215‐Midterm Study Guide - ConnorEast/Tech-Journal GitHub Wiki
Network Protocol Overview:
Question 1: Define a network protocol:
Answer 1: A network protocol is a set of rules and functions that dictate how communication between devices are facilitated.
Question 2: Define a protocol Suite:
Answer 2: A collection of protocols which are used in tandem to facilitate a specific function. DHCP would be an example.
Question 3: Network Layer Models: Types & Benefits?
Answer 3: Unless I'm missing something this would be the OSI model correct? either way the benefits would be a logical structure which can be followed during the creation process of new applications thereby allowing new structures to function on the internet and with seperate protocols.
Question 4: What are the layers of the OSI model and what are their purposes:
- Physical: Copper Cabling, Fiber Optic Cabling, et;all
- Data-link: MAC addressing configuration routing
- Network: IP addressing configuration routing
- Transport: Data-Transfer between systems and hosts.
- Session: Establishes and terminates connections.
- Presentation: Data Encryption Translation + Compression
- Application: Firewalls, UI, anything front facing pretty much.
Question 5: What is encapsulation?:
Answer 5: Encapsulation is the process of appending data at each layer of the osi model. This is essentially how packets are created and is done to confirm the packets have all of the neccessary information for internal and external routing.
Ethernet & ARP:
Question 1: Frame Format:
Answer 1: A frame format is the way in which a packet is organized. The first 6 bytes are the destination address, the Second 6 bytes are the source address and the final 2 bytes states what's in the header.
Question 2: MAC address format and OUI.
Answer 2: MAC addresses are written in hex. the first 3 bytes are the OUI, Organization Unit Identifier, while the final 3 are used to uniquely identify the device.
Question 3: why do we need layer 2 and layer 3 address resolution?
Answer 3: Without layer 2 address resolution, for IEEE802 Mac Addresses, Devices wouldn't be able to route data back to the original recipient. Without layer 3 address resolution, IP based, devices would not be able to communicate outside of their networks.
Question 4 What is ARPs order of request?
Answer 4: Source device wants to send a IP datagram. Device must decide if it is on the network or off the network. If it is on the network it broadcasts asking for the mac address of the destination IP. If it is on a distant network it broadcasts the default gateways mac address. Originally query uses the mac address FF:FF:FF:FF:FF:FF
Question 5: ARP general message Format:
Answer 5: 16:Hard Address Type, 16: Protocol Address Type, 8: Header length, 8: Paddr Length, 16: Operation, 31: Sender HADDR, 16: Sender HADDR 16: Sender PADDR,16 Sender PADDR,16: Target HADDR,31: Target HADDR, 31: Target PADDR.
Question 6: ARP and Default Gateway
Answer 6: Communication on a secondary network requires the mac address of the default gateway. ARP will send out a message with a MAC address of FF:FF:FF:FF:FF:FF
Question 7: ARP Bandwidth and performance issues:
Answer 7: While ARP messages are not large they do cause performance issues as it requires constant broadcasting which eats up the CPU.
Question 8: What is ARP caching:
Answer 8: ARP Caching is the proccess of saving pre-routed location into the table per jump, this effectively decreases the broadcasting needs required.
Question 9: What security concerns are associated with MAC spoofing
Answer 9: Bypassing MAC based security rules, Impersonation, Denial of Service attacks, and redirecting traffic.
Question 10: What security concerns are associated with ARP spoofing
Answer 10: Someone sets their IP to a legitimate server so that their device can recieve traffic intended for the original recipient.
Question 11: General ARP spoofing Mitigation Methods
Answer 11: Use MAC to Port mapping, use switch features that protect against ARP spoofing, use static IP to MAC mapping, Dynamic ARP inspection/DHCP spoofing.
IPv4:
Question 1: Important IP functions
Answer 1: Layer 3 protocol which allows for communication between devices on separate networks. Without an IP devices wouldn't be able to send packets back to the recipient. The major functions are; Addressing, Routing, Fragmentation and reasembly (Layer 1/2).
Question 2: IP header Fields
Answer 2: Version, Header Length, Type of Service , Total Length, Identification, IP Flags, Fragment OFfset, TTL, Protocol, Header Checksum, Source Address, Destination Address, IP option.
Question 3: Time to Live (TTL)
Answer 3: upon each successful or unsuccessful hop, the TTL ticks down. Once it hits 0 then the packet will be dropped to save bandwidth. If linux/MAC TTL is 64, If windows TTL is 128.
Question 4 Routing Princibles
Answer 4: The governing concepts and strategies for determining the most efficient, reliable and scalable network environment.
