IST 227 Chapters 7 - 11
The response code of ____________ is a common means of redirection in the HTTP. A) 201 B) 123 C) 404 D) 302
D) 302
DNS relies on ___________ as its primary layer 4 protocol A) TCP B) HDLC C) IP D) UDP
D) UDP
A _____________ is a TCP packet sent from a recipient when that recipient receives packets that are out of order. A) Re-Sequence B) PSH C) duplicate RST D) duplicate ACK
D) duplicate ACK
When packets take a significant amount of time to travel between a source and destination, the communication is said to have _______________ A) low delay B) high throughput C) low reliability D) high latency
D) high latency
When a new TCP connection is established, one of the most important pieces of information exchanged during the handshake process is an ____________. A) protocol number (PN). B) window number (WIN). C) acknowledgement number (ACKN). D) initial sequence number (ISN)
D) initial sequence number (ISN)
When all else fails, your network baseline can be one of the most crucial pieces of data you have when troubleshooting slowness on the network. A) True B) False
A) True
The composition of an IPv6 address changes when it is used with global unicast traffic that is routed over the public internet. A global unicast address is identified by having its first 3 bits set to _________ A) 001 B) 011 C) 111 D) 110
A) 001
The DHCP initialization process uses four types of DHCP packets, ___________, ___________, ____________, and ____________. (select all that apply) A) Acknowledgment B) Request C) Discover D) Offer E) Reply F) Open
A) Acknowledgment B) Request C) Discover D) Offer
Sequence Number In + Bytes of Data Received = __________ Out A) Acknowledgment Number B) Segment Number C) Port Number D) Protocol Number
A) Acknowledgment Number
What are the types of messages/traffic supported by IPv6? (choose all that apply) A) Anycast B) Overcast C) Unicast D) Multicast E) Broadcast
A) Anycast C) Unicast D) Multicast
The ___________ field is used for identifying the type of TCP packet being transmitted. A) Flags B) Sequence Number C) Checksum D) Options
A) Flags
__________ addresses are 32-bit assigned numbers used to uniquely identify devices connected to a network and consist of two parts, a network portion and a host portion. A) IPv4 address B) MAC address C) TCP port number D) IPv6 address
A) IPv4 address
DHCPv6 accomplishes the same goal as DHCP using the following messages ___________, ____________, ____________, and ___________. (select all that apply) A) Request B) Advertise C) Reply D) Discover E) Echo F) Solicit G) Offer H) Acknowledgment
A) Request B) Advertise C) Reply F) Solicit
In a Gratuitous ARP, what fields will have the same bits set? A) Sender IP address and Target IP address B) Sender hardware address and Sender IP address C) Target hardware address and Target IP address D) Hardware type and Protocol type E) Sender hardware address and Target hardware address
A) Sender IP address and Target IP address
The ____________ for TCP isn't incredibly important and can be selected randomly. A) Source port B) Acknowledgment number C) Sequence number D) Destination port
A) Source port
___________ is considered a connection-oriented protocol because it establishes a formal connection before transmitting data, tracks packet delivery, and usually attempts to formally close communication channels when transmission is complete. A) TCP B) UDP C) IP D) PPP
A) TCP
An IPv6 address has a network portion, often called a network prefix. A) True B) False
A) True
TCP's error-recovery features are our best tools for locating, diagnosing, and eventually repairing high latency on a network. A) True B) False
A) True
The DHCP offer packet, is reply message type. A) True B) False
A) True
To avoid fragmentation, a device transmitting IPv6 packets is expected to perform a process called maximum transmission unit (MTU) discovery to determine the maximum size of packets it can send before actually sending them. A) True B) False
A) True
When the transmitting host receives _______ __________________ ACKs from the recipient, it assumes that the packet was indeed lost in transit and immediately sends a _________________ and all other packets being transmitted are queued until that packet is sent. (select all that apply) A) duplicate B) fast re transmission C) 2 D) 4 E) 3 F) different G) guaranteed transmission
