Guide To TCP IP 4th Edition by Carrell – Test Bank



Sample  Questions



Chapter 1: Introducing TCP/IP






  1. When two or more RFCs cover the same topic, they usually also share the same title.




  1. RFC 3300 describes how an RFC is created and what processes it must go through to become an official standard, adopted by the IETF.




  1. A divide and conquer approach permits concerns related to networking hardware to be completely separated from those related to networking software.


REF:  8-9


  1. PDUs typically include 揺 nvelope information? in the form of specific headers and trailers.


REF:  11


  1. The Session layer is equipped to request retransmission of all erroneous or missing PDUs when reassembly is underway, so that it can guarantee reliable delivery of data from sender to receiver.


REF:  14





1. The term ____ refers to a single logical network composed of multiple physical networks, which
may all be at a single physical location, or spread among multiple physical locations.
a. internetwork c. connection-oriented
b. session d. checksum
PTS: 1 REF: 3
2. The ____ is the parent organization for all the various Internet boards and task forces.
a. ICANN c. Internet Architecture Board
b. Internet Engineering Task Force d. Internet Society
PTS: 1 REF: 6


  1. The ____ is the group responsible for drafting, testing, proposing, and maintaining official Internet Standards, in the form of RFCs, through the agencies of multiple working groups under its purview.
a.  ICANN c. Internet Architecture Board
b.  Internet Engineering Task Force d. Internet Society
PTS:  1 REF: 6













  1. The ____ is responsible for the more forward-looking activities of the ISOC, and handles research


and development work for topics too far-out or impractical for immediate implementation, but which may (or may not) have a role to play on the Internet some day.

a.  ICANN c. Internet Research Task Force
b.  Internet Engineering Task Force d. Internet Society
PTS:  1 REF: 6


  1. The ____ is ultimately responsible for managing all Internet domain names, network addresses, and protocol parameters and behaviors.
a.  ICANN c. Internet Research Task Force
b.  Internet Engineering Task Force d. Internet Society
PTS:  1 REF: 6


  1. The ____ includes the physical transmission medium (cables or wireless media) that any network must use to send and receive the signals that constitute the physical expression of networked communications.
a. Data Link layer c. Network layer
b. Physical layer d. Transport layer
PTS:  1 REF: 11


  1. It is the job of the ____ to enable reliable transmission of data through the Physical layer at the sending end, and to check such reliability upon reception at the receiving end.
a. Data Link layer c. Network layer
b. Physical layer d. Transport layer
PTS:  1 REF: 12


  1. The ____ is where notions of network location are addressed and where the intricacies involved in directing a PDU from sender to receiver are handled.
a. Data Link layer c. Network layer
b. Application layer d. Transport layer
PTS:  1 REF: 12


  1. The ____ is where ongoing communications between a sender and a receiver, somewhat like a telephone conversation, are set up, maintained, and then terminated, or torn down,as needed.
a. Session layer c. Network layer
b. Physical layer d. Presentation layer
PTS:  1 REF: 14


  1. The ____ manages the way data is presented to the network (on its way down the protocol stack), and to a specific machine/application combination (on its way up the protocol stack).
a. Session layer c. Network layer
b. Physical layer d. Presentation layer
PTS:  1 REF: 14


  1. The ____ defines an interface that applications can use to request network services, rather than referring directly to applications themselves.
a. Application layer c. Session layer
b. Physical layer d. Presentation layer
PTS:  1 REF: 15







12. The TCP/IP Application layer also is known as the ____ layer because this is where the protocol
stack interfaces with applications or processes on a host machine.
a. Session c. Process
b. Network d. Transport
PTS: 1 REF: 20
13. Combining the various sources of outgoing data into a single output data stream is called ____.
a. segmentation c. protocol analysis
b. demultiplexing d. multiplexing
PTS: 1 REF: 21


  1. ____ assign a series of numbers to represent a sizable collection of TCP/IP-based network services, such as file transfer (FTP), terminal emulation (Telnet), and e-mail.
a. Well-known protocols c. Data frames
b. Daemons d. Datagrams
PTS:  1 REF: 21


  1. TCP/IP application processes are sometimes called ____ and are identified by port numbers.


a. well-known protocols c. network services
b. hosts d. display filters
PTS:  1 REF: 23


  1. Many PDUs include a characteristic closing component called a ____ that provides data integrity checks for the data portion of the PDU, known as the payload.
a. well-known protocol c. network service
b. trailer d. host
PTS:  1 REF: 24


17. ____ is the process of tapping into the network communications system, capturing packets that
cross the network, gathering network statistics, and decoding the packets into readable form.
a. Segmentation c. Encapsulation
b. Multiplexing d. Protocol analysis
PTS: 1 REF: 24
18. A(n) ____ is a holding area for packets copied off the network.
a. trace buffer c. packet
b. payload d. layer
PTS: 1 REF: 27
19. ____ are applied to the packets that are captured into the trace buffer.
a. Ports c. Filters
b. Runts d. Decodes
PTS: 1 REF: 27
20. Many analyzers have configurable ____ that indicate unusual network events or errors.
a. ports c. sockets
b. alarms d. sessions
PTS: 1 REF: 27








  1. Remote Monitoring (RMON) uses the ____ to collect traffic data at a remote switch and send the data to a management device.
a. Simple Network Management Protocol c. Virtual Private Network
b. User Datagram Protocol d. Wide Area Information Service
PTS:  1 REF: 29




  1. The ____________________ layer also coordinates the sending and receiving of signals across the networking medium, and determines what kinds of cables, connectors, and network interfaces must be used to access a specific area on a network.



  1. The primary function of the ____________________ layer is to provide a globally unique address to every host on the Internet and paths to and from hosts.



  1. ____________________ involves cutting up a big message into a numbered sequence of chunks, called segments, in which each chunk represents the maximum data payload that the network media can carry between sender and receiver.



  1. The Session layer includes mechanisms to maintain reliable ongoing conversations, called





  1. The most important TCP/IP Network Access layer protocol is ____________________.











Match each item with a statement below.
a. 1978 f. Packet
b. 1983 g. TCP/IP Network Access layer
c. NSFNET h. Datagrams
d. Data link layer i. Hosts
  1. Frames


  1. a long-haul, high-speed network launched in 1986 by the NSF


  1. manages point-to-point transmission across the networking medium, from one computer to another on a single logical or physical cable segment


  1. the PDU associated with the Network layer


  1. Internet Protocol version 4 came into existence


  1. devices that operate on the Internet


  1. the layer where LAN technologies, such as Ethernet, token ring, and wireless media and devices, come into play
  2. the Defense Communications Agency took over operation of the ARPANET from DARPA


  1. PDUs at the TCP/IP Network Access Layer


  1. Data Link layer PDUs





  1. What is the purpose of the Internet Architecture Board?


  1. What is the purpose of the Internet Engineering Task Force (IETF)?



  1. The reference model described in ISO Standard 7498 breaks network communication into seven layers. List each layer from top to bottom.



