TCP/IP Concepts
connection-oriented protocol
A protocol for transferring data over a network that requires a session connection before data is sent. In TCP/IP this step is accomplished by sending a SYN packet.
A hex number is written with two characters, each representing a byte. (T/F)
False
What TCP/IP protocol is used to send messages related to network operations and can be used to troubleshoot network connectivity?
ICMP
What TCP flag is responsible for delivering data directly and immediately to an application?
ISN
What 32-bit number tracks packets received by a node and allows the reassembling of large packets that have been broken up into smaller packets?
PSH flag
What type of network attack relies on guessing a TCP header's initial sequence number, or ISN?
Session hijacking
What IP address is used as a loopback address and is not a valid IP address that can be assigned to a network?
127 address
What port does the Simple Mail Transfer Protocol, or SMTP service use?
25
What port does the Trivial File Transfer Protocol, or TFTP service use?
69
What port does the Hypertext Transfer Protocol, or HTTP service use?
80
What is a Class B IP address?
It ranges from 128-191 these addresses are divided evenly between two-octet network address and a two-octet host address, large organizations and ISPs are often assigned Class B address
three-way handshake
The method the Transport layer uses to create a connection-oriented session
ISN
a number that keep track of what packets a node has received.
What layer protocols operate as the front end to the lower-layer protocols in the TCP/IP stack?
Application layer
What is the binary numbering system and why was it chosen by computer engineers to be used in computers?
Binary numbering system represents numbers that have 2 as its base and uses the digits 0 an 1 each represent a power of 2. They are chosen by engineers because logic chips make binary decisions based on true or false, on or off etc; and can also be used in file permissions for users.
What is the logical component of a TCP connection that can be assigned to a process that requires network connectivity?
Port
What connection-oriented protocol is utilized by the transport layer?
TCP
What does the acronym TCP represent?
Transmission Control Protocol
What TCP/IP protocol is fast, unreliable, and operates at the Transport layer?
UDP
Port
the logical component of a connection that identifies the service running on a network device. Fore example, port 110 is the POP3 mail service
ICMP
the protocol used to send informational messages and test network connectivity
TCP Flag
The six flags in a TCP header are switches that can be set to on or off to indicate the status of a port or service.
An octal digit can be represented with only three bits because the largest digit in octal is seven. (T/F)
True
No matter what medium connects computers on network-copper wires, fiber-optic cables, or a wireless setup; the same protocol must be running on all computers if communication is going to function correctly. (T/F)
True
UDP
a fast unreliable Transport layer protocol that's connectionless
network session hijacking
an attack on a network that requires guessing ISNs
UDP is an unreliable data delivery protocol. Why is UDP widely used on the Internet?
because of its speed, it doesn't need to verify whether the receiver is listening or ready to accept packets.
connectionless protocol
with a connectionless protocol, no session connection is required before data is transmitted. UDP and IP are examples of connectionless protocols
What is the decimal equivalent of the binary number 11000001?
193
How many host computers can be assigned a valid IPv4 address when using a CIDR /24 prefix?
254
What layer, in the TCP/IP stack, do applications and protocols, such as HTTP and Telnet, operate?
Application
What is ICMP used for?
ICMP is used to send messages related to network operations. example if a packet can't reach its destination you might see the "Destination Unreachable" error. it makes it possible for network professionals to troubleshoot network connectivity problems.
In the TCP/IP stack, what layer is concerned with physically moving bits across the network's medium?
Network
What steps are involved in TCP's "three-way handshake"?
(1). Host A sends a TCP packet with the SYN flag set to Host B. (2). After receiving the packet, Host B sends Host A its own SYN packet with an ACK flag set (3). Response - the SYN-ACK packet from Host B, Host A sends Host B a TCP packet with the ACK flag set (ACK packet) Computer A sends a SYN packet Computer B replies with a SYN-ACK packet Computer A replies with an ACK packet
In the TCP/IP stack, the Transport layer includes network services and client software. (T/F)
False
To retrieve e-mail from a mail server, you most likely access port 119. (T/F)
False
What layer, in the TCP/IP stack, is responsible for routing a packet to a destination address?
Internet
What TCP flag is responsible for synchronizing the beginning of a session?
SYN flag
What protocol is most widely used and allows all computers on a network to communicate and function?
TCP/IP
Why should a security professional fully understand the TCP header components?
You need to understand these components before learning how they can be abused. This will be the only way to understand if your network has vulnerabilities in any of these areas
protocol
a language used to transmit data across a network infrastructure
In the TCP/IP stack, what layer is concerned with controlling the flow of data, sequencing packets for reassembly, and encapsulating the segment with a TCP or UDP header?
Transport
What layer, in the TCP/IP protocol stack, is responsible for encapsulation data into segments?
Transport layer
What is the Domain Name System (DNS) used for?
it is the phone book of the Internet it translates domain names to IP address so browsers can load internet resources.
What are the critical components of a TCP header?
TCP Flags Initial Sequence Number (ISN) Source and destination port
Often technical personnel who are not familiar with security techniques think that restricting access to ports on a router or firewall can protect a network from attack. Why is this solution?
Because when you chose to close ports you can indeed prevent attackers to enter, however you might restrict your user to access the internet through the ports you close, and if a user can get in our your attacker may too.
