This article unfolds some questions in a logical order, starting with background on the OSI and DoD models, focusing on the Data Link and Physical layers. Further it proceeds up the OSI model and the various TCP/IP protocols that reside at those layers.
No one owns the TCP/IP technologies, nor can one obtain information in the form of documentation, policies, protocols, and standards from a vendor.
1. What is the reason for the importance of the OSI model and why was it created?
Answer – The major objective of the OSI model is to define a vendor-neutral framework for communication. This allows coexistent communication between similar and dissimilar protocols, hardware, operating systems and network architectures.
2. Which layer of the OSI model manages the communication dialog (full or half duplex) between services?
Answer – Session layer.
3. Which layer provides error handling and flow control as well as guaranteed delivery?
Answer – Although the Transport layer usually is described by these characteristics it really depends on what protocol is used at this layer. For instance, if TCP is used, the question is absolutely true. If UDP is used, no part of the question is true.
4. At which layer of the OSI model does switching occur?
Answer – Layer two of the OSI model, the Data Link, is where switches and bridges exist. Switches and bridges use layer two (MAC addresses) to make forwarding decisions.
5. At which layer of the OSI model do IP and ICMP function?
Answer – Network layer.
6. Name the four layers of the DoD model.
Answer – Process/Application, Host-to-Host, Internet, network access.
7. What are two functions of the Data link MAC Layer?
Answer – CRC calculation and verification, and media access are two examples.
8. Name the Transport layer protocol that is connectionless?
Answer – UDP.
9. What are the various IP address classes and their ranges?
Answer – Class A (1-127), Class B (128-191), Class C (192-223), Class D (224-239), Class E (240-247).
10. What purpose do subnet masks serve?
Answer – Subnet masks determine whether a destination is local, which tells the source host whether it can deliver the datagram itself or send it to a gateway for forwarding. The subnet mask of the source host is compared to the destination host’s IP address using bitwise ANDing to determine what portion of the address defines the network.
11. What is the difference between the network address and the node address?
Answer – Network layer addresses are logical and represent the Layer 3 4-byte IP address of the host. These addresses are assigned either manually or dynamically.
12. What are the restricted addresses and for what are they used?
Answer – 255.255.255.255 signifies a networkwide message sent to all nodes and all networks. Used for broadcast purposes, 0.0.0.0 is an unknown network or host that typically is used to define a default gateway or last resort. 127.0.0.1 is used for internal loopback testing. The following private addresses are used within a company’s network typically to facilitate better IP addressing implementation. These addresses may not be used out on the Internet. Companies implementing these addresses must use NAT to allow for translation to a registered address that may be used out on the Internet: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255.
13. How many bits in a Class C address are used to define the network number?
Answer – 8 bits.
14. With a network address of 220.127.116.11 and a subnet mask of 255.255.255.240, how many subnetworks are available and how many hosts per subnet?
Answer – 14 subnetworks and 14 hosts.
15. If you have an IP address of 18.104.22.168 and a /28 subnet address, what would the subnet mask be?
Answer – 255.255.255.224.
16. What is the correct number of subnets and hosts available on a Class B network with a subnet mask of 255.255.254.0?
Answer – 126 subnets and 510 hosts.
17. On a Class C network, how many bits would you need to borrow if you needed 19 hosts?
Answer – 5 bits, which would allow up to 30 hosts.
18. On a Class B network, how many bits would you need to borrow if you needed 1000 hosts?
Answer – 10 bits, which would allow 1022 hosts.
19. What is the decimal equivalent of the binary 10110111?
Answer – 182 (128+32+16+4+2+1)
20. What is the binary equivalent of a subnet mask of 201?
Answer – 11001001 (128+64+8+1) The Binary equivalent of 201 is 11001001 be it a decimal or a subnet mask
21. Which Network layer protocol is responsible for fragmentation and reassembly of datagrams?
Answer – IP.
22. A user would like to test connectivity between two remote hosts, so the user executes Ping. Which two ICMP message types are used to accomplish this test?
Answer – ICMP echo (type 8) and reply (type 0).
23. What does IP do when it receives data from UDP or TCP?
Answer – It packages it as datagrams, including the source and destination Network layer IP addresses.
24. How many minimum bytes are there in an IP header and what fields are contained within that header?
Answer – An IP header has a minimum of 20 bytes unless options are present. The IP header fields within that 20 bytes are version, header length, type of service, total length, identification, flags, fragment offset, time to live, protocol, checksum, source address and destination address. Other headers include options and data. The question asks which fields are in that header. I assume this is the protocol type field with 0800, but you may want to mention what field it is.
25. What are the ToS bits within the IP header used for?
Answer – It is used by applications to specify a level of routing service it would like a router to use when it forwards datagrams.
26. What two field values does the destination host use to ensure that it reassembles datagrams in the correct order?
Answer – The identification and fragment offset fields.