Question 5: Routing Tables
Answer 5: Routers have tables which contain the following information for all devices connected and functional on the network: Network address, subnet mask, next hop, interface. In some cases hop count and route preference may also be in the table
Question 6: Need for Routing Protocols
Answer 6: Without routing protocols devices could only communicate on their central network. Even then on the network traffic would be incredibly congested.
Question 7: Distance Vector VS Link state Routing Protocol
Answer 7:
Question 8: Interior VS Exterior Gateway routing protocols.
Answer 8: Interior: RIP [Routing internet protocol], OSPF [Open Shortest Path First], ISIS ----> Exterior: BGP [Border Gateway Protocol]
NAT:
Question 1: Purpose of NAT:
Answer 1: Allows private IP's to access external content while bouncing any traffic that did not begin from inside the network.
Question 2: Functions of NAT'ing router:
Answer 2: IP remaping, modifying network address information, routing said IP in and out of network.
Question 3: IP masquerading:
Answer 3: Changes the layer 3 IP address header to a public IP so that routing can occur. It also keeps a note of the device that asked the question so that it can properly return the data to the recipient.
Question 4 Port-Address-Translation [PAT]:
Answer 4: Sets IP's equal to a specific port on a public network so that external to internal routing is possible. Typically this would be used in order to create / set a front facing web browser.
IPv6:
Question 1: IPv6 Formatting:
Answer 1: Version, Traffic Class, Flow Label, Payload Length, Next Header, Hop limit, Source Address, Destination Address.
Question 2: IPv6 Standard Subnetting:
Answer 2: There is no set standard. Generally subnetting an IPv6 is not neccessary as it has a total of eighteen quintillion hosts on a /24. However should you subnet it is the same as IPv4
Question 3: IPv6 Header and differences with IPv4
Answer 3: 128 bits to IPv4s 32 Header. IPv6 is consistent and therefore faster. IPv6 is less complicated header wise.
Question 4 Creating an IPv6 address using SLACC/EUI-64
Answer 4: SLACC [Stateless Address Autoconfiguration] assigns a host IP by getting a net ID from the local router and appending it to the begining of the IP [Often Mac Address, could also be random]. ---> EUI-64 setsa FEFE in between the mac address and the ipv6 address in order to differentiate between the two sections of the 64 bit address field. Example: MAC ---> 02-OC-42-FE-FE-28-79-45 <---IP
Kahoot Questions:
Question 1. “Layer 4 of the OSI model is” [Dataling, application,. Transport, network]
Answer: “Transport”
Question 2. “If you ping 8.8.8.8 from a skiff pc, what is the destination mac address of the icmp packet”
Answer: “The skiff halls router Mac Address”
Question 3. “Router operate at which OSI model” [Network, data link, transport, application]
Answer: “Network”
Question 4. “The first 24 bits of a mac address identify“ [Nic manufacturer, network ID, serial adapter]
Answer: “The Nic Manufacturer”
Question 5. “Computer A “Arps” for computer B’s Address. What would the mac address be in the request”
Answer: FF;FF;FF;FF;FF;FF;FF
Question 6. “How many bytes are in a mac address”
Answer: “6”
Question 7. “Which of the following is not a benefit of the layered protocol model”
Answer: Design focuses on all aspects of communication in one protocol.
Question 8. True/false; the attacker must change the MAC address of their NIC in an ARP spoofing Attack”
Answer: False
Question 9. “Indirect delivery of a packet requires” [Broadcast, Routing, Switching, DHCP]
Answer: Routing
Question 10. What information is not required in a routing table entry” [Network Address, Next Hop, Subnet Mask, Port Number]
Answer: Port Number
Question 11. “Routing Protocols are used for”
Answer: Sharing information between routers to build dynamic routing tables.
Question 12. “If using rip, what path will a packet take to get between west and east campus”
Answer: Whichever takes less hops
Question 13. “Which of the following is not true of NAT” [Occurs on layer 3, Remaps IP space. Modifies, layer 3 boundary, uses private addresses]
Answer: It does not require the use of private addresses
Question 14. A common form of NAT that shares a single IP for many private IP clients is called
Answer: PAT (Port Access Translation)
Question 15. How many bits are in an IPv6 Address: [48, 32, 128, 96]
Answer: 128
Question 16. The ___ Protocol broadcasts a full routing table every 30-60s [Rip, Ospf, NDP, BGP]
Answer: RIP
Question 17. What is the dotted decimal subnet mask that represents /25
Answer: 255.255.255.128
Question 18. What is the 16-bit subnet ID of the IPv6 address 2620:E4:C00:12:44:123:4657:f9
Answer: 12
Question 19. Given 129.170.34.0/23, what is the last usable IP”
Answer: 129.170.35.254
Question 20. True/False, a IPv6 base header has fewer fields then an IPv4 Address
Answer: True