  1. Provide brief descriptions of the following protocols: High-level Data Link Control (HDLC) protocol and frame relay.


  1. Briefly describe the three primary tasks that the Internet layer handles for TCP/IP.



  1. What is the purpose of the following protocols: Internet Protocol, Internet Control Message Protocol, and Address Resolution Protocol.



  1. What is the difference between the Open Shortest Path First protocol and the Border Gateway Protocol?


  1. Briefly discuss two elements that TCP/IP services depend on to operate.



  1. List five basic elements found on most protocol analyzers.



  1. Briefly describe three options for analyzing switched networks.





Chapter 2: IP Addressing and Related Topics






  1. IP addresses can be represented as domain names to make it possible for users to identify and access resources on a network.


REF:  59


  1. As a frame moves from interface to interface, the IP source and destination address information is preserved.


REF:  59-60


  1. Class D addresses always take the following binary form: bbbbbbbb.11111111.11111111.11111111.


REF:  62


  1. When a host uses a service that employs a multicast address, it registers itself to 搇isten? on that address, as well as on its own unique host address (and the broadcast address).


REF:  62


  1. Providing a narrower address space is the primary design goal for IPv6.







  1. To be valid, any domain name must correspond to at least one unique ____.


a. loopback address c. firewall
b. numeric IP address d. IP gateway
PTS:  1 REF: 58


  1. The ____ address is a six-byte numeric address, burned into firmware (on a chip) by network interface manufacturers.
a. symbolic c. reverse proxy
b. logical numeric d. physical numeric
PTS:  1 REF: 59


3. ____ is used to permit computers to translate numeric IP addresses to MAC layer addresses.
a. ARP c. Reverse proxying
b. RARP d. Subnet masking
PTS: 1 REF: 59
4. ____ is used to translate MAC layer addresses into numeric IP addresses.
a. ARP c. Reverse proxying
b. RARP d. Subnet masking
PTS: 1 REF: 59







  1. The term ____ is used to describe the data frame crossing a router.


a. firewall c. loopback
b. hop d. dot squad
PTS:  1 REF: 60


  1. ____ addresses are used for multicast communications, in which a single address may be associated with more than one network host machine.
a. Class A c. Class C
b. Class B d. Class D
PTS:  1 REF: 61


  1. A ____ represents a network address that all hosts on a network must read.


a. loopback c. broadcast address
b. hop d. dot squad
PTS:  1 REF: 62


  1. A ____ is a special bit pattern that 揵 locks off ? the network portion of an IPv4 address with an all-ones pattern.
a. reverse proxy c. broadcast address
b. summary address d. subnet mask
PTS:  1 REF: 65


  1. A(n) ____ is a device that interconnects multiple IP networks or subnets.


a. subnet mask c. layer-3 switch
b. IP gateway d. network address
PTS:  1 REF: 67


  1. When a computer on one subnet wishes to communicate with a computer on another subnet, traffic must be forwarded from the sender to a nearby ____ to send the message on its way from one subnet to another.
a. broadcast address c. subnet mask
b. IP gateway d. proxy server
PTS:  1 REF: 67


  1. The simplest form of subnet masking uses a technique called ____, in which each subnet includes the same number of stations and represents a simple division of the address space made available by subnetting into multiple equal segments.
a. constant-length subnet masking c. dot squad
b. firewall d. anycast
PTS:  1 REF: 67


  1. One form of subnet masking uses a technique called ____ and permits a single address to be subdivided into multiple subnets, in which subnets need not all be the same size.
a. IP gateway c. variable-length subnet masking
b. constant-length subnet masking d. IP renumbering
PTS:  1 REF: 67











  1. ____ gets its name from the notion that it ignores the traditional A, B, and C class designations for IP addresses and can therefore set the network-host ID boundary wherever it wants to, in a way that simplifies routing across the resulting IP address spaces.
a. Route aggregation c. NAT
b. Address masquerading d. Classless Inter-Domain Routing
PTS:  1 REF: 68


  1. ____ allows IPv4 addresses from Class A, B, or C to be combined and treated as a larger address space, or subdivided arbitrarily, as needed.
a. Supernetting c. Subnet masking
b. Classless Inter-Domain Routing d. Address masquerading
PTS:  1 REF: 69


  1. ____ may be performed by boundary devices that include proxy server capabilities to replace private IP addresses with one or more public IP addresses as outbound traffic exits the server, and to replace such public addresses with their proper private equivalents as incoming traffic passes through the server.
a. IP renumbering c. Address masquerading
b. Supernetting d. Subnetting
PTS:  1 REF: 70


  1. One of the most important services that a ____ provides is to manage what source addresses appear in outbound packets that pass through it.
a. loopback c. subnet mask
b. proxy server d. layer-3 switch
PTS:  1 REF: 72


  1. RFC ____ reserves three ranges of IP addresses for private use – a single Class A


(, 16 Class Bs (, and 256 Class Cs (

a. 1517 c. 1878
b. 1518 d. 1918
PTS:  1 REF: 76


  1. ____ lets networks use multiple private IPv4 addresses internally and maps them to one or more public IPv4 addresses externally.
a. DNS c. NAT
b. IP gateway d. VoIP
PTS:  1 REF: 76-77


  1. Multicast addresses in IPv6 use a(n) ____ to define the portion of the Internet to which the multicast group pertains.
a. scope identifier c. loopback identifier
b. interface identifier d. aggregatable global unicast address
PTS:  1 REF: 80













  1. Previously, IPv6 specified that interface identifiers followed the modified ____ format, which specifies a unique 64-bit interface identifier for each interface.
a. RFC 4941 c. EULA-64
b. EUI-64 d. IEEE 802.64v6
PTS:  1 REF: 80


  1. In IPv6, the ____ address is all zeroes and can be represented as two colon characters (::) in normal notation.
a. anycast c. multicast
b. broadcast d. unspecified
PTS:  1 REF: 82




  1. The physical numeric address functions at a sublayer of the Data Link layer in the OSI network reference model, called the ____________________.



  1. ____________________ informs the network interface card to pass packets sent to that address to the IP stack so their contents can be read, and tells the IP gateway to forward such traffic onto the physical network, where the listening network interface resides.



  1. The activity of stealing (borrowing) bits from the host portion to further subdivide the network portion of an address is called ____________________.



  1. ____________________ combines contiguous network addresses by stealing bits from the network portion and using them to create a single, larger contiguous address space for host addresses.


  1. In IPv6, _________________________ addresses are used to send an identical message to multiple hosts.







Match each item with a statement below.