27. What type of ICMP message is Destination Unreachable, and what does it mean if you receive a Destination Unreachable ICMP message?
Answer – ICMP type 3 is a destination unreachable. If this message is received it means the requested destination network, host, or port is either too far or not available.
28. What does a 0 (zero) error code mean when you have a type 3, Destination Unreachable ICMP message?
Answer – A type 3 ICMP message is Destination Unreachable. A type 3 ICMP message with an error code of 4 signifies that a fragmentation is needed, but don’t-fragment bit set error has occurred.
29. What does a 4 error code mean when you have a type 3, Destination Unreachable ICMP message?
Answer – This means the requested host is unreachable.
30. What type of ICMP message is Time Exceeded and what does it mean if you receive a Time Exceeded ICMP message?
Answer – Type 11; this means the TTL timer has expired (reached a value of 0).
31. What type of address resolution does ARP perform and how does ARP go about resolving this type of address resolution?
Answer – ARP performs logical Network layer-to-Data Link hardware address resolution. ARP resolution is broadcast based.
32. RARP performs what type of address resolution and how does RARP go about resolving this type of address resolution?
Answer – RARP performs Data Link hardware address to logical Network layer address resolution. RARP is used by end devices to retrieve their IP addresses and configuration parameters from a RARP server. Requests and responses are broadcast based.
33. What protocol did BOOTP evolve to replace and what are the differences between the two protocols?
Answer – BootP replaced RARP. The main difference between BootP and RARP is that gateways or relay agents cannot forward RARP requests and responses.
34. What are the major differences between DHCP and BOOTP?
Answer – The main difference between DHCP and BootP is that DHCP does not use a static mapping table. DHCP can support static and dynamic address mappings.
35. What are the different ARP cache mechanisms?
Answer – Depending on implementation, hosts can use these three mechanisms to remove old or invalid entries from the ARP table: timeout, unicast poll, and Link layer or higher layer device.
36. What is Proxy ARP?
Answer – Proxy ARP allows a device, such as a gateway, to respond to ARP requests on behalf of a remote host.
37. What does the Opcode field specify in a ARP or RARP header?
Answer – The Opcode field defines the type of ARP or RARP operation being performed. An Opcode value of 1 equals a ARP request, 2 equals an ARP reply, 3 equals a RARP request, and 4 equals a RARP reply.
38. What is the difference between shouting and routing?
Answer – When a host wants to communicate with a remote device it compares the destination host’s IP address to the source host’s local subnet mask to determine whether the remote host resides on the local segment. If the source host determines the destination resides on the same subnet, it might “shout” (send a local ARP). If not, it must “route” (send a local ARP to resolve the gateway’s hardware address) to forward future datagrams.
39. Name the different DHCP messages types.
Answer – DHCP has seven message types: discover, offer, request, ACK, NAK, decline, and inform.
40. Name the DHCP message types that accomplish the initial four-phase configuration process between client and server.
Answer – The four DHCP message types that accomplish the initial four-phase configuration process between client and server are discover, offer, request, and ACK.
41. What routing methods do routers use to build their routing tables?
Answer – Directly connected interface, static, default, or dynamic.
42. What are the characteristics of static routing?
Answer – Manual entry of each route in the route table by an administrator, no route update traffic, ideal for point-to-point WAN links or dial-up networks, can use as backup when primary link fails, impractical to have entire network static, disadvantage of extreme administrative overhead, better to implement on small networks.
43. What are the characteristics of dynamic routing?
Answer – Broadcast, classful routing (updates do not include the subnet mask), timers control updates, the entire table is always sent regardless of a change, subject to routing loops, best used in small to medium networks, maximum distance defines the diameter of the network, uses hops as its sole metric.
44. When would you want to use static routing and when would you want to use dynamic routing?
Answer – You would want to use static routing in small networks or point-to-point links. If you want to entirely eliminate route update traffic, use static routing. You would use dynamic routing if you want your routers to automatically detect and adjust around failed links or routers.
45. What does default routing provide?
Answer – Default routing provides a route to be used as a last resort, when no other route to a destination exists.
46. What are the two main categories that dynamic routing protocols fall under and what is the difference between the two?
Answer – IGP and EGP.
47. What five protocols are considered to be IGPs?
Answer – IP RIPv1, IP RIP v2, IGRP, EIGRP, and OSPF.
48. What are the characteristics of distance vector protocols?
Answer – IP RIPv1, IP RIP v2, and IGRP.
49. What one metric does distance vector use and how does it vary between protocols?
Answer – Hops; IP RIP has a maximum hop count of 15. IGRP has a maximum hop count of 255.
50. What routing loop remedies for distance vector protocols can you employ?
Answer – Count to infinity, holddowns, split horizon, poison reverse.
