MTU Discovery is only available for IPv6.
False
TCP/IP implements a pessimistic security policy.
False
The ICMP redirection process serves only IP routers, not IP hosts.
False
The IPv4's Time to Live (TTL) field indicates the remaining lifetime of the packet defined as distance or as in hops through routers. True or False?
False
The current TCP window size is always the greater of what the network and the receiver can handle at any given moment
False
The dual-IP-layer approach allows a computer to run IPv4 and IPv6 side by side at the Network layer, and each IP stack must access a separate TCP/UDP stack at the Transport layer.
False
To support the transition from IPv4 to IPv6, DNS name servers must contain PTR records in the IN-ADDR.ARPA domain for IPv4 domains and may optionally contain PTR records in the IP6.ARPA domain for IPv6 nodes.
False
The primary benefit of caching DNS data is:
Faster lookups
An ICMPv6 Duplicate Address Detection message is closely related to which ICMP message?
Gratuitous ARP
RFC 2460 defines the recommended order in which extension headers should appear. Which extension header should appear first if it is present?
Hop-by-Hop Options
What is the proper response to a TCP connection termination?
Host 1 returns an ACK response
Which phenomenon causes a black hole to occur?
ICMP is disabled on a router.
Multicast Listener Discovery, which is used by IPv6 routers to discover multicast listen- ers, is embedded in what protocol?
ICMPv6
Which of the following represents the five states of a neighbor cache entry?
INCOMPLETE, REACHABLE, STALE, DELAY, PROBE
IPSec provides enhanced security features at which layer?
IP layer
Of the following, which packet type or types is a computer using dual-stack architecture capable of generating?
IPv6 or IPv4 packets
Which transition method supports the use of Potential Router Lists (PRLs) because it does not consider IPv4 routers capable of broadcasts?
ISATAP
daemon
In UNIX terminology, a listener process that operates on a server to handle incoming requests for services is called a ___________.
Link-Local Multicast Name Resolution (LLMNR) is a name resolution protocol that works in what kind of environment?
In a single subnet
For the IPv6 header Traffic Class field, what function does the Precedence field serve?
It allows an application to differentiate traffic types based on priorities
If an IPv6 router has multiple routes that lead to the correct destination address for a packet, how does it choose a route for the packet?
It chooses the route with the largest prefix length
Which of the following definitions best explains split horizon?
It prevents a router from advertising a network to the interface that provides the original network information
What basic function does the IPv4 Header Checksum field perform?
It provides error detection on the contents of the entire IP header, minus the Checksum field
How does a DHCP relay forward the DHCP server's reply to a client's initial address request?
It uses the MAC layer address for the requester
A host is running IPv6. You connect the host to an IPv4 network with no IPv6 routers. What happens by default to the host?
It will only be able to talk to IPv6 nodes on its local link
7. Application 6. Presentation 5. Session 4. Transport 3. Network 2. Data Link 1. Physical
List the seven layers of the ISO/OSI network reference model in ascending order, starting with Layer 1.
Which flag is required to be set to "on" in a Router Advertisement for a host to send a request to a DHCPv6 server?
M flag
Which of the following terms is a synonym for a physical numeric address?
MAC layer address
Whick of the following services perform address hiding? (choose all that apply) A=E-MAIL B=FTP C=NAT D=PROXY
Nat and Proxy
A host invoking the Duplicate Address Detection process sends what type of message?
Neighbor Solicitation
Which of the following routing protocols is a link-state protocol?
OSPF
True
On any system, only those protocol number for protocols that are actually in use must be defined on that system.
Which of the following statements best explains why physical security for network and system components and devices is so important?
Physical access to components and devices makes it possible for a knowledgeable intruder to break into such systems
What is the purpose of the Precedence bits in the IPv4 header's Type of Service field?
Precedence is used by routers to prioritize traffic through router queues
In a Router Advertisement message, which two combined Prefix Information options comprise the IPv6 prefix address?
Prefix and Prefix Length
Which architecture has been developed on top of ISATAP?
RANGER
Which version of RIP in an IPv4 implementation uses multicast packets for updates rather than broadcasts?
RIPv2
Which of the following query sequences represents a typical DNS lookup?
Recursive, then iterative
IPv6 destination address selection may interfere with what IPv4 DNS destination address process for Windows computers?
Round robin
Which of the following are basic rules of operations for nodes (routers and hosts) concerning Redirect messages?
Routers do not update their routing tables if they receive Redirect messages. Hosts do not send Redirect messages.