  1. Solicited node address


  1. Anycast address


  1. Class E addresses


  1. 0.0.0


  1. 255.255.0


  1. Secure end-to-end connection


  1. ICANN


  1. Application specific integrated circuits


  1. Layer 3 switching



  1. used by switches to make decisions


  1. packets goes to the nearest single instance of this address


  1. default mask for Class A networks


  1. allows IP traffic to move in encrypted form between the sender and receiver without intermediate translation.
  2. manages all IP-related addresses, protocol numbers, and well-known port addresses, and also assigns MAC layer addresses for use in network interfaces


  1. default mask for Class C networks


  1. special type of multicast address used to support Neighbor Solicitation (NS)


  1. allows you to partition a large network into many smaller subnets, with almost no loss of performance
  2. used for experimental purposes only





  1. Briefly discuss IPs three-part addressing scheme.


  1. Why are concepts such as subnets and supernets important for TCP/IP networks?



  1. Briefly describe how to calculate subnet masks.



  1. What are the limitations of creating a CIDR address?
  2. What are the disadvantages of using private IP addresses?



  1. Most organizations need public IP addresses only for two classes of equipment. Briefly describe each of these classes.



  1. List the constraints that determine the number and size of networks.


hese are:


Number of physical locations


Number of network devices at each location Amount of broadcast traffic at each location Availability of IP addresses

Delay caused by routing from one network to another




  1. Give two reasons why you should use binary boundaries.








  1. What are some of the design goals for IPv6?



  1. How can you express native IPv6 addresses in URLs?



Chapter 3: Basic IP Packet Structures: Header and Payloads






  1. The Internet Protocol (IP) primarily works to transmit and deliver data between devices on internetworks.


REF:              110


  1. Because PHB is independent of how individual routers are configured, the end-to-end behavior of traffic is predictable.


REF:              114


  1. When a packet is sent between two ECN-capable routers, the packet is usually marked ECT(0) or ECT(10) for ECN Capable Transport.


REF:              116


  1. Though defined in terms of seconds, a TTL value is implemented as a number of hops that a packet can travel before being discarded by a router.


REF:              118


  1. Unlike IPv4 packets, IPv6 packets ensure that data or application information is successfully transported from a source to a destination node on a network.


REF:              121





  1. The header can be between 20 and ____ bytes in length, with total packet size up to 65,535 bytes in length.
a. 50 c. 70
b. 60 d. 80
PTS: 1 REF: 110
2.  There are ____ fields possible in the IPv4 header.
a. 14 c. 19
b. 15 d. 21
PTS: 1 REF: 111


  1. The Type of Service field actually has two components: Precedence and ____.


a. Trailer c. Payload
b. Type of Service d. Frame
PTS:  1 REF: 111


  1. The last bit of the entire Type Of Service field is reserved and set at 0, as specified by RFC ____.


a. 1129 c. 1349
b. 1294 d. 1439
PTS:  1 REF: 111






  1. RFC ____ defines a method for differentiating services for network traffic using the six high-order bits of the byte that was formerly the 3-bit Precedence field and the first bit of the TOS field.
a. 1212 c. 2156
b. 1974 d. 2474
PTS:  1 REF: 113


  1. The ____ field defines the length of the IP header and any valid data (although it does not include any data link padding).
a. Header Length c. Packet Length
b. Frame Length d. Total Length
PTS:  1 REF: 117


7. In networking terms, a packet抯 ____ is the remaining distance that the packet can travel.
a.  time to live (TTL) c. offset
b.  number of hops (NOH) d. remaining path
PTS: 1 REF: 118
8. In IPv4 the maximum time to live value is ____.
a. 64 c. 255
b. 128 d. 312
PTS: 1 REF: 118


  1. The specifications for IPv6, including the header format, were established in RFC 1883, which was subsequently made obsolete by RFC ____.
a. 1983 c. 2517
b. 2460 d. 3114
PTS:  1 REF: 121


  1. The fixed IPv6 header makes up the first ____ octets or 320 bits of the IPv6 packet.


a. 8 c. 32
b. 16 d. 40
PTS:  1 REF: 121


  1. The 8-bit ____ field is used by source network hosts and forwarding routers to distinguished classes or priorities in IPv6 packets.
a. Hop Limit c. Traffic Class
b. Payload Class d. Flow Label
PTS:  1 REF: 122


  1. RFC ____ is the proposed standard for the Flow Label specification and defines the minimum requirements for this field.
a. 3697 c. 4554
b. 4545 d. 5674
PTS:  1 REF: 123


  1. IPv6 jumbograms are specified in RFC ____ as a proposed standard.


a. 1100 c. 2314
b. 1700 d. 2675
PTS:  1 REF: 123






  1. The 8-bit ____ field specifies the header type of the header immediately following the IPv6 header.
a. Next Header c. Traffic Class
b. Payload Class d. Header Type
PTS:  1 REF: 123


  1. The value in the 8-bit ____ field decrements by one each time it is forwarded by a network node, and the IPv6 packet is discarded if the value in this field reaches 0.
a. Hop Count c. Hop Limit
b. Time to Live d. Time Limit
PTS:  1 REF: 125


  1. In IPv6, each extension header is identified by a specific ____ value.


a. Traffic Class c. Payload Header
b. Next Header d. Traffic Header
PTS:  1 REF: 127


  1. The ____ extension header is designed to carry information that affects routers along a path.


a. Hop-by-Hop Options c. Next Header Options
b. Jumbograms d. Traffic Class
PTS:  1 REF: 127


  1. The ____ extension header provides a method for extending the IPv6 header to support options for packet handling and preferences.
a. Extended Header Options c. Hop-by-Hop Options
b. Destination Options d. Next Payload Options
PTS:  1 REF: 127


  1. The fields of the Fragment extension header are almost identical to the IPv4 fragment fields except for the use of the ____ field.
a. Next Header c. Flags
b. Fragment Offset d. Reserved
PTS: 1 REF: 129
20.  In IPv6, the ____ extension header should be used to encrypt data.
a. Cryptographic c. Secure Payload
b. Authentication Data d. Encapsulating Security Payload
PTS: 1 REF: 131


  1. Jumbograms use the ____ extension header to add an alternate Packet Length field of 32 bytes.


a. Option Type c. Header Offset
b. Hop-by-Hop Options d. Next Packet Length
PTS:  1 REF: 132

















  1. A(n) _________________________ is a router buffering system used to hold packets when the router is congested.



  1. _________________________ was designed to provide devices with a method for notifying each other that a link is experiencing congestion before the routers start to drop packets.



  1. If the packet is a fragment, the _________________________ field shows where to place this packet抯 data when the fragments are reassembled into a single packet.



  1. A(n) _________________________ is a set of packets for which a source requires special handling by the intervening routers.



  1. _________________________ allow additional functionality to be implemented in an IPv6 packet.