51. How does split horizon work when enabled?
Answer – Split horizon prevents routing loops by preventing routing information from being advertised out the same interface on which it was received.
52. What five metrics are used by link state protocols to determine the best path?
Answer – Bandwidth, delay, reliability, load, and mtu.
53. What are some of the characteristics of link state protocols?
Answer – OSPF.
54. What kind of routing protocol is RIP considered to be?
Answer – RIP is considered to be an IGP and a distance vector routing protocol.
55. Name some of RIP’s characteristics.
Answer – RIP has the following characteristics: broadcast based, IGP, works best on small-sized networks, and distance-vector routing protocol.
56. What metric does RIP uses to determine best path selection?
Answer – RIP uses shortest distance, measured in hops.
57. How often does RIP send its broadcasts, and what does it send in these broadcasts?
Answer – Routers broadcast their entire routing table every 30 seconds.
58. How many entries can RIP send in its broadcasts?
Answer – 25
59. With RIPv1, how many hops can a datagram traverse if the destination is considered unreachable?
Answer – 15
60. What three features does RIPv2 support that RIPv1 does not?
Answer – Multicast, authentication, VLSMs (classless routing).
61. Why is RIPv2 virtually obsolete?
Answer – Version 2 is backwards compatible to Version 1 and Link State protocols are more proficient.
62. What are some of the disadvantages of RIPv1?
Answer – RIPv1 has the following disadvantages: broadcast based, sends out the entire table even when no changes occur, slow convergence due to periodic timers, maximum distance limitation of 15 hops, prone to routing loops and classful routing protocol (does not support VLSM).
63. What various mechanisms does RIP use to avoid routing loops?
Answer – RIP uses count to infinity, holddowns, split horizon and poison reverse.
64. What timers does RIP use?
Answer – RIP employs holddown, invalid and periodic update.
65. What kind of routing protocol is OSPF is considered to be?
Answer – OSPF is considered to be an IGP and link state routing protocol.
66. What metrics does OSPF consider when making routing decisions?
Answer – Link capacity, load, MTU, reliability and delay.
67. What advantages does OSPF have over RIP?
Answer – OSPF has the following advantages over RIP: ability to configure hierarchical routing domains, ability to adapt quickly to internet changes, only sends topology changes in updates when changes occur, supports large networks, supports load balancing, authentication of routing tables exchanges, supports VLSMs and uses multicasting.
68. What are some of the characteristics of OSPF?
Answer – OSPF has the following features: multicasting, fast convergence, triggered updates, classless routing, ToS or QoS, authentication, equal and unequal cost routes and can implement single or multiple areas.
69. What three databases do OSPF routers maintain and build?
Answer – Adjacency (neighbor table), link state (topology table), and forwarding (route table).
70. What is an OSPF adjacency database?
Answer – It is a router’s neighbor table. If a router has not formed an adjacency with their neighbor, they cannot exchange routing information.
71. What is an OSPF Link-state database?
Answer – It is a complete map of the internetwork topology.
72. What is an OSPF forwarding database?
Answer – A forwarding database is a local route table that has a table of the “best route” to forward traffic.
73. What is an OSPF LSA?
Answer – OSPF uses LSAs to form their link state database and to communicate within an area or out of an area.
74. What is the difference between an OSPF inter-area advertisement and an intra-area advertisement?
Answer – An OSPF Intra-Area Advertisement are only sent by routers to other routers within a specific area and an Inter-Area Advertisement are sent by ABR routers to other routers in directly connected areas.
75. What are the six OSPF router states?
Answer – Down, Init, Exstart, Exchange, Loading, and Full.
76. What are the four OSPF router types?
Answer – Internal, Backbone, ABR, ASBR.
77. What is the OSPF backbone area type?
Answer – Type 0.
78. What are the five OSPF packet types?
Answer – Hello, database description, link state request, link state update and link state acknowledgement.
79. What is the function of an OSPF Hello packet?
Answer – Hello packets establish and maintain adjacencies.
80. What is the function of an OSPF Database Description packet?
Answer – An OSPF Database Description packet summarizes database content.
81. What different metrics does IGRP use to make routing decisions?
Answer – IGRP can use a combination of metrics including: bandwidth, internetwork delay time, reliability and load.
82. What is the maximum hop count for IGRP? Why is it significant that IGRP has a larger hop count than RIP?
Answer – A maximum hop count of 255 allows for support of larger networks.
83. What are the various IGRP timers and what are their functions?
Answer – Update, invalid, holddown, flush timer.
84. What are some of the characteristics of EIGRP?
Answer – EIGRP has the following features: faster convergence through triggered updates, VLSMs, supports multiprotocol, keeps backup paths in route table, supports ToS or QoS, uses cost-based metrics like IGRP and multicast or unicast.
