Modules 7-9 NDIC Checkpoint Exam
The different top-level domains represent either the type of organization or the country of origin. Examples of top-level domains are the following:
.com - a business or industry .org - a non-profit organization .au - Australia .co - Colombia
Assume a host with IP address 10.1.1.10 wants to request web services from a server at 10.1.1.254. Which of the following would display the correct socket pair?
10.1.1.10:1099, 10.1.1.254:80
MX
A mail exchange record
Which of the following DNS record types is used to resolve IPv6 addresses?
AAAA
Which protocol is used to discover the destination address needed to be added to an Ethernet frame?
ARP
Which statement is true about ARP?
ARP entries are cached temporarily.
What is an attack using ARP?
ARP poisoning, ARP spoofing
Two functions of ARP
ARP provides two basic functions: Resolving IPv4 addresses to MAC addresses Maintaining a table of IPv4 to MAC address mappings
NS
An authoritative name server
A
An end device IPv4 address
AAAA
An end device IPv6 address (pronounced quad-A)
What are the TCP server processes?
Clients Sending TCP Requests, Request Destination Ports, Request Source Ports, Response Destination Ports, and Response Source Ports
Which network service automatically assigns IP addresses to devices on the network?
DHCP
Every IP device on an Ethernet network has a unique Ethernet MAC address. When a device sends an Ethernet Layer 2 frame, it contains these two addresses
Destination MAC address and Source MAC address
ARP messages are encapsulated directly within an Ethernet frame. There is no IPv4 header. The ARP request is encapsulated in an Ethernet frame using the following header information
Destination MAC address, Source MAC address, and Type
Which two fields are the same in a TCP and UDP header? (Choose two.)
Destination port number and Source port number
In addition to supporting the basic functions of data segmentation and reassembly, TCP also provides the following services:
Establishes a Session Ensures Reliable Delivery Provides Same-Order Delivery Supports Flow Control
Which destination address is used in an ARP request frame?
FFFF.FFFF.FFFF
Which two applications would use the TCP transport layer protocol? (Choose two.)
FTP and HTTP
UDP Required protocol properties:
Fast Low overhead Does not require acknowledgements Does not resend lost data Delivers data as it arrives
A server can offer more than one service simultaneously such as web services on port 80 while it offers
File Transfer Protocol (FTP) connection establishment on port 21.
Which TCP header statement is true?
It consists of 10 fields in a 20-byte header.
Which UDP header statement is true?
It consists of 4 fields in an 8-byte header.
These are the functions of the three-way handshake:
It establishes that the destination device is present on the network. It verifies that the destination device has an active service and is accepting requests on the destination port number that the initiating client intends to use. It informs the destination device that the source client intends to establish a communication session on that port number.
What will a host do first when preparing a Layer 2 PDU for transmission to a host on the same Ethernet network?
It will search the ARP table for the MAC address of the destination host.
There are three types of applications that are best suited for UDP:
Live video and multimedia applications, Simple request and reply applications, and Applications that handle reliability themselves
What two functions are provided by ARP? (Choose two.)
Maintains a table of IPv4 to MAC address mappings and Resolves IPv4 addresses to MAC addresses
Which of the following DNS resource record types resolves authoritative name servers?
NS
TCP provides reliability and flow control using these basic operations:
Number and track data segments transmitted to a specific host from a specific application Acknowledge received data Retransmit any unacknowledged data after a certain amount of time Sequence data that might arrive in wrong order Send data at an efficient rate that is acceptable by the receiver
Where is the ARP table stored on a device?
RAM
TCP Required protocol properties:
Reliable Acknowledges data Resends lost data Delivers data in sequenced order
Which control bit flags are used during the three-way handshake?
SYN and ACK
What field is used by the destination host to reassemble segments into the original order?
Sequence Number
Which of the following would be valid source and destination ports for a host connecting to an email server?
Source: 49152 and Destination: 25
Which transport layer protocol ensures reliable same-order delivery?
TCP
A technician is adding a new PC to a LAN. After unpacking the components and making all the connections, the technician starts the PC. After the OS loads, the technician opens a browser, and verifies that the PC can reach the Internet. Why was the PC able to connect to the network with no additional configuration?
The PC was preconfigured to use DHCP.
What is static addressing?
The alternative to dynamic addressing is static addressing. When using static addressing, the network administrator manually enters IP address information on hosts.
What happens when a sending host senses there is congestion?
The sending host reduces the number of bytes it sends before receiving an acknowledgment from the destination host.
