TCP/IP Test 1
What is a Physical address/MAC address?
A globally unique address, the first three bytes of the address references the Vendor, and the last three bytes references the Card ID. This address lives in layer 1 of the TCP/IP model.
What does a IP address do?
A unique value that identifies networks and hosts in networks.
Where is ARP on the TCP/IP model?
In between the Internet and network access layer
does the ARP cache help with network performance and security?
Increase network performance but decrease the security
Where is the ICMP protocol on the TCP/IP model?
Internet
Where is the IP protocol on the TCP/IP model?
Internet
What layer is the router on in the TCP/IP model?
Internet Layer
What is the second layer of the TCP/IP model?
Internet layer
What layer is protocol type on of the TCP/IP model?
Internet layer
Where is Fragmentation on the TCP/IP model?
Internet layer
Where is Logical addresses on the TCP/IP model?
Internet layer
Where is Packet on the TCP/IP model?
Internet layer
Where is routing on the TCP/IP model?
Internet layer
What process does the sender deal with when multiplexing?
Port number for service, Protocol type for UDP or TCP and Type field For IP/ARP.
What three functions enable multiplexing of data?
Ports, Protocol type and Type field
What does ICMP do?
Protocol that assists in packet delivery and error notifications.
What does ARP do?
Protocol that resolves logical address into physical address.
What does RARP do?
Protocol that resolves physical addresses into logical addressees.
What does the INTERNET PROTOCOL do?
Provides source to destination delivery of data
What does the Transport layer of the TCP/IP model relate on the OSI model?
The Transport layer but also includes a few session layer functions.
What is a payload?
The actual user data
What does the Internet layer of the TCP/IP model relate on the OSI model?
The network layer
What is a Logical address?
This address is an IP address that can change and this address lives in layer internet layer of the TCP/IP layer model.
what is the purpose of a ARP cache?
This cache stores IP to mac address pairs and is stored there for 2-10 min and will be deleted if not referenced.
What is the purpose of the type field in a Ethernet frame?
To tell the receiver to use IP or ARP
What is the third layer of the TCP/IP model?
Transport layer
Where is Data gram on the TCP/IP model?
Transport layer
Where is connection oriented on the TCP/IP model?
Transport layer
Where is connectionless on the TCP/IP model?
Transport layer
Where is segment on the TCP/IP model?
Transport layer
Where is the TCP protocol on the TCP/IP model?
Transport layer
Where is the UDP protocol on the TCP/IP model?
Transport layer
What process does the receiver deal with when multiplexing?
Type field for IP or ARP, protocol type for TCP/UDP and ports for the service
What is the general use of UDP?
A Transport layer protocol that provides connection-less transport of data
What is the protocol number for ICMP?
1
What is the MTU size for SLIP?
1006 bytes
What is the MAX for Ethernets Payload?
1500 bytes
What is the MTU size for Ethernet?
1500 bytes
What is the MAX for the Ethernets frame?
1518 bytes
What is the protocol number for UDP
17
What is the order that the three flags are found in the IP header?
1st bit- not used, 2nd bit - don't fragment flag, 3rd bit - more frames flag
What is the size of the type field in a Ethernet frame?
2 bytes
What is the size of the Checksum in a Ethernet frame?
4 bytes
How many layers does the TCP/IP model have?
4 layers
What is the Min for the Ethernets Payload?
46 bytes
What is the protocol # for TCP?
6
What is the size of the Destination address in a Ethernet frame?
6 bytes
What is the size of the Source address in a Ethernet frame?
6 bytes
Whats the MIN for Ethernets Frame?
64 bytes
What is the general use of TCP?
A Transport layer protocol that provides a reliable transport of data
Explain how ARP gets the MAC address
ARP sends a Broadcast with the target IP address and the Target Host responds and replies with their MAC address.
What is the MTU size for PPP?
Any size its adjustable
Provide order in which a sender would process TCP/IP layer PDUs
Application PDU, Segment/datagram, Packet and Frame
What is the fourth layer of the TCP/IP model?