85. What type of protocol is EIGRP?
Answer – EIGRP is considered a balanced hybrid protocol.
86. What are some of the advantages and disadvantages of the fact that EIGRP offers multiprotocol support?
Answer – It has the advantage of allowing a company to run multiple protocols but maintain one routing table, but has the disadvantage of limiting you to Cisco equipment.
87. What is the difference between EIGRP successor and feasible successor routes?
Answer – The best route is consider the successor and the backup is considered a feasible route.
88. What are the five different EIGRP packet types? Briefly describe each.
Answer – Hello/ACKs, updates, queries, replies, and requests.
89. What is the difference between IGPs and EGPs?
Answer – An EGP connects independent ASs together while an IGP connects an independent AS.
90. What enhancements to BGPv4 allowed it to become the primary protocol used by the Internet?
Answer – VLSMs, route aggregation, and CIDR.
91. In what situations would you want to implement BGP?
Answer – You would want to implement BGP in the following situations: if you have multiple exit points connecting to a single ISP, if you have multiple paths to different ISPs and would like to dictate traffic, you need intelligent path selection and specific criteria, or your network’s infrastructure is used as a transit area for other organizations’ traffic.
92. What is the difference between a BGP partial-mesh and a BGP full-mesh topology?
Answer – A full-mesh topology requires separate logical TCP connections between all BGP routers within the same AS, allowing gateways to quickly determine whether a loop exists and pruning it. A partial mesh topology does not require all routers to maintain logical connections with one another.
93. What are the four types of BGP routers?
Answer – BGP speakers, peers, internal peers and external peers.
94. Each BGP speaker, no matter what table it maintains, needs to distinguish what things?
Answer – Route information received, route information to be advertised, their local BGP table.
95. On top of what protocol does BGP run?
Answer – TCP.
96. What are the four different BGP message types?
Answer – Open, update, keepalive, notification.
97. When is a BGP Open message sent, and what is its function?
Answer – The open message initiates a BGP peer relationship between internal or external peers.
98. What is a BGP Notification message used for?
Answer – Notification messages (message type 3) occur when BGP routers encounter an error. These messages cause the TCP session to be torn down.
99. What metric does BGP use to determine the best path to a destination?
Answer – Path attributes.
100. Into what four categories do BGP path attributes fall?
Answer – Well-known mandatory, well-known discretionary, optional transitive, optional nontransitive.
101. In BGP, what is meant by local preference?
Answer – When multiple paths exist to route traffic outside of this AS, routers within an AS may set the local preference value higher for one path, indicating the preferred route.
102. What are some of the differences between BGPv3 and BGPv4?
Answer – BGPv4 supports VLSMs, summarization and local preference while BGPv3 does not. In addition, BGPv4 supports both full and partial mesh while v3 supports only full.
103. What four services does the Transport or Host-to-Host layer provide?
Answer – Controls end-to-end communication between two processes running on different hosts, provides connection-oriented or connectionless services to upper layers, uses client and server port address to identify processes running within a host, segments data for upperlayer applications.
104. What do all connection-oriented protocols exhibit?
Answer – All connection-oriented protocols exhibit these characteristics: session setup, session teardown, acknowledgements, sequencing, flow control, keepalives, reliable/guarantee delivery, slower delivery of data, tons of overhead, error recovery and retransmission of data.
105. What are well-known ports and what is their range?
Answer – Well-known server ports define well-known programs used in the industry that have become the official standard for addressing such programs. They have a range of 0-255.
106. What are less-known ports and what is their range?
Answer – Lesser-known server ports are reserved ports that vendors can implement on an asneeded basis and have a range of 256-1023.
107. What are client ports and what is their range?
Answer – Client ports are variable (or ethereal) ports made up on the fly each time a client process begins and opens a new port and have a range of 1024-65536.
108. Describe socket pairing.
Answer – The client and server ports clearly identify the process communicating on each box. By linking the sending host’s address and port to the destination host’s address and port, TCP or UDP can manage the communication between these hosts and their processes, and distinguish them from other virtual connections to the same hosts.
109. Compare and contrast the two Transport or Host-to-Host layer protocols that reside in the TCP/IP protocol suite.
Answer – UDP offers fast, unreliable delivery of messages between applications running on remote hosts. TCP offers slower but guaranteed delivery of data.
110. What is flow control?
Answer – It is an alert to the sending host to slow down transmission or stop altogether.
111. What choice do vendors have to make when implementing a particular Transport layer protocol?
Answer – They have to choose between speed (UDP) and reliability (TCP).
112. What protocol utilizes acknowledgements and sequencing and what functions do acknowledgements and sequencing have?
Answer – TCP utilizes acknowledgements and sequencing to help keep track of data and guarantee delivery.
113. During TCP operation, what six fundamental functions does TCP use to control the communications between remote host process?