What action does a DNS server take if it does not have an entry for a requested URL?
The server checks with another DNS server to see if it has an entry.
Which statement describes the treatment of ARP requests on the local link?
They are received and processed by every device on the local network.
The transport layer has many responsibilities. What are they?
Tracking Individual Conversations, Segmenting Data and Reassembling Segments, Add Header Information, Identifying the Applications, and Conversation Multiplexing
Which of the following is a stateless best-effort delivery transport layer protocol?
UDP
Which statement is true about DHCP operation?
When a device that is configured to use DHCP boots, the client broadcasts a DHCPDISCOVER message to identify any available DHCP servers on the network.
What field is used to provide flow control?
Window Size
UDP is a stateless protocol, meaning neither the client, nor the server, tracks the state of the communication session. If reliability is required when using UDP as the transport protocol, it must be handled by the
application.
A cybersecurity analyst believes that an attacker is announcing a forged MAC address to network hosts in an attempt to spoof the default gateway. Which command could the analyst use on the network hosts to see what MAC address the hosts are using to reach the default gateway?
arp -a
Which DHCPv4 message will a client send to accept an IPv4 address that is offered by a DHCP server?
broadcast DHCPREQUEST
Which three are transport layer responsibilities? (Choose three.)
conversation multiplexing, segmenting data and reassembling segments, and tracking individual conversations
Domain names were created to
convert the numeric address into a simple, recognizable name.
The DNS protocol uses a hierarchical system to
create a database to provide name resolution.
The three-way handshake validates that the
destination host is available to communicate.
On a Cisco router, the show ip arp command is used to
display the ARP table
On a Windows 10 PC, the arp -a command is used to
display the ARP table
A TCP segment adds 20 bytes (i.e., 160 bits) of overhead when
encapsulating the application layer data.
UDP is a connectionless protocol. Because UDP does not
provide reliability or flow control, it does not require an established connection. Because UDP does not track information sent or received between the client and server, UDP is also known as a stateless protocol.
UDP is like placing a
regular, nonregistered, letter in the mail. The sender of the letter is not aware of the availability of the receiver to receive the letter. Nor is the post office responsible for tracking the letter or informing the sender if the letter does not arrive at the final destination.
UDP is a simpler transport layer protocol than TCP. It does not provide
reliability and flow control, which means it requires fewer header fields.
The netstat command will attempt to
resolve IP addresses to domain names and port numbers to well-known applications. The -n option can be used to display IP addresses and port numbers in their numerical form.
What is one function of the ARP protocol?
resolving an IPv4 address to a MAC address
The Dynamic Host Configuration Protocol (DHCP) for IPv4 service automates
the assignment of IPv4 addresses, subnet masks, gateways, and other IPv4 networking parameters. This is referred to as dynamic addressing.
Which of the following is displayed by the nslookup utility?
the configured default DNS server
When the nslookup command is issued,
the default DNS server configured for your host is displayed. NOTE: The name of a host or domain can be entered at the nslookup prompt. The nslookup utility has many options available for extensive testing and verification of the DNS process.
What type of information is contained in a DNS MX record?
the domain name mapped to mail exchange servers
The Internet Assigned Number Authority (IANA) is the standards organization responsible for assigning various addressing standards, including the 16-bit port numbers. The 16 bits is used to identify
the source and destination port numbers provides a range of ports from 0 through 65535. The IANA has divided the range of numbers into the following three port groups.
What is the aim of an ARP spoofing attack?
to associate IP addresses to the wrong MAC address
Which of the following best describes DHCP?
DHCP automates the assignment of IP addresses, subnet masks, gateways, and other IPv4 networking parameters.
What is the DORA process?
DHCP-configured device boots up or connects to the network, the client broadcasts a DHCP discover (DHCPDISCOVER) message to identify any available DHCP servers on the network. A DHCP server replies with a DHCP offer (DHCPOFFER) message, which offers a lease to the client. The offer message contains the IPv4 address and subnet mask to be assigned, the IPv4 address of the DNS server, and the IPv4 address of the default gateway. The lease offer also includes the duration of the lease.
A host PC has just booted and is attempting to lease an address through DHCP. Which two messages will the client typically broadcast on the network? (Choose two.)
DHCPDISCOVER and DHCPREQUEST
What is the correct order for the messages in DHCP operation (DORA process)?
DHCPDISCOVER, DHCPOFFER, DHCPREQUEST, DHCPNAK
Which protocol translates a website name such as www.cisco.com into a network address?