Currently, the Routing extension header is designed to use only one option. Which option can it use?
Routing Type = 0
Which technology allows address translation between an IPv4 network domain and an IPv6 network domain through an XLAT translator?
SIIT
On a Windows 7 host, if the host does not receive a Router Advertisement in response to its Router Solicitation, what is its next step in the IPv6 address autoconfiguration process?
Send a DHCPv6 Solicit message
Which issue explains why DHCP was not traditionally used to manage server and router addresses?
Servers and routers often depend on DNS, which must be manually updated when addresses change
What method of name resolution was used on the Internet prior to the introduction of DNS?
Static name resolution
Which IPv6-over-IPv4 tunneling method supports address translation through NAT?
Teredo
You need to tunnel through NAT. Which of the following is the best choice?
Teredo
When calculating the maximum segment size (MSS) for TCP, what is the difference between the IPv4 header size and the IPv6 header size?
The IPv6 header size is 20 octets larger than the IPv4 header size
A network node that understands the Jumbo Payload option will process a packet as a jumbogram under what condition?
The Link-Layer framing indicates that additional octets exist beyond the IPv6 header
The Next Header field in the IPv6 header points to the first extension header for the packet if the packet possesses one or more extension headers. If more than one exten- sion header exists, how is this extension header identified?
The Next Header field points to the first extension header and, if other exist, the first extension header uses its own Next Header field to point to the next extension header
What are the first steps in a Teredo node performing discovery?
The Teredo node encapsulates an ICMPv6 echo request packet addressed to the desired IPv6 node in a UDP datagram and then sends the datagram to the Teredo server
When running UDP over IPv6, the checksum is mandatory and a pseudo-header is used to imitate the actual IPv6 header. If the Routing extension header is present, what is the result in the pseudo-header?
The address in the Destination Address field is the final destination address
When an IPv6 host receives a packet that is addressed to it, if the packet does not use UDP or TCP as its upper-layer protocol, how does the host respond?
The destination host will pass the data to the appropriate protocol running on the host
Once PMTU Discovery sets the MTU size for IPv6 packets and begins sending, how do forwarding nodes manage packets if a link MTU in the path reduces or becomes too small for the packet MTU size?
The forwarding node drops the packet and sends and ICMPv6 Packet Too Big message to the sending node
An IPv6 address on a host moves from the preferred state to the deprecated state when which of the following events occurs?
The preferred lifetime timer expires and the valid lifetime timer is valid
multiplexing
The process of combining multiple outgoing protocol streams at the Transport and network layers in TCP/IP is called __________.
sending or receiving application process
The purpose of a TCP/IP port number is to identify which aspect of a system's operation for incoming and outgoing protocol data?
Why do "all DNS queries end at the root?"
The root can access any and all authoritative name servers for any database segment
The Flags field in an IPv4 header can be set to different values, depending on fragmen- tation requirements. Of the following, which is correct about the options that can be set in this field?
The values can be set to allow more fragmentation or prohibit more fragmentation, depending on the network's requirements.
When a router sends a Redirect message to a host, which of the following choices best represents the intent of such a message?
To inform the host that a better first-hop router is available
A Class A network address of 12.0.0.0 is written as 12.0.0.0/8 in prefix notation. True or False?
True
A DNS server that's primary for one DNS database zone can also be secondary for one or more other DNS database zones.
True
Configuring hosts to be weak or strong can be performed on both IPv4 and IPv6 net- work nodes.
True
ICMP reports errors only about IP datagrams. Errors about error messages are not reported.
True
In Windows 7, the default NetBIOS setting is to use whatever NetBIOS setting is provided dynamically by DHCP or, if the computer uses a static IPv4 address, automatically use NetBIOS over TCP/IP. [NOTE: Textbook erroneously says "IPv6 address" when it should say "IPv4 address."]
True
In mixed IPv4/IPv6 environments, the DNS resolver libraries on network nodes must have the ability to manage both A and AAAA records regardless of whether the DNS packets are carried by IPv4 or IPv6 packets.
True
It is necessary to add resource records for the DNS root servers to the cache of any DNS server during initial configuration and setup.
True
It's up to the IP host that receives incoming ICMP messages to act on the content of those messages.
True
The IPv4 header's Fragment Offset field is used, if the packet is a fragment, to show where to place the packet's data when the fragments are reconstructed. True or False?
True
The Neighbor Discovery protocol in IPv6 supports stateless autoconfiguration of attached nodes.