A) duplicate B) fast re transmission E) 3
In an packet header, if the flag field is set then that means that the packet has been _______ A) fragmented B) dropped C) replied to D) forwarded
A) fragmented
The primary mechanism for determining whether the re-transmission of a packet is necessary is the _____________ and is responsible for maintaining a value called the _________________. A) re-transmission timer B) delay timer C) re-transmission timeout (RTO) D) packet tranmission timeout (PTO)
A) re-transmission timer C) re-transmission timeout (RTO)
The ability of a host to ____________ packets is one of TCP's most fundamental error-recovery features that is designed to combat packet loss. A) re-transmit B) assign port numbers to C) delay D) forward
A) re-transmit
When the client receives a packet with a window size of __________, it will halt any data transmission but will sometimes keep the connection to the server open with the transmission of keep-alive packets. A) 5 B) 0 C) 10 D) 32
B) 0
HTTP uses a number of predefined response codes to indicate the results of a request method, which status code indicates a successful request method? A) 404 B) 200 C) 500 D) 199
B) 200
The maximum number of re-transmission attempts depends on the value configured in the transmitting operating system and by default, Windows hosts make a maximum of ____________ re-transmission attempts. A) 7 B) 5 C) 3 D) 4
B) 5
DHCP uses _________ ports ________ and ________ when employing a dynamic method to assign IP addressing information for IPv4. (select all that apply) A) 53 B) 67 C) 68 D) UDP E) 69 F) TCP G) 161 H) 80
B) 67 C) 68 D) UDP
When you send a message, it's sent from your MUA to a MTA, but if the email being sent is being sent to another domain, the MTA must use __________ to find the location address of the recipient mail server, then transmit the message to it. A) NTP B) DNS C) HTTP D) POP3
B) DNS
Latency can be measured as only one-way (from a single source to a destination) and not as round-trip (from a source to a destination and back to the original source) A) True B) False
B) False
Packet analysis is not a very dynamic process, the methods used to analyze each scenario is always the same and the only important thing is that the results of the analysis solves a problem. A) True B) False
B) False
The TCP header is much smaller and simpler than the UDP header. A) True B) False
B) False
The physical address of a host on a network segment is also called an IPv4 or IPv6 address. A) True B) False
B) False
UDP does care about reliable delivery. A) True B) False
B) False
When a user complains of slow access to the Internet but no one else seems affected, the first place to began a capture is at the router (default gateway). A) True B) False
B) False
When troubleshooting slowness on the network analyzing UDP packets is better than TCP packets due to it's reliability features (acknowledgements). A) True B) False
B) False
When the Type fields used in a DNS query or response has a value of 252, what does that indicate about the resource record type that the query or response is for A) Incremental zone transfer B) Full zone transfer C) Canonical name for an alias D) Authoritative Name server
B) Full zone transfer
__________ is the delivery mechanism of the World Wide Web, allowing web browsers to connect to web servers to view web pages and in most organizations represents the highest percentage of traffic seen going across the wire. A) FTP B) HTTP C) SMTP D) SNMP
B) HTTP
________ is the utility protocol of TCP/IP, responsible for providing information regarding the availability of devices, services, or routes on a TCP/IP network. A) Telnet B) Internet Control Message Protocol (ICMP) C) Address Resolution Protocol (ARP) D) Secure Shell (SSH)
B) Internet Control Message Protocol (ICMP)
In place of ARP, what does IPv6 use to resolve local logical addresses to physical A) Traceroute B) Neighbor Advertisement C) Router Solicitation D) Router Advertisement E) Neighbor Solicitation
B) Neighbor Advertisement E) Neighbor Solicitation