DNS
UDP is such a simple protocol that it is usually described in terms of what it does not do compared to TCP. UDP features include the following:
Data is reconstructed in the order that it is received. Any segments that are lost are not resent. There is no session establishment. The sending is not informed about resource availability.
In some cultures, when two persons meet, they often greet each other by shaking hands. Both parties understand the act of shaking hands as a signal for a friendly greeting. Connections on the network are similar. In TCP connections, the host client establishes the connection with the server using the three-way handshake process. What are the three steps of the three-way handshake?
Step 1: SYN Step 2: ACK and SYN Step 3: ACK
After the communication is completed the sessions are closed, and the connection is terminated. The connection and session mechanisms enable
TCP reliability function.
Which two applications would use the UDP transport layer protocol? (Choose two.)
TFTP and VoIP
What action does the ARP process take when a host needs to build a frame, but the ARP cache does not contain an address mapping?
The ARP process sends out an ARP request to the Ethernet broadcast address to discover the MAC address of the destination device.
Which transport layer protocol statement is true?
UDP is a best-effort delivery protocol.
UDP provides the basic functions for delivering datagrams between
UDP provides the basic functions for delivering datagrams between. Note: UDP divides data into datagrams that are also referred to as segments.
The six control bits flags are as follows:
URG - Urgent pointer field significant ACK - Acknowledgment flag used in connection establishment and session termination PSH - Push function RST - Reset the connection when an error or timeout occurs SYN - Synchronize sequence numbers used in connection establishment FIN - No more data from sender and used in session termination
Which transport layer protocol would be used for VoIP applications?
User Datagram Protocol (UDP)
UDP is the better choice because it requires less network overhead. UDP is preferable for applications such as
Voice over IP (VoIP). Acknowledgments and retransmission would slow down delivery and make the voice conversation unacceptable.
True or false? A DNS server that receives a request for a name resolution that is not within its DNS zone will send a failure message to the requesting client.
false
True or false? DHCP clients initiate the DHCP process by sending a DHCPREQUEST message to available DHCP servers.
false
DNS uses domain names to
form the hierarchy.
How many exchanges are needed to end both sessions between two hosts?
four exchanges
DHCP is used for
general purpose hosts, such as end user devices. Static addressing is used for network devices, such as gateway routers, switches, servers, and printers.
Which Windows command would display the protocols in use, the local address and port numbers, the foreign address and port numbers, and the connection state?
netstat
Computer operating systems also have a utility called _____ that allows the user to manually query the name servers to resolve a given host name. This utility can also be used to troubleshoot name resolution issues and to verify the current status of the name servers.
nslookup
Application developers must choose which transport protocol type is appropriate based
on the requirements of the applications. Video may be sent over TCP or UDP. Applications that stream stored audio and video typically use TCP. The application uses TCP to perform buffering, bandwidth probing, and congestion control, in order to better control the user experience.
The DNS protocol defines an automated service that matches
resource names with the required numeric network address.
Which command could be used on a Cisco router to view its ARP table?
show ip arp
The source and destination ports are placed within the segment. The segments are then encapsulated within an IP packet. The IP packet contains the IP address of the source and destination. The combination of the source IP address and source port number, or the destination IP address and destination port number is known as a
socket.
TCP is a stateful protocol which means it keeps track of the
state of the communication session. To track the state of a session, TCP records which information it has sent and which information has been acknowledged. The stateful session begins with the session establishment and ends with the session termination.
IP is concerned only with the
structure, addressing, and routing of packets. IP does not specify how the delivery or transportation of the packets takes place.
Which network server is malfunctioning if a user can ping the IP address of a web server but cannot ping the web server host name?
the DNS server
UDP is also known as a best-effort delivery protocol because
there is no acknowledgment that the data is received at the destination. With UDP, there are no transport layer processes that inform the sender of a successful delivery.
The sequence (SEQ) number and acknowledgement (ACK) number are used together to confirm receipt of the bytes of data contained in the
transmitted segments.
Which layer is responsible for establishing a temporary communication session between the source and destination host applications?
transport layer
The blocks of communication in UDP are called datagrams, or segments. These datagrams are sent as best effort by the
transport layer protocol.
UDP is also used by request-and-reply applications where the data is minimal, and retransmission can be done quickly. For example, Domain Name System (DNS)
uses UDP for this type of transaction. The client requests IPv4 and IPv6 addresses for a known domain name from a DNS server. If the client does not receive a response in a predetermined amount of time, it simply sends the request again.
Which port group includes port numbers for FTP, HTTP, and TFTP applications?
well-known ports