True
Top-level domain names include two- and three-letter country codes as well as organizational codes, such as .com, .edu, and .org.
True
Zero compression is a method that allows a a word containing contiguous zeros in an IPv6 address to be replaced by double colons. True or false?
True
Using the differentiated service code point (DSCP) identifier, IPv4 traffic can be priori- tized by an end node or boundary device, such as a router, and queued and forwarded according to this value. DSCP expedited forwarding (EF) ensures that routers expedite the packet forwarding and don't lower the priority value. Of the following, which service most requires DSCP EF?
VoIP
session setup, maintenance, and teardown AND checkpoint controls
What functions does the Session layer provide?
frames
What is the common name for PDUs at the Data Link Layer?
Internet Official Protocol Standard
What is the title of RFC 5000?
IPv6
What version of IP supports 128-bit addresses?
Upon receipt of the Other Configuration flag in a Router Advertisement message, which of the following best represents how the host should respond?
When set to 1, hosts may use an address configuration protocol such as DHCPv6 to obtain non-address configuration information
How does a host interpret the Managed Address Configuration flag in a Router Adver- tisement message?
When set to 1, hosts must use an address configuration protocol such as DHCPv6 to obtain address configuration information
Upon receipt of the L Flag in the Prefix Options of the Router Advertisement message, which choice best represents how the host should respond?
When set to 1, the host should use the prefix received for on-link address determination
Which choice best represents how a host should behave upon receipt of the H flag in the Prefix Options of the Router Advertisement message?
When set to 1, the router is functioning as a Mobile IPv6 home agent
TCP/IP Transport layer
Which of the following TCP/IP network model layers maps most nearly to single layers in the ISO/OSI network reference model?
1. tapping into network communications 2. capturing packets "off the wire" 3. gathering statistics 4.decoding packets into readable form
Which of the following activities may occur during the protocol analysis process?
1. network interface controllers (NICs) 2. connectors 3. cables
Which of the following components operate at the Physical Layer?
1. Packet filters may be applied to incoming data before capture or to store data after capture 2. Decodes may be applied to packets in the trace buffer 3. Alarms may be set to flag unusual network events or conditions.
Which of the following features are typical for most protocol analyzers?
1. robust network architecture 2. reliable delivery mechanisms 3. ability of dissimilar systems to exchange data 4. support for long haul connections
Which of the following items represent design goals that motivated the development of TCP/IP?
1. The Department of Defense mandates TCP/IP as the "official ARPANET protocol." 2. TCP/IP appears in the 4.2BSD UNIX distribution. 3. Initial development of name server technology occurs.
Which of the following milestone events for TCP/IP occurred in 1983?
IETF
Which of the following organizations develops and maintains RFCs?
ICANN
Which of the following organizations manages Internet domain names and network addresses?
1. Takes a big problem and breaks it into a series of smaller interrelated problems. 2. Allows individual layers to be insulated from one another. 3. Permits expertise to be applied from difference disciplines for different layers. 4. Permits hardware issues to be kept separate from software issues.
Which of the following statements represent benefits of a layered approach to networking?
1. Proposed 2. Draft 3. Standard 4. Historic
Which of the following steps must a Standard RFC go through to become and official standard?
socket address
Which of the following terms is a synonym for a dynamically assigned port address used to service a temporary TCP/IP connection for data exchange?
1. header 2. payload
Which of the following terms represent parts of a PDU that are always present in any PDU?
1. TCP 2. UDP
Which of the following two TCP/IP protocols operate at the TCP/IP Transport layer?
It allows the protocol analyzer to capture and inspect all traffic on the network medium, including errors and malformed packets.
Why is promiscuous mode important for protocol analysis?
For which of the following link types must PPP provide addressing as part of its WAN encapsulation services? (Choose all that apply.) A=ANALOG TELEPHONE LINK B=T-CARRIER LINK C=X.25 CONNECTION D=ATM CONNECTION
X.25 Connection and ATM Connection
An IPv6 unicast address is made up of which of the following?
a 64-bit interface ID and a 64-bit network portion
IPv6 requires each device on the network to have its own unique address or identifier, with one exception:
a host with multiple interfaces providing dynamic load balancing can use a single identifier for all interfaces
When a node sends a Router Solicitation, what type of message is it?
a multicast message
Which of the following statements best describes a black hole router?
a router that does not support PMTU and is configured not to send Destination Unreachable messages
Which of the following statements best describes the role of the ARP cache?