The ______ is a 32 bit long number that identifies which part of the IP address belongs to the network portion and which part belongs to the host portion. Every Bit that is set to a 1 identifies the part that is reserved for the network portion, while the remaining bits are set to 0 to identify the host portion. A) EUI-32 B) Netmask C) Layer 4 number D) MAC address
B) Netmask
DHCPv6 accomplishes the same goal as DHCP, but DHCPv6 replaces DORA with ___________. A) BILL B) SARR C) SAUL D) DAVE
B) SARR
Bits 64 through 79 of a packet header identify the ______ field. A) Version B) TTL C) Protocol D) Options
B) TTL
When a client with an IP address in-lease reboots, it must perform a truncated version of the DORA process in order to reclaim its IP address which is called ___________. A) out-of-lease renewal B) in-lease renewal C) end-of-lease renewal D) expired-lease renewal
B) in-lease renewal
The _____________ is a value specified by the data recipient and stored in the TCP header (in bytes) that tells the transmitting device how much data the recipient is willing to store in its TCP buffer space. A) reserved B) receive window C) urgent pointer D) checksum
B) receive window
The ephemeral port group is from ____________. A) 0 through 65536 B) 1023 through 65535 C) 1024 through 65535 D) 1024 through 65536
C) 1024 through 65535
The sequence number that is to be expected in the next packet from the other device taking part in the communication. A) Port B) Sequence C) Acknowledgment D) IPv4
C) Acknowledgment
__________ servers store a database of resource records of IP address-to- name mappings. A) DHCP B) FTP C) DNS D) HTTP
C) DNS
The DHCP initialization process is often referred to as the ______ process because it uses four types of DHCP packets. A) DANY B) BILL C) DORA D) DONA
C) DORA
When the recipient receives an ___________, it assumes that a packet has been lost in transit. A) unexpected port number B) unexpected ISN number C) unexpected sequence number D) unexpected acknowledgement number
C) unexpected sequence number
Given the following information, what would the link-local address be for this host using EUI-64? FE80:0000:0000:0000 - prefix MAC Address - 1C-66-DA-07-B2-92 A) FE8::1C66:DAFF:FE7:B292 B) FE80::1C66:DAFF:FE07:B292 C) FE80::1E66:DAFF:FE07:B292 D) FE80::1
C) FE80::1E66:DAFF:FE07:B292
All TCP-based communication must begin with a ___________ between two hosts. A) Sequence number B) IP address C) Handshake D) ICMP Echo
C) Handshake
The _________ field indicates whether the packet is a DHCP request or a DHCP reply A) Transaction ID B) Flags C) OpCode D) Hops
C) OpCode
___________ defines the type of query contained in the DNS message. A) DNS ID Number B) RCode C) OpCode D) QR
C) OpCode
In an ARP header, the _________ field is primarily responsible for identifying whether or not the ARP message is a reply or a request. A) Sender hardware B) Hardware type C) Operation D) Target hardware
C) Operation
____________ is the standard for sending email. A) POP3 B) IMAP C) SMTP D) Gmail
C) SMTP
The first 4 bits of an IPv6 header identifies the _________ field. A) Hop Limit B) Next Header C) Version D) Traffic Class
C) Version
The display filter to capture HTTP request being made to a remote server is _______________ A) http.request.method == "POST" B) http.method == "POST" C) http.request.method == "GET" D) http.method == "GET"
C) http.request.method == "GET"
if a host in a LAN segment wants to send a message to another host in the same local segment, the sending host must have the ____________ of the destination host A) IPv6 address and ICMP port number B) IPv4 address and IPv6 address C) logical address and physical address D) physical address and ICMPv6 port number
C) logical address and physical address
When communication between devices is fast, and the amount of time it takes a packet to get from one point to another is low, the communication is said to have __________ A) high jitter B) high bandwidth C) low lattency D) high reliability
C) low lattency
If you suspect that you are the victim of __________ on the server side, consider attempting to capture traffic from the client (if possible) so that you can see whether re-transmission packets are present. A) packet spoofing B) packet delay C) packet loss D) a broadcast storm
C) packet loss