Match each item with a statement below.
a. Version field f. Payload Length field
b. RFC 3248 g. Routing extension header
c. Header Checksum field h. Jumbogram
d. Ethernet CRC i. IPSec
  1. Padding


  1. used to make sure the IPv4 header ends at the 32-bit boundary


  1. data link error-detection mechanism


  1. provides a Delay Bound alternative revision for RFC 2598


  1. provides error detection on the contents of the IP header only


  1. describes the size of the IPv6 payload in octets, including any extension headers


  1. first field in the IPv4 header





  1. a very large packet


  1. supports strict or loose source routing for IPv6


  1. suite of add-in security protocols for IP-based networks





  1. Describe the IPv4 Header Length field.



  1. What is a real-time application (RTA)?



  1. What is the purpose of the Identification field in IPv4?


  1. Is packet fragmentation in IPv4 a good thing?



  1. Briefly describe the Protocol field in the IPv4 header.



  1. What are the general requirements for the Traffic Class field in an IPv6 header?



  1. What is the role of the Next Header field in IPv6?


  1. What is the recommended extension header ordering in IPv6?


  1. Briefly describe the IPv6 Authentication extension header.



  1. What is ? to4?


Chapter 4: Data Link and Network Layer TCP/IP Protocols






  1. ARP is used to obtain the hardware address of the destination IP hosts.


REF:  161


  1. If a packet with TTL=1 arrives at a router, the router must discard the packet because it cannot decrement the TTL to 0 and forward the packet.


REF:  180


  1. When a packet is fragmented, all fragments are given different TTL values.


REF:  181


  1. Routed protocols are Layer 1 protocols that are used to get packets through an internetwork.


REF:  188


  1. A network is usually said to be converged when all the routers know a loop-free path to get to all other networks.


REF:  193





  1. ____ is a general-purpose protocol that provides WAN data link encapsulation services similar to those available for LAN encapsulations.
a. Border Gateway Protocol c. Link Control Protocol
b. Point-to-Point Protocol d. Token ring
PTS:  1 REF: 158


2. A ____ is required to get the packet from one IP host to another IP host on a single network.
a. frame c. delimiter
b. hardware address d. data link
PTS: 1 REF: 163
3. ____ is a method that allows an IP host to use a simplified subnetting design.
a. Proxy ARP c. IPCP
b. Link Control d. IPCONFIG
PTS: 1 REF: 171
4. ____ is used to obtain an IP address for an associated data link address.
a. Proxy ARP c. Network Control
PTS: 1 REF: 171










  1. The primary function of ____ layer protocols is to move datagrams through an internetwork connected by routers.
a. Data link c. Network
b. Application d. Transport
PTS:  1 REF: 175


6. All IPv4 packets have a predefined lifetime indicated in each packet抯 ____ field.
a. Time To Live c. Protocol Identifier
b. Frame Check Sequence d. Flag
PTS: 1 REF: 180
7. The recommended starting TTL value is ____.
a. 64 c. 112
b. 72 d. 128
PTS: 1 REF: 180
8. The default TTL in Windows Server 2008, Windows Vista, and Windows 7 is ____.
a. 64 c. 112
b. 72 d. 128
PTS: 1 REF: 180


  1. IP fragmentation enables a larger packet to be automatically fragmented by a ____ into smaller packets to cross a link that supports a smaller MTU, such as an Ethernet link.
a. token c. repeater
b. router d. cable modem
PTS:  1 REF: 181


  1. On a network that is low on available bandwidth, the ____ process causes more traffic on the wire.


a. data encapsulation c. circuit switching
b. error-detection d. fragmentation retransmission
PTS:  1 REF: 183


  1. A router uses ____ to determine what packet to send when several packets are queued for transmission from a single-output interface.
a. proxy ARP c. preamble
b. precedence d. frames
PTS:  1 REF: 184


  1. Routers use ____ to select a routing path when there are multiple paths available.


a. tokens c. Type of Service
b. precedence d. repeaters
PTS:  1 REF: 184


  1. OSPF and ____ are two examples of routing protocols that support multiple types of services.


a. Border Gateway Protocol c. TOS
b. T-carrier d. IPCONFIG
PTS:  1 REF: 184









  1. A(n) ____ is a compilation of information about all the networks that the router can reach.


a. host c. black hole
b. routing table d. agent
PTS:  1 REF: 187


  1. A ____ routing protocol shares information about how far away all networks are to the destination.
a. triggered c. distance vector
b. link-state d. split horizon
PTS:  1 REF: 189


  1. ____ simply prevents a router from advertising a network on the same interface from which it learned that network.
a. System routing c. On-demand routing
b. Link state routing d. Split horizon
PTS:  1 REF: 191


  1. A(n) ____ occurs on a network when ICMP is turned off and a router discards packets without sending any notification about its actions.
a. black hole c. link state
b. agent d. distance vector
PTS:  1 REF: 196


18. ____ can summarize routing information before sending link-state packets to other networks.
a. Split horizons c. Backbone areas
b. Distance vectors d. Area border routers
PTS: 1 REF: 196
19. To connect autonomous systems, routers use ____.
a. distance vectors c. agents
b. exterior gateway protocols d. host routes
PTS: 1 REF: 197
20. In a RIPv2 packet, the ____ field contains a plain text password.
a. Authentication c. Next Hop
b. Route Tag d. Address Family
PTS: 1 REF: 213


  1. When a router is configured with ____, it watches for traffic on its LAN that does not match its own IP address.
a. link-state c. intra-domain routing
b. Local Area Mobility d. external route entry
PTS:  1 REF: 229

















  1. The ____________________ field is a two-byte field that provides bit-level integrity checks for data as sent.



  1. At the Data Link layer, protocol data units are called ____________________.



  1. The method distance vector protocols use to prevent packets from endlessly circulating around a routing loop is called ____________________.



  1. ____________________ is a technique for assigning costs to routes designed to prevent routing loops.



  1. ____________________ system routing enables BGP peer routers to exchange routing information across an AS that does not support BGP.






Match each item with a statement below.
a. Mobile IP f. ARP cache
b. Areas g. Target Hardware Address
c. BGP h. Route resolution process
d. RIPv1 routers i. Host route
  1. 1,518 bytes


  1. groups of contiguous networks


  1. broadcast RIP network announcements every 30 seconds


  1. enables an IP host to determine if the desired destination is local or remote.


  1. a distance vector routing protocol


  1. maintained in memory by IP hosts


  1. in ARP requests, this field is typically filled with all 0s


  1. a route entry with a 32-bit subnet mask





  1. defined by the IETF in RFCs 2003 through 2006 and RFC 3220


  1. maximum Ethernet frame size.





  1. What are the two most important jobs of the Data Link layer?



  1. WAN encapsulation of frames at the Data Link layer involves one or more services. Briefly discuss four of these services.


  1. Briefly describe the following fields in the PPP header and trailer: Flag, protocol identifier, and Frame Check Sequence.



  1. Briefly discuss the following Ethernet II frame type fields and structures: Preamble, Destination Address Field, Source Address Field, and Type Field.



  1. Provide a brief description of the two types of route table entries.


  1. Discuss the difference between the following ARP packet fields: Opcode field and the Protocol Type field.



  1. The Target Hardware Address field indicates the desired target抯 hardware address, if known. In ARP requests, this field is typically filled with all 0s. In ARP replies, what should this field contain?