a special area of memory on IP hosts where already-resolved IP hardware address translations are stored
"Dual stack" refers to
a system that is running both IPv4 and IPv6
Which of the following steps is not involved in enabling ISATAP on an IPv6 network?
adding an AAAA record for ISATAP in DNS
Which of the following have IPv6 routes?
all IPv6 nodes
What kinds of activities are appropriate to perform in a sandbox?
all of the above (test security products, test routing protocol changes, test tunneling schemes)
What does the Windows command netsh interface ipv6 dump do?
all of the above (to test applications as they are migrated to IPv6 to test designs and create standardized configurations to evaluate products)
A default gateway is
an IP configuration element that names the router/gateway for a particular subnet
From which device does an ISATAP node receive the required address prefix?
an ISATAP router
How frequently do routers send unsolicited Router Advertisement messages?
an initial sending of three packets, then at random intervals
Which of the following definitions best describes a back door?
an undocumented and illicit point of entry into a system or application
Which one of the following common characteristics makes both FTP and HTTP (Web) vulnerable IP services?
anonymous login
Which of the following best describes a vulnerability?
any protocol, service, or system facility known to be susceptible to attack
What does IPV4 renumbering involve?
assigning new IP addresses to all network interfaces
What must any 6to4 site possess in order for 6to4 addressing to occur?
at least one valid globally unique 32-bit IPv4 address
Which of the four main elements in a DDoS attack is least likely to be actively engaged when an attack occurs?
attacker
What type of computer should be used to house firewall and/or proxy server software?
bastion host
When an attacker systematically tries all conceivable passwords for an account, what is this attack called?
brute force password attack
How does a DHCP client accept an offer from a DHCP server?
by issuing a DHCP Request packet
How does the Authentication extension header specify the true origin of an IPv6 packet?
by preventing address spoofing and connection theft
Which of the following types of machines is best suited for dynamic IP address assign- ment? (Hint: Some kinds of machines require persistent IP addresses to remain easy to find on the Internet; others do not.)
clients
Which of the following router designations helps make OSPF more efficient than RIP when it comes to managing local routing behavior?
designated router setting
Which of the following ICMP message types reports delivery errors?
destination unreachable
What is the preferred method for migrating networks from IPv4 to IPv6?
dual stack
Which dual-stack architecture allows IPv4 and IPv6 at the Network layer to access a single TCP/UDP stack at the Transport layer?
dual-IP-layer architecture
What makes TCP preferable for reliable delivery requirements
end-to-end reliability
Which of the following document types is an attacker most likely to use when attempting to break into a system or network?
exploit
What type of scan occurs when a series of ping requests for a range of IP addresses is performed?
host probe (scan)
Which of the following ipv6-literal.net names can be read by Windows and any legacysoftware?
http://2001:db8-adc2-2131.ipv6.literal.net
If using Wireshark to analyze a large packet capture from the network, which filter would be configured to display only packets that are Neighbor Advertisement messages?
icmpv6.type == 136
Which of the following services does UDP provide?
identification of source and destination port addresses
When using the nslookup command, an authoritative response is _____:
implied by the absence of "non-authoritative response" in the reply
Where is TCP data stored when it is received?
in the TCP buffer area
Which of the following statements best defines the intent of the PMTU process?
instructs the sender on what MTU to use to avoid further fragmentation en route
What is the name of the reverse hierarchy tree for DNS extensions in an IPv6 environment?
ip6.arpa
Which command must you use at the command prompt to determine the names of the network interfaces (including the ISATAP interfaces) on a Windows 7 computer?
ipconfig/all
What is a valid proposed option for the IPv6 Hop-by-Hop Options extension header?
jumbogram large payload options
The TCP process used to maintain an active connection between peers is called
keep-alive
A node's prefix list uses an indefinite invalidation timer for which type of entry?
link-local
What technique might an attacker use to forge replies to senders and receivers?
man-in-the-middle attack
An IPv6 node uses NDP to discover the link-layer address of the next-hop router by sending a Router Solicitation message as what kind of network message?
multicast
What type of packet is a node sending when it sends a Neighbor Solicitation message for address resolution?
multicast
At the command prompt on a Windows 7 computer, what command is used to show the routing table for the IPv6 interface?
netsh interface ipv6 show route
How many host addresses are there in a Class A IPv6 network?
none, because IPv6 doesn't use classes
Which address is used to identify the sender and receiver in an IP packet header?
numeric IP
Which of the following is an 8-bit number that denotes various portions of an IPv4 address?