Answer – During TCP operation, TCP uses connection setup and teardown, multiplexing, data transfer, flow control, reliability, and precedence and security to control the communications between remote host process.
114. What must occur before upper-layer applications can exchange meaningful data?
Answer – TCP must establish a logical circuit or session between communicating ports before upper-layer applications can exchange meaningful data.
115. What allows TCP the capability to establish and maintain multiple communication paths between two hosts simultaneously?
Answer – Multiplexing enables TCP to establish and maintain multiple communication paths between two hosts simultaneously.
116. TCP receives ___________ from upper-layer applications and organizes them into __________ to be passed down to the Network layer to become __________.
Answer – TCP receives datastreams (messages) from upper-layer applications and organizes them into segments to be passed down to the Network layer to become a datagram.
117. What mechanism controls the inbound flow of data?
Answer – Windowing controls the inbound flow of data.
118. How does TCP provide reliable delivery of packets?
Answer – TCP provides reliable delivery of packets through sequencing and acknowledgements.
119. What are the six basic characteristics of connection-oriented protocols?
Answer – Connection-oriented protocols have six basic characteristics: session setup, sequencing, acknowledgements, keepalives, session teardown, and flow control.
120. What is socket pairing?
Answer – Socket pairing is the combination of the source and destination hosts’ Network layer IP addresses and Transport layer port addresses.
121. When does retransmission of data occur?
Answer – Retransmission occurs after a logical circuit (TCP connection) is established between remote host processes.
122. Name the different fields contained in a TCP header?
Answer – The TCP header contains source port, destination port, acknowledgement number, data offset, reserved, control flags, window, checksum, urgent point and TCP options fields.
123. What RFC defines UDP?
Answer – RFC 768 defines UDP.
124. What does UDP provide for applications running on remote hosts?
Answer – UDP provides connectionless, unreliable, fast delivery of data for applications running on remote hosts.
125. What protocol type identifies UDP in the IP header?
Answer – Protocol type 17 identifies UDP in the IP header.
126. What relationship does UDP have with sequencing and acknowledging the receipt of sent data?
Answer – UDP does not utilize sequencing and acknowledgements to guarantee delivery of data. It relies on other protocols to perform this function. It simply identifies the source and destination ports, sends the data, and hopes it arrives at the destination.
127. During UDP operation of transferring data, what does this protocol assume?
Answer – During UDP operation of transferring data, UDP assumes that there is a stable and reliable network infrastructure supporting the transmission of data. It relies on other protocols to detect and correct errors.
128. What management responsibilities does UDP have with maintaining a connection?
Answer – UDP has no management responsibilities for maintaining a connection. UDP does not establish a connection between hosts; therefore, it does not need to maintain a connection.
129. What does UDP offer that TCP doesn’t?
Answer – UDP offers speedier delivery of packets and less overhead than TCP.
130. What mechanism does UDP use to check only for damaged frames?
Answer – UDP uses CRC (Cyclic Redundancy Check), which checks for damaged frames in the UDP header, upper-layer data and pseudo IP header.
131. What three things does the checksum validate?
Answer – The checksum validates the UDP header, upper-layer data, and pseudo IP header.
132. The UDP pseudo header contains what information?
Answer – The pseudo IP header contains the source and destination Network layer addresses, Transport layer protocol type code, and UDP length value.
133. What three OSI layers does the Process/Application layer of the DoD model consist of?
Answer – Application, Presentation, and Session.
134. What is the primary function of the Process/Application layer?
Answer – To provide access to resources and services on remote hosts, file transfer (FTP or TFTP), file and print operations, e-mail.
135. What protocols reside at the Application layer?
Answer – FTP and TFTP.
136. What is the primary function of the Presentation layer?
Answer – Providing a common data format across different platforms.
137. What is the primary function of the Session layer?
Answer – Coordinates dialogs between two applications.
138. What are the ONC protocols and on what layers do they reside?
Answer – NFS (application layer), XDR (presentation), and RPC (session).
139. What does Telnet enable a user to do?
Answer – Enables a user running a client terminal session to access a remote host (or Telnet server) across TCP/IP Internets.
140. What series of events have to occur to establish a Telnet session?
Answer – When the user starts the Telnet session, an application on the user’s machine becomes the client. The client establishes a TCP connection with a Telnet server (remote host) using the standard TCP three-way handshake as described in Chapter 8, “Transmission Control Protocol (TCP).” The client communicates over the TCP connection from the user’s keyboard and display as if connected directly to the remote host’s terminal. The server utilizes a pseudo terminal device. The pseudo terminal device describes the operating system entry point that enables a program like Telnet to transfer data to another operating system as if coming from the same keyboard.
141. What are Telnet options used for?
Answer – Used for negotiating parameters between clients and servers.