  1. Briefly describe each of the eight levels of precedence.


  1. Discuss three ways in which a router entry can be placed in a routing table.



  1. How do link-state routing protocols differ from distance vector routing protocols?



Chapter 5: Internet Control Message Protocol






  1. The value 0 in the IP header Protocol field denotes that an ICMP header follows the IP header.


REF:  256


  1. ICMP packets contain only three required fields after the IP header: Type, Code, and Checksum.


REF:  257


  1. Routers send ICMP Redirect messages to hosts to indicate that a preferable route exists.


REF:  270


  1. Routers can use ICMP to provide a default gateway setting to a host (if the host requests assistance).


REF:  298


  1. With router advertising, the default Lifetime value for route entries is 10 minutes.


REF:  301





  1. For any network node to communicate and exchange data with another network node, some way of forwarding packets from the sender to receiver must exist. This concept is called ____.
a. response time c. reachability
b. route tracing d. network congestion
PTS:  1 REF: 254


  1. ____ messages serve to keep hosts apprised of networking conditions and problems, and equipped to use best paths around the network.
a. NTP c. ICMP
b. Path MTU d. GMT
PTS:  1 REF: 254


  1. The message type ____ supports functionality for reachability utilities like Ping and Tracert; essential when installing, configuring, and troubleshooting IP networks.
a. ICMP Echo/Echo Reply c. ICMP Time Exceeded
b. ICMP Source Quench d. ICMP Destination Unreachable
PTS:  1 REF: 255


  1. The message type ____ documents when routing or delivery errors prevent IP datagrams from reaching their destinations.
a. ICMP Echo/Echo Reply c. ICMP Time Exceeded
b. ICMP Source Quench d. ICMP Destination Unreachable
PTS:  1 REF: 255







5. The message type ____ permits a gateway (router) on a nonoptimal route between sender and
receiver to redirect traffic to a more optimal path.
a. ICMP Echo/Echo Reply c. ICMP Redirect
b. ICMP Source Quench d. ICMP Destination Unreachable
PTS: 1 REF: 255
6. The ICMP packet field____ provides error detection for the ICMP header only.
a. Checksum c. Host
b. Type d. Code
PTS: 1 REF: 260
7. ICMP Type ____ is used for Echo Request packets.
a. 2 c. 6
b. 4 d. 8
PTS: 1 REF: 264


  1. A host or router can send the ____ error message to indicate that the protocol defined in the IP header cannot be processed.
    • Code 2: Protocol Unreachable


  • Code 3:Port Unreachable


  • Code 4: Fragmentation Needed and Don抰 Fragment Was Set
  • Code 5: Source Route Failed


REF:  267


  1. There are two versions of the ____ ICMP reply – the standard version that simply states the packet had the Don抰 Fragment bit set when it reached a router that needed to fragment it, and the PMTU version that includes information about the restricting link.


  • Code 2: Protocol Unreachable


  • Code 3:Port Unreachable


  • Code 4: Fragmentation Needed and Don抰 Fragment Was Set
  • Code 5: Source Route Failed


REF:  268


  1. A router sends the ____ ICMP reply to indicate that the router cannot use the strict or loose source routing path specified in the original packet.
    • Code 2: Protocol Unreachable


  • Code 3:Port Unreachable


  • Code 4: Fragmentation Needed and Don抰 Fragment Was Set
  • Code 5: Source Route Failed


PTS: 1 REF: 268
11. A router or host may use ____ as a way to indicate that it is becoming congested or overloaded.
a. Checksum c. GMT
b. Source Quench d. PMTU
PTS: 1 REF: 270
12. The ____ utility uses route tracing to identify a path from the sender to the target host.
a. gateway c. firewalking
b. Traceroute d. auto-recovery
PTS: 1 REF: 293






  1. Using ICMP ____ and some manipulation of the TTL value in the IP header, Traceroute results provide a list of routers along a path, as well as the round-trip latency time to each router.
a. Echo Requests c. metrics
b. paths d. query messages
PTS:  1 REF: 293


  1. The ____ utility is a command-line utility that uses ICMP Echo packets to test router and link latency, as well as packet loss.
a. NTP c. Path MTU
b. Pathping d. Traceroute
PTS:  1 REF: 294


  1. ____ defines a method for discovering a Path MTU (PMTU) using ICMP.


a. RFC 1191 c. RFC 1542
b. RFC 1241 d. RFC 1577
PTS:  1 REF: 294


  1. ____ enables a source to learn the currently supported MTU across an entire path, without requiring fragmentation.
a. Firewalking c. Pathping
b. Traceroute d. PMTU Discovery
PTS:  1 REF: 294-295


  1. ____ typically learn about routes through manual configuration of the default gateway parameter and redirection messages.
a. Packets c. Ports
b. Firewalls d. IP hosts
PTS:  1 REF: 298


  1. Although RFC ____ dictates that IP routers搈 ust support the router part of the ICMP Router Discovery protocol on all connected networks on which the router supports either IP multicast or IP broadcast addressing,? many do not.
a. 1812 c. 1955
b. 1900 d. 1972
PTS:  1 REF: 299


  1. If configured to do so, routers periodically send unsolicited ICMP Router Advertisements to the all-hosts multicast address ____.
a. c.
b. d.
PTS:  1 REF: 301


  1. Hackers can use ____ as part of a reconnaissance process to learn about active network addresses and active processes.
a. availability c. auto recovery
b. ICMP d. presence
PTS:  1 REF: 302










  1. A(n) ____ process is one method of obtaining a list of the active hosts on a network.


a. ICMP query c. IP address scanning
b. query d. firewalking
PTS:  1 REF: 303




  1. ICMP Type ____________________ is used for Echo Reply packets.



  1. Two of the most well-known utilities, Ping and Traceroute, rely on ICMP to perform connectivity tests and ____________________.



  1. The PMTU specification defined in RFC 1191 requires the PMTU host to try periodically a larger MTU to see if the ____________________ has increased.



  1. An IP ____________________ is performed by sending a ping packet (ICMP Echo Request packet) to each host within a range and noting the responses.



  1. ____________________ describes the concept of walking a firewall ACL or ruleset to determine what it filters, and how.







Match each item with a statement below.


  1. Network congestion


  1. RFC 792


  1. ICMP Source Quench


  1. Ping


  1. ICMP Echo Request


  1. Black hole router


  1. IPv6-AUTH


  1. Code 6: Destination Network Unknown


  1. RFC 1885



  1. first published in 1981, defines the primary functions of, and blueprints for, ICMP messages to this day





  1. a form of ICMP Echo communication


  1. manages authentication for ICMPv6 packet exchanges


  1. occurs when network traffic starts to exceed handling capacities


  1. silently discards packets without indicating any cause, thereby thwarting auto-recovery or auto-reconfiguration attempts


  1. this ICMP packet is obsolete


  1. a connectionless process with no guarantee of delivery


  1. original specification of ICMPv6


  1. permits a gateway to instruct a sending host to adjust (lower) its sending rate to ease congestion problems





  1. What is the purpose of the following ICMP message types: ICMP Redirect, ICMP Time Exceeded, and ICMP Parameter Problem?