octet
What type of packet does a DHCP server send to a DHCP client in reply to a Discover packet?
offer packet
Which of the following correctly lists the three legs of network security?
physical, personnel, system and network security
Which of the following Windows command-line utilities performs connectivity or reachability tests?
ping
Which of the following does not account for the vast majority of losses of data or ser- vices from systems and networks?
power outages
What is the name of the concept that indicates that a path exists between two TCP/IP hosts on an internetwork?
reachability
Which ICMPv6 informational message type was considered an Error message in ICMPv4?
redirect
Which of the following mechanisms is part of TCP's error-detection and error-recovery capabilities?
retransmission timer
Of the following tunnel configurations, which one represents the very last segment of the end-to-end tunneling path?
router-to-host
Of the following tunnel configurations, which one is most likely to use configured tunneling because it requires specifically configured end points to the tunnel?
router-to-router
Where is routing information stored in most routers and other similar devices?
routing table
When looking for a destination address for a datagram ultimately bound for a remote network, an IP host must check which structure to obtain the necessary information?
routing tables
Upon receiving a packet sent by a source node, what is the first task an IPv6 router performs?
running error checks on the packet header fields
Which of the following ICMP message types relates to congestion control?
source quench
What technique might an attacker use to hide or deflect interest in attack behaviors or activities?
spoofing
What additional functionality does the Pathping utility provide?
tests router and link latency
When the UDP checksum is calculated for IPv6, what is the result if the checksum value is 0?
the 0 is changed ot the FFFF hex value and placed in the UDP header
When a node creates a link-local address, which of the following methods for creating an Interface ID can be appended to the well-known link-local prefix FE80::?
the 64-bit modified EUI-64 address
In an IPv6 header with five extension headers and a UDP pseudo-header, which Next Header field points to the UDP pseudo-header?
the Next Header field in the last extension header
What gives BGP the ability to run on IPv6 networks?
the addition of multiprotocol extensions
What allows the IS-IS routing protocol to operate on IPv6 networks?
the addition of two new type-length-values (TLVs) as extensions
Which of the following statements best defines a half-open connection?
the handshake process does not end with a final ACK
IPv6 packet headers are much larger in size than IPv4 packet headers, even though the IPv6 header structure is less complex. What is the main cause of the size increase?
the larger IPv6 address space
In an IPv4 packet header, what does the value in the Internet Header Length signify?
the length of the IPv4 header
What makes up the value in the UDP Length field of the IPv6 pseudo-header when using UDP for the transport protocol?
the length of the UDP header plus the data
What is the first step a 6to4 network node must take when it wants to send a packet to a 6to4 node/router?
the node must resolve the 6to4 node/router's address
What happens when an IP host sends a reply to an IP host that requested its hardware address?
the sending host uses the contents of its reply to update the entry for the requesting host in its ARP cache
Which of the following would not affect your choice of interior routing protocol for IPv6?
the size of your circuits
From where does the IPv6 pseudo-header acquire the information for the Upper-Layer Packet Length field when using TCP as the transport protocol?
the value in the Payload Length field in the IPv6 header
What sequence of events signals the TCP Fast Recovery process?
three sets of duplicate ACKs
Which of the following Windows command-line utilities performs path discovery tests?
tracert
Which hybrid IPv4/IPv6 network model contains a complete mix of IPv4, IPv6, and IPv4/IPv6 networks, with no specific version of IP being favored at the core?
true hybrid network model
What is the initial size of the TCP congestion window?
twice the sender's MSS
Native IPv6 addresses in a URL use which of the following characters to enclose the lit- eral IPv6 address, according to RFC 2732?
two brackets
What type of packet is a node sending to another node that is on-link?
unicast
Which address type can the Source Address field of an IPv4 packet header contain?
unicast
When a node starts up and does not have an IPv6 address, it uses which address as its source address when sending a Router Solicitation message?
unspecified address
What is an update for the IPv6 routing protocol RIPng that did not exist in the IPv4 RIP implementation?
use of multicast for sending updates
When is the Destination Options extension header encrypted?
when it appears later in the packet
When will a Teredo node fail Teredo server qualification?
when it is behind symmetric NAT
When must a Teredo node send a bubble packet?
when it is not behind NAT
What is one possible condition upon which a node will send an unsolicited Neighbor Advertisement message?
when its own link-layer address changes
When is the Fragment extension header used?
when the transmitting device needs to send packets larger than the PMTU
Where can you get a block of IPv6 addresses if you are in the United States and plan to single-home your network?
your ISP