142. Although there are more than 40 Telnet options, what are the 12 most important and widely used options?
Answer – Binary transmission, echo, suppress go ahead, status, timing mark, terminal type, end of record, window size, terminal speed, remote flow control, line mode, environment variables.
143. What three basic services does Telnet offer?
Answer – Network Virtual Terminal (NVT)—Provides a standard interface to remote systems, allows clients and servers to negotiate various options and symmetric view of terminals and processes.
144. What is the NVT and what function does it provide during Telnet operation?
Answer – The NVT provides transparency and support for a minimum level of options between remote clients and servers being used by either side. By implementing a virtual terminal as a front end, this hides the differences between the communicating devices and provides a common set of commands and characteristics.
145. What is the 7-bit ASCII code used for?
Answer – Characters and display device.
146. What does symmetrical connection mean?
Answer – Either side can request the use of an optional feature. If the other side does not support the feature or is prohibited from allowing this feature to be used, it rejects the request. Both sides agree upon and use the supported features, and keep all other options at the minimum NVT standard.
147. What is the IAC character?
Answer – Interpret As Command.
148. During option negotiation what four requests can either side ask for?
Answer – WILL—Sender wants to enable the option, DO—Sender wants the receiver to enable the option, WONT—Sender wants to disable the option, DONT—Senders wants the receiver to disable the option.
149. What six possible various responses can occur during option negotiation?
Answer – WILL/DO, WILL/DON’T, DO/WILL, DO/WONT, WONT/DONT, and DON’T/WONT.
150. What does FTP allow you to do and what are its four objectives?
Answer – FTP allows a remote or local client and server to efficiently transfer files or data using TCP’s reliable transport: promote sharing of files (computer programs or data), encourage indirect or implicit use of remote computers, shield a user from variations in file storage systems among hosts, and transfer data reliably and efficiently.
151. What five software elements make up an FTP session?
Answer – User Interface—Provides a user interface and drives the client protocol interpreter. Client PI—The client protocol interpreter. Issues commands to the remote server protocol interpreter and drives the client data transfer process. Server PI—the server protocol interpreter. Responds to commands from the Client PI and drives the server data transfer process. Client DTP—Client data transfer process. Communicates with server data process and local file system. Server DTP—Server data transfer process. Communicates with client DTP and the remote file system.
152. What is the protocol interpreter’s job during an FTP session?
Answer – Protocol interpreter deals with the commands and replies.
153. What is the job of the data transfer process during an FTP session?
Answer – The server PI listens on well-known port number 21 for control connection requests and waits for a client communication. The client PI initiates the connection by sending a TCP SYN request in the form of a control message addressed to the destination TCP on wellknown port 21.
154. What two TCP network connections does FTP make, and for what is each connection used?
Answer – Ports 20 (data) and 21 (control).
155. What three parameters do FTP utilities use to resolve data representation?
Answer – Data representation—identifies the type of data being sent. Data structure—specifies the format of the data being transferred. Transmission mode—specifies how the data transmits across the connection.
156. In what four ways can FTP represent data types?
Answer – ASCII (default), EBCDIC, Image file type (also called binary), Local file type.
157. In what three ways can FTP represent data structure?
Answer – FTP can use three types of data structure: File (default), Record, Page.
158. What three transmission modes can FTP use?
Answer – Stream (default), Block, Compressed.
159. What three format controls does FTP use, and what data types utilize these format controls?
Answer – Nonprint, Telnet format command, Fortran carriage control
160. What are the characteristics of stream mode and how does it work?
Answer – Stream mode as the following characteristics: default mode, data transmitted in a stream of bytes, and allows record structures.
161. FTP commands come in what three categories, and what do the PIs use these commands for?
Answer – The server and client protocol interpreters communicate commands and replies across the control connection as NVT ASCII (Telnet) strings. FTP commands come in the following three categories: access control, transfer parameter and service.
162. What do FTP replies guarantee and what format do they follow?
Answer – FTP replies appear as three-digit numbers with an optional message in the form of text following the number string. The FTP reply format enables both the interactive user and the software to read the replies, providing information explaining the response. FTP replies guarantee synchronization of requests and actions during file transfer and that the user always knows the state of the server.
163. What is Anonymous FTP?
Answer – Transfer files through the Internet without having a specific user account through anonymous FTP. This means you do not have to be an official user of a particular system to gain access to files that system offers.
164. What is the main function of SMTP?
Answer – Simple Mail Transfer Protocol (SMTP) provides the exchange of electronic mail (e-mail) between a sender (client) and receiver (server).
165. How do User Agents function in the SMTP model?
Answer – Users have immediate interaction with the e-mail system through the UA. Through the UA the user composes, submits, and receives e-mail messages.
166. How does SMTP differ from UA?
Answer – SMTP facilitates the delivery of mail messages (known as a Message Transfer Agent or MTA) between remote client and server mail applications (known as User Agents).