  1. According to RFC 792, what is the relationship between IP and ICMP?



  1. What are the characteristics of the following packets: Windows 2008, Windows Vista, and Windows 7 Ping?



  1. Briefly define the following codes, currently assigned to the ICMP Destination Unreachable type number: Code 2: Protocol Unreachable, Code 3:Port Unreachable, and Code 5: Source Route Failed.


  1. Briefly describe the fields that are included in the ICMPv4 Router Advertisement packets (after the ICMP Checksum field).



  1. Briefly describe an ICMP redirect attack.



  1. Briefly describe an ICMP router discovery attack.


  1. How does inverse mapping determine live targets on a network?



  1. What is firewalking?



  1. Describe some of the security issues for ICMPv6.


Chapter 6: Neighbor Discovery in IPv6






  1. Neighbor Discovery has five functional processes.


REF:  322


  1. Upon start-up, Neighbor Discovery collects information about how nodes configure their IPv6 addresses to communicate on the network.


REF:  322


  1. Neighbor Discovery makes abundant use of messages.


REF:  323


  1. ND takes over the functions that ARP and Reverse ARP handled in IPv4.


REF:  323


  1. Home Agents may include the Home Agent Information option in their Router Advertisement messages, but it should not be included if the Home Agent (H) bit is not set.


PTS: 1 REF: 344
1. The IPv6 Neighbor Discovery (ND) protocol is specified in RFC 4861 and RFC ____.
a. 4191 c. 5942
b. 4917 d. 6275
PTS: 1 REF: 322
2. ____ uses ICMPv6 type 133 messages.
a. Router Solicitation c. Neighbor Advertisement
b. Router Advertisement d. Neighbor Solicitation
PTS: 1 REF: 322
3. ____ uses ICMPv6 type 134 messages.
a. Router Solicitation c. Neighbor Advertisement
b. Router Advertisement d. Neighbor Solicitation
PTS: 1 REF: 322
4. ____ uses ICMPv6 type 135 messages.
a. Router Solicitation c. Neighbor Advertisement
b. Router Advertisement d. Neighbor Solicitation
PTS: 1 REF: 322











5. ____ uses ICMPv6 type 136 messages.
a. Router Solicitation c. Neighbor Advertisement
b. Router Advertisement d. Neighbor Solicitation
PTS: 1 REF: 322
6. ____ use ICMPv6 type 137 messages.
a. Router Solicitation c. Neighbor Advertisement
b. Router Advertisement d. Redirect
PTS: 1 REF: 322
7. ND makes use of multicast addresses, such as the 揰 ___? address with link-local scope (FF02::2).
a. all nodes c. all proxies
b. all routers d. all domains
PTS: 1 REF: 323
8. ND makes use of multicast addresses, such as the 揰 ___? address with link-local scope (FF02::1).
a. all nodes c. all proxies
b. all routers d. all domains
PTS: 1 REF: 323


  1. Neighbor Discovery performs many of the functions that ICMP Router Discovery and ICMP ____


handled in IPv4.

a. Neighbor Solicitation c. Node Discovery
b. Host Discovery d. Redirect
PTS: 1 REF: 323
10.  IPv6 Neighbor Solicitation protocol can be compared with IPv4 ____.
a. ARP Request c. Router Advertisement
b. Router Solicitation d. Redirect
PTS: 1 REF: 323
11.  IPv6 Router Advertisement protocol can be compared with IPv4 ____.
a. ARP Request c. Router Advertisement
b. Router Solicitation d. Redirect
PTS: 1 REF: 323


  1. IPv6 Duplicate Address Detection protocol can be compared with IPv4 ____.


a. ARP Request c. Router Advertisement
b. Gratuitous ARP d. Redirect
PTS:  1 REF: 323


  1. In the ICMPv6 Router Solicitation message, the ____ field is an unused field that is set to 0 by the source node and ignored by the destination node.
a. Reserved c. Checksum
b. Options d. Type
PTS:  1 REF: 324










  1. By default, IPv6 nodes will send a ____ multicast request for configuration parameters immediately upon start-up.
a. Router Advertisement c. Neighbor Advertisement
b. Router Solicitation d. Neighbor Solicitation
PTS:  1 REF: 325


  1. Routers periodically send ____ messages to inform hosts of link prefixes (if address autoconfiguration is enabled), link MTU, valid and preferred lifetimes, and other possible options.
a. Router Solicitation c. Router Advertisement
b. Neighbor Advertisement d. Neighbor Solicitation
PTS:  1 REF: 326


  1. ____ help keep local routing optimized in the face of changing conditions and also reflect status as various destinations come on- and off-link.
a. Route Advertisement c. Route Solicitation
b. Neighbor Advertisement d. Redirects
PTS:  1 REF: 335


  1. The Target Link-Layer Address option is used in Neighbor Advertisement and ____ messages.


a. Neighbor Advertisement c. Router Solicitation
b. Router Advertisement d. Neighbor Solicitation
PTS:  1 REF: 337


  1. The ____ option is sent in Router Advertisement messages to provide a common MTU value for nodes on the same network segment.
a. Prefix Information c. Redirected Header
b. Target Link-Layer Address d. MTU
PTS:  1 REF: 341


  1. The ____ option, if included, is used in Mobile IPv6 by mobile nodes receiving Router Advertisement messages for their movement detection algorithm.
a. Target Link Layer Address c. Advertisement Interval
b. Redirected Header d. Home Agent Information
PTS:  1 REF: 343


  1. A node invokes the ____ process when it wants to send a packet to an on-link neighbor but the sender does not know the link-layer address for the target node.
a. Address Resolution c. Router Discovery
b. Duplicate Address Detection d. Redirect Function
PTS:  1 REF: 348


  1. ____ is used by nodes to discover neighbor routers on the local link, learn prefixes, configure their default gateway, and other possible configuration parameters relating to autoconfiguration (stateless or stateful) useful to the node.
a. Address Resolution c. Router Discovery
b. Duplicate Address Detection d. Redirect Function
PTS:  1 REF: 352












  1. A router might use ____________________ messages to balance traffic loads across multiple interfaces.



  1. The ____________________ address is a multicast address with link-local scope that helps reduce the number of multicast groups to which nodes must subscribe to make themselves available for solicitation by other nodes on their local links.



  1. Routers reply to Router Solicitation messages received by a node using ____________________





  1. A node can send a(n) ____________________ message to find (or verify) the link-layer address of a local node, to see if a node is still available, or to check that its own address is not already in use by another node.