Application layer
Where is the DNS protocol on the TCP/IP model?
Application layer
Where is the FPT protocol on the TCP/IP model?
Application layer
Where is the HTTP protocol on the TCP/IP model?
Application layer
Where is the TFTP protocol on the TCP/IP model?
Application layer
Where is the Telnet protocol on the TCP/IP model?
Application layer
Provide order in which a sender of data would process physical addresses, logical addresses, and ports
Application layer, Transport layer, Internet layer and Network access layer.
What is a SDU?
Data that is sent from the layer above
What does the Network Access layer of the TCP/IP model relate on the OSI model?
Datalink and physical layers
What are the functions for SLIP?
Delimitation only
What are the functions for Ethernet II?
Delimitation, addressing, bit-level integrity, and protocol identification
What are the functions for PPP?
Delimitation, addressing, bit-level integrity, and protocol identification
List benefits and limitations of packet fragmentation
Disadvantages: Reduced efficiency of the network or of CPU time. Fragmentation is mandatory for routers Advantages: Can send data over the MTU size of a network in smaller fragments.
What is the purpose of the checksum in a Ethernet frame?
Error checking
Provide order in which a receiver would process TCP/IP layer PDUs
Frame, Packet, Segment/datagram and Application PDU
What does the Operation code do in a ARP frame?
It signals weather it is a reply or request
Where is WIFI on the TCP/IP model?
Network Access
What layer is the hub on in the TCP/IP model?
Network Access Layer
What layer is the switch/NICs on in the TCP/IP model?
Network Access Layer
Where is Frames on the TCP/IP model?
Network access
Where is Mac Address/physical address on the TCP/IP model?
Network access
Where is NIC drivers on the TCP/IP model?
Network access
Where is NICs on the TCP/IP model?
Network access
Where is the Ethernet protocol on the TCP/IP model?
Network access
Where is the PPP protocol on the TCP/IP model?
Network access
What is the first layer of the TCP/IP model?
Network access layer
What layer is type field on of the TCP/IP model?
Network access layer
What layer is the bridge on in the TCP/IP model?
Network access layer(MAC sublayer)
Provide order in which a receiver of data would process physical addresses, logical addresses, and ports
Network access layer, Internet layer, Transport layer and Application layer.
what is the purpose of a proxy arp?
Routers rely to the ARP request that was meant for host B, host a caches the IP address of host b with the mac address of router. Router forwards the packet to host b
What is a PDU?
SDU + the current header
What address fields are in a ARP frame?
Sender Hardware Address Sender IP Address Target Hardware Address Target IP address Hardware Type Protocol Type Hardware Address Length Protocol Address length Operation code
What does the Hardware address length do in a ARP frame?
Shows the length of the hardware address usually 6 bytes
What does the protocol address length do in a ARP frame?
Shows the length of the protocol address usually 4 bytes
What does the Application layer of the TCP/IP model relate on the OSI model?
The Application, session and Presentation layers.
What is a packet?
The PDU in the Internet layer
What is a frame?
The PDU in the Network Access layer
What is a segment?
The PDU in the transport layer (TCP)
What is a Datagram?
The PDU in the transport layer (UDP)
What is the size of the IHL?
usually 20 bytes but can range from 20 to 60 bytes
What layer is ports on of the TCP/IP model?
application layer
How does Host a do a duplicate address ARP test?
it puts it own IP address in as the sender and Target logical addresses and hopes for no reply
What does the Hardware type do in a ARP frame?
show the type of transmission i.e Ethernet
What does the protocol type do in a ARP frame?
tells what the protocol is i.e IP
Explain the mechanics of ARP-based MITM attack
the attacker sends out bogus ARP replies with their own MAC address so they can see all traffic and sometimes will forward the packets to each other.
What is the total length for a packet?
the overall size of the packet
Explain packet fragmentation mechanics
three headers are added for fragmentation, Fragment Offset and Identification and bit flags.