167. Describe three of SMTP’s limitations.
Answer – SMTP has the following limitations: the message must contain only ASCII characters, the maximum line length must not exceed 1000 characters, and the message must not exceed a predefined maximum size.
168. List three rules in SMTP command protocol.
Answer – SMTP has the following rules: a command code and an argument make up each SMTP command, four alphabetic characters in either upper- or lowercase comprise the command code, one or more space characters separate this code from the argument, path arguments are case sensitive, CRLF concludes argument field and square brackets enclose optional arguments.
169. Explain why replies are important to smooth mail transactions.
Answer – SMTP clients and servers use the three digits to communicate receipt of information and notify the other side when it has encountered an error.
170. Why is the SMTP reply important to the user?
Answer – SMTP replies include a three-digit number code meant for the computer and text for the user. The user can then use this information to determine the status of his or her request.
171. Explain how MIME functions with SMTP
Answer – MIME extensions provide for transmissions of data previously unsupported in Internet mail by encoding the message into readable ASCII to create a standard e-mail message.
172. Describe three problems with namespace.
Answer – The namespace has the following problems: It makes expansion difficult, work overload complicates the expansion problem, and it is both inefficient and costly.
173. Explain how primary servers differ from secondary servers.
Answer – The primary name server loads information from the disk files. The secondary server gets information from the primary.
174. Why can’t computers understand a domain name?
Answer – Because computers use numbers (for example, IP addresses and MAC addresses) for addressing, not a name, a method, such as DNS, needs to exist for name resolution.
175. Explain how DNS designates its authority.
Answer – It uses a hierarchical system starting with top-level domain names, then breaking it up into lower-level domains that are more specific.
176. Define the term “caching” and how servers use it for name resolution.
Answer – Caching means to store information in RAM. Name servers store all of the information requests (mappings) by filing them away (saving to disk) or caching them (saving to RAM). This way, it keeps up on the most recently requested data and has the newly requested name resolutions. Caching also lowers the cost of resolving nonlocal names because of its speed.
177. Why would a server use a message format?
Answer – If the server still cannot find the answer after checking its cache, it becomes a client (acting as a proxy for the source host) and uses a message format to ask multiple questions to the authoritative server in one message.
178. List what each message must contain in a message format.
Answer – Each message contains three things:
- A domain name to be resolved
- The class, or protocol family the domain name uses
- The type of the domain name
179. What is the difference between NetBIOS and NetBEUI?
Answer – NetBEUI is strictly a Layer 2 protocol implementation designed to carry NetBIOS datagrams over a flat-bridged network. NetBIOS is a datagram and naming service.
180. How is NetBIOS able to do name resolution at Layer 3?
Answer – Modifications to NetBIOS allow it function at layer three by utilizing TCP/IP.
181. What are the three primary TCP/UDP ports used by NetBIOS and what are they used for?
Answer – 37,138 and 139
182. What are the different NetBIOS node types? Briefly describe each.
Answer – NetBIOS has the following node types:
- B-node (broadcast node type)—Tries broadcast, then LMHosts file.
- P-node (point-to-point node type)—Tries NBNS server only.
- M-node (mixed node type)—Client tries b-node, p-node, then LMHosts file.
- H-node (hybrid node type)—Client tries p-node, b-node, then LMHosts file.
183. What is a WINS proxy agent?
Answer – Intercept local resolution broadcast requests and relay them as directed datagrams to a remote WINS server for name resolution.
184. Why do you need to use HTTP?
Answer – You need to use the HTTP protocol to find a Web page that you want. You can visibly see HTTP in the first part of the URL.
185. What function does HTTP have with the browser and the server?
Answer – HTTP makes communication between your workstation’s browser and a Web server happen.
186. What is the browser’s function?
Answer – Your browser works as an application program and opens Web pages.
187. At which level does HTTP work and how does this affect its capabilities?
Answer – HTTP works at the application level focusing on providing a communication link and message forward. It does not offer reliability or perform retransmission.
188. List three more of HTTP’s qualities.
Answer – HTTP has the following qualities: bi-directional transfer, capability negotiation, support for intermediaries, supports caching, does not keep a history of HTTP sessions or your HTTP requests, and works at application level to provide a communication link and message forward.
189. Explain how HTTP’s support of caching adds efficiency.
Answer – HTTP supports caching. This means that to save time, your browser caches a copy of each Web page it retrieves for you. If you want this page again, HTTP has the browser ask the server whether the contents of the present page differ from the cached copy.
190. Explain what a proxy does.
Answer – Works as an intermediary HTTP host functioning as either an HTTP client or server so the UA and the Origin server can exchange information. Proxy agents pass requests from clients to servers. Servers also respond to the request itself when the information you want is local.
191. Which HTTP components can be a proxy?
Answer – Any machine along the path between the browser and the server can be a proxy server.