  1. Routers send ____________________ messages to inform a host of a better first-hop router for a destination.






Match each item with a statement below.
a. Neighbor Discovery f. Source Link-Layer Address
b. Duplicate Address Detection g. Redirected Header
c. IPv6 nodes h. Route Information
d. Routers i. Route Lifetime
  1. M Flag


  1. option used in Neighbor Solicitation, Router Solicitation, and Redirect messages


  1. forward IPv6 packets not addressed to themselves


  1. 32-bit unsigned integer; it indicates the valid lifetime, in seconds, that the prefix is valid for route determination


  1. contains all or part of the original IPv6 packet being redirected


  1. devices that implement the IPv6 protocol







  1. 1-bit Managed Address Configuration flag set to indicate that addresses are available through DHCPv6
  2. ICMPv6 processes used specifically to initiate and maintain node-to-node communications on a network


  1. option sent in Router Advertisement messages to specify individual routes for hosts to add to their Default Router List
  2. checks that its own address is not in use by another node





  1. Briefly describe the following ICMPv6 message types: Router Solicitation, Router Advertisement, and Redirect.


  1. Briefly describe the following ICMPv6 message types: Neighbor Solicitation and Neighbor Advertisement.



  1. What information does an IPv6 Router Solicitation message contain for Ethernet interfaces?
  2. What information does an IPv6 Router Advertisement message contain for Ethernet interfaces?


  1. What information does an IPv6 Neighbor Solicitation message contain for Ethernet interfaces?



  1. What is a conceptual host model?


  1. What neighbor data should be stored on a host?



  1. Briefly describe the conceptual sending algorithm.



  1. What are the processes involved with Neighbor Discovery?


  1. What are the five stages for a neighbor cache entry defined in RFC 4861?


Chapter 7: IP Address Autoconfiguration






  1. DHCP delivers the necessary configuration information to clients to tell them the addresses of their IP gateways.


REF:  373


  1. DHCP can exclude individual addresses or address ranges from dynamic allocation to client machines.


REF:  374


  1. Clients have static IP addresses because their DNS entries must stay consistent.


REF:  377


  1. Clients ordinarily attempt to renew existing releases by default, but you can instruct a DHCP server to deny lease renewals, or even cancel leases, when necessary.


REF:  377


  1. The DHCP specification, RFC 2131, defines the default value for T1 as: 95 * duration_of_lease


REF:  385





  1. ____ is a service that provides a way for a client computer that lacks an IP address assignment to request one from any listening DHCP server – without the help of an administrator.
PTS:  1 REF: 373


  1. ____ was developed in the 1970s as a way to provide sufficient network access so diskless workstations could access startup information across the network, instead of reading it from a local disk drive.
PTS:  1 REF: 373


  1. DHCP servers can manage one or more ranges of IP addresses, each of which may be called a(n)



a. address pool c. release
b. relay agent d. local agent
PTS:  1 REF: 374











  1. If no DHCP server is present in some broadcast domain, a special piece of software called


a(n)____ must be present in that broadcast domain.
a. broadcast bit c. DHCP relay agent
b. address pool d. address scope
PTS:  1 REF: 374


  1. The ____ software, or other similar software available for most other modern operating systems, is enabled at a client machine when you select the Obtain an IP address automatically option in the Internet Protocol (TCP/IP) Properties window.
a. DHCP relay agent c. DHCP client
b. DHCP server d. DHCP router
PTS:  1 REF: 376


  1. The job of the DHCP ____ software is to intercept address requests on a local cable segment and repackage those requests as a unicast to one or more DHCP servers.
a. relay agent c. client
b. cluster d. router
PTS:  1 REF: 376


  1. With a(n) ____ the administrator explicitly assigns an IP address manually by associating a client抯 hardware address with a specific IP address to be leased to that client.
a. dynamic address lease c. IP gateway
b. manual address lease d. discovery broadcast
PTS:  1 REF: 376


  1. A(n) ____ is used to assign addresses to clients or other machines when fixed IP addresses are not required.
a. dynamic address lease c. IP gateway
b. manual address lease d. discovery broadcast
PTS:  1 REF: 377


  1. ____ have static IP addresses because their addresses are key parts of any subnet抯 IP configuration.
a. Clients c. Broadcast bits
b. Relay agents d. Routers
PTS:  1 REF: 377


  1. ____ use dynamic IP addresses because they initiate the connections to the servers, and the servers simply respond to the clients based on the clients? IP addresses.
a. Clients c. IP gateways
b. Routers d. Servers
PTS:  1 REF: 377


  1. When a DHCP client boots up, it performs a Standard ____ to enable it to communicate on the network.
a. Address Discovery c. Router Discovery
b. Client Discovery d. Packet Discovery
PTS:  1 REF: 380









  1. The ____ packet includes the IP address that is offered to the client and, sometimes, answers to the requested options in the DHCP Discover packet.
a. Acknowledgement c. Request
b. Offer d. Discover
PTS:  1 REF: 382


  1. The ____ packet is sent from the server to the client to indicate the completion of the four-packet DHCP Discovery process.
a. Acknowledgement c. Request
b. Offer d. Discover
PTS:  1 REF: 383


  1. ____ is defined as the time that the client tries to renew its network address by contacting the DHCP server that sent the original address to the client.
a. R1 c. T1
b. T2 d. R2
PTS:  1 REF: 385


  1. ____ is defined as the time that the client begins to broadcast a renewal request for an extended lease time from another DHCP server.
a. R1 c. T1
b. T2 d. R2
PTS:  1 REF: 385


  1. The ____ field is set to 0 by the client and may be used by relay agents as they assist a client in obtaining an IP address and/or configuration information.
a. Hardware c. Flags
b. Hops d. Transaction ID Number
PTS:  1 REF: 388


  1. The ____ field contains a random number selected by the client and is used to match requests and responses between the client and server.
a. Your IP Address c. Flags
b. Hops d. Transaction ID Number
PTS: 1 REF: 388
18.  The ____ field contains the address being offered by the DHCP server.
a. Your IP Address c. Flags
b. Hops d. Transaction ID Number
PTS: 1 REF: 388


  1. The DHCP ____ process relies heavily on broadcasts, but most routers do not forward broadcasts.


a. discovery c. request
b. lease d. boot
PTS:  1 REF: 393













20. Microsoft Windows Server 2008 R2 support the creation of a DHCP ____.
a. VoIP c. superscope
b. class d. router
PTS: 1 REF: 419
21. One good way to troubleshoot DHCP is to use a ____.
a. relay agent c. firewall
b. router d. protocol analyzer
PTS: 1 REF: 425




  1. DHCP traces its origins back to an earlier protocol named ____________________.



  1. ____________________ allows two or more servers to be managed as a single system.



  1. During the DHCP Discovery process, the client broadcasts a Discover packet that identifies the client抯



  1. ____________________ are a collection of scopes that contain sets of non-consecutive IP addresses that can be assigned to a single network.