192. State the general HTTP message format.
Answer – HTTP has the following general message format: a generic start line, called a request line for request messages and a stats line for reply messages, a general header, a message header, one empty line and the message body.
193. Who can read the message body?
Answer – The message body is for you to read.
194. Who can read the headers?
Answer – The header messages are for the browser to read.
195. Why do you receive error messages?
Answer – Error messages give you an indication as to what type of error was encountered and what went wrong with the delivery.
196. What are the differences between FTP and TFTP?
Answer – FTP runs on top of TCP making it connection oriented; TFTP runs on top of UDP making it connectionless.
197. What are some of the benefits of using TFTP?
Answer – It is a simple and fast file transfer protocol with little overhead.
198. What type of service does TFTP provide?
Answer – Fast, unreliable connectionless file transfer.
199. How does each exchange begin?
Answer – The sending side (TFTP client) opens a variable client UDP port (referred to as a TFTP or transfer ID), requests a file, and waits for the acknowledgement of each block before sending another block. In turn, the receiving side acknowledges each block when it receives the data.
200. What five packets does TFTP use and what functions do they serve?
Answer – HTTP uses the following five packets: read request, write request, data, acknowledgement, and error. Read request and write request files begin a request and determine what file needs to be transferred. Data packets transfer the requested data. The ACK packet acknowledges the receipt of each block (data packet) received during data transfer. The error packet acknowledges any of the other packet types and signifies that an error has occurred.
201. What does a block of less than 512 bytes signify?
Answer – The end of a file transfer.
202. What is the lock-step acknowledgement method and how does TFTP utilize it?
Answer – TFTP utilizes the lock-step acknowledgement method, which means that each data packet has to be acknowledged before transmission of another. Remember TFTP transmits data in blocks one at a time with the first data block numbered one.
203. What three events trigger an error packet?
Answer – The following three things trigger an error packet: the host cannot satisfy a request, the host receives a delayed or duplicated packet, and when the host loses access to a resource.
204. What does it mean to read a file and write a file?
Answer – If the client makes a read request, the server begins the transfer. If the client makes a write request, the client begins the transmission.
205. Briefly describe TFTP operation.
Answer – The TFTP client initiates the connection by requesting to read or write a file from or to the server. The client does this by opening a variable port (TFTP TID) to the receiver’s well-known TFTP server port 69. The client specifies the identification of the file name and data type within the initial request. Once the client sends the initial request, the TFTP server reassigns itself a new UDP port to use as its TID for the duration of this dat transmission and the transfer begins.
206. TFTP extensions allow for option negotiation between client and server. How does this affect blocksize?
Answer – The blocksize option allows for larger datagrams to be exchanged. A larger blocksize increase the file transfer performance between remote hosts.
207. How does TFTP option negotiation work?
Answer – Servers that support option negotiation have an option acknowledgement (OACK) packet to notify the client if it supports this option. When a server accepts the option, it includes it in the OACK packet. If it does not accept the option it simply ignores it, leaving it out of the OACK frame. Clients implement only what servers allow. The client might request multiple options during the negotiation process by simply listing them within the read or write packet. The client appends the option request to the standard read or write request used to initialize the session between the client and server.
208. What is an OACK packet?
Answer – The OACK packet is an option acknowledgment of a negotiated option.
209. What was SNMP previously known as?
Answer – SGMP.
210. What three main SNMP entities make remote management possible?
Answer – Agents, managers, and proxies.
211. What are SNMP agents?
Answer – SNMP agents run SNMP responder and notification generation software.
212. What are SNMP proxies?
Answer – SNMP proxies provide message forwarding between agents and managers. Proxies also act as an intermediary between agent hosts using different versions of SNMP, which allow compatibility between the hosts.
213. What are SNMP managers?
Answer – As hosts, SNMP managers run management control software used to remotely control and monitor SNMP agents. These hosts provide a central management point and user interface using SNMP to deliver commands to agents. Managers are known as command generators and notification receivers.
214. What is a Trap PDU?
Answer – A trap PDU is an unsolicited message sent by an Agent to an SNMP manager because of a triggered event such as authentication failure.
215. What are the three protocols in the ONC family?
Answer – NFS, RPC, and XDR.
216. What is the primary function of NFS?
Answer – NFS provides access to information through distributed file systems over any network architecture.
217. What is the primary function of XDR?
Answer – XDR translates and presents data so that two different operating systems can communicate with each other. XDR provides platform independence.
218. What is the primary function of RPC?
Answer – RPC provides a protocol and independent interface capable of providing a bidirectional communication link between remote communicating processes. RPC resides at a Session layer, thus it has the responsibility of setting up a session between two host processes, and then maintaining and tracking the session.
219. What company developed the ONC protocols?
Answer – Sun Microsystems.