  1. The command ____________________ , in the IPCONFIG utility, releases the IP address for the specified adapter.

















Match each item with a statement below.
a. ipconfig /renew6 f. Windows clustering
b. BOOTP g. Preferred address
c. Leases h. Stateless autoconfiguration
d. APIPA i. DHCP options
  1. DHCP Discovery


  1. defined in RFC 951


  1. relies on an initial DHCP broadcast


  1. simply presents required router configuration information to all comers


  1. provides failover detection of an application or server and automatically transfers the server role to an alternate server
  2. renews the IPv6 address for the specified adapter


  1. used to expand the data that is included in the DHCP packet


  1. play an integral role in how you run your network


  1. in IPv6, this refers to the one address, among the many that may be associated with the same interface, whose use by higher-layer protocols is unrestricted
  2. dynamic configuration of IPv4 link-local addresses








































  1. Provide a brief description of how DHCP works from a client perspective.



  1. How do the lengths of leases vary?


  1. What is the difference between the DHCP server software and the DHCP client software?



  1. What is the difference between a manual address lease and a dynamic address lease?



  1. How does DHCP integrate with DNS?


  1. List the four packets used by DHCP Discovery.



  1. What is the difference between the Operation Code (OPCODE) field and the Hardware Type Field?



  1. List the message types used by the DHCP boot sequence.


  1. What are the most significant differences of DHCPv6 from earlier versions?


  1. Briefly describe how to combine stateful and stateless address autoconfiguration.


Chapter 8: Name Resolution on IP Networks






  1. The structure of the DNS database mirrors the structure of the domain namespace itself.


REF:  450


  1. Twenty-six root name servers (named A.ROOT-SERVERS.NET., B.ROOT-SERVERS.NET., etc.) act as the top of the DNS hierarchy worldwide. They provide the ultimate source for all name lookups that cannot be resolved through other means.


REF:  451


  1. Domains (such as com) can be broken into subdomains (such as, as needed.


REF:  452


  1. When a TCP/IP client uses a resolver to send a name query to a DNS server, that client obtains the address for the DNS server it queries from its TCP/IP configuration data.


REF:  455


  1. Not all the data in a DNS cache has an expiration value.


REF:  458





  1. By ____ DNS data from one or more database segments on one or more DNS servers, DNS also provides a mechanism whereby it can attempt to satisfy name resolution requests locally before attempting them remotely, thereby greatly improving the speed of such name resolution.
a. transferring c. resolving
b. caching d. spoofing
PTS:  1 REF: 450


  1. Data associated with domain names, address records, and other specific data of interest to the Domain Name System is stored on a DNS server in special database records called ____.
a. hosts c. zones
b. resource records d. primary master
PTS: 1 REF: 452
3.  A ____ record is used to create aliases.
a. canonical name c. name server
b. mail exchange d. pointer
PTS: 1 REF: 452












  1. A ____ record is used to route SMTP-based e-mail on the Internet and identify the IP address for a domain抯 master e-mail server.
a. canonical name c. name server
b. mail exchange d. pointer
PTS:  1 REF: 452


  1. A(n) ____ record stores IP address-to-domain name translation data and supports the operation known as a reverse DNS lookup.
a. well-known services c. pointer
b. text d. host information
PTS:  1 REF: 452


  1. A(n) ____ record lists the IP-based services, such as Telnet, FTP, HTTP, and so forth, that an Internet host can supply.
a. well-known services c. name server
b. text d. host information
PTS:  1 REF: 453


  1. A(n) ____ record may be used to add arbitrary text information to a DNS database, usually for documentation.
a. well-known services c. pointer
b. text d. host information
PTS:  1 REF: 453


  1. ____ store recently accessed DNS records from other domains to avoid incurring the performance overhead involved in making a remote query each time a resource outside the local domain is accessed.
a. Name resolvers c. Subdomains
b. Primary DNS servers d. Caching servers
PTS:  1 REF: 454


  1. It is important to understand that the zone data on a secondary server always originates from a(n)


____ server.

a. caching c. name
b. incremental d. primary
PTS:  1 REF: 454


  1. A(n) ____ is usually some application or service that encounters a domain name for which it needs an IP address.
a. address request c. caching server
b. TCP/IP client d. DNS client
PTS:  1 REF: 455


  1. Most DNS resolvers issue what is called a(n) ____ from the client side.


a. recursive query c. nslookup
b. address query d. name query
PTS:  1 REF: 456










  1. A ____ is a query that keeps working until an answer of some kind is forthcoming.


a. domain query c. recursive query
b. reverse query d. NSLOOKUP query
PTS:  1 REF: 456


  1. When one DNS server receives a recursive request, that DNS server issues what are called ____ to the name servers in its hierarchy, or to servers provided as pointers in reply to earlier requests, until an answer is received.
a. caching queries c. domain queries
b. address queries d. iterative queries
PTS:  1 REF: 457


  1. ____ requests always go to the name server that is authoritative for the domain that contains the requested name or address to make completely sure data is obtained directly from the source.
a. Root server c. Mail server
b. Client server d. Cache server
PTS:  1 REF: 458


  1. DNS servers cache name and address pairs for addresses they resolved, and they keep information about name requests that result in error messages. This kind of information is called ____.
a. DNS round robin c. negative caching
b. name resolution d. IP spoofing
PTS:  1 REF: 458


  1. Files that map addresses to domain names for reverse lookups are usually called ____.


a. c. tree.dn
b. domain.dns d. clearlake.dns
PTS:  1 REF: 459


  1. Configuring how a DNS server responds to requests for name-to-address resolution where one domain name corresponds to multiple IP addresses sits at the heart of a technique called ____.
a. IP spoofing c. FQDN
b. name resolution d. DNS round robin
PTS:  1 REF: 461


  1. The records in the ____ file are provided to support reverse DNS lookups.


a. arpa.addr c. cname.addr
b. db.addr d. dns.addr
PTS:  1 REF: 462


  1. DNS ____ is responsible for initiating and sequencing DNS queries that result in name resolution for an application running on the computer.
a. name resolver c. primary master
b. subdomain d. caching server
PTS:  1 REF: 476













  1. By default, ____ queries the default name server specified in the current machine抯 TCP/IP configuration.
a. nslookup c. multi-homed
b. mail exchange d. IP
PTS:  1 REF: 491


  1. The ____ command provides access to all kinds of DNS information, either from the current default server, or from a server whose name or IP address you provide as an argument to this command.
a. nslookup c. multi-homed
b. mail exchange d. IP
PTS:  1 REF: 491




  1. The ____________________ is distinguished from other name servers for a domain by its ability to always read its data from a zone file on disk when the DNS service starts up.



  1. A(n) ____________________ gets its data for the zone from the master server for that zone.
  2. ____________________ DNS servers are important because they provide a back-up copy of the domain database for a specific zone.



  1. A(n) ____________________ seeks to resolve a domain name to a corresponding numeric IP address: it simply provides a symbolic domain name, and expects a numeric IP address in return.



  1. A name query seeks to resolve an address to a domain name, and is also known as a(n)













Match each item with a statement below.
a. JEEVES f. SOA record
b. LLMNR g. Reverse address lookups
c. PNRP h. Robust DNS
d. Caching-only server i. .com
  1. CNAME records


  1. name resolution method used when DNS servers are not available on the network


  1. allow you to define aliases for hosts in your zone, mostly as a convenience to make entering such data inside zone files more efficient


  1. resilient in the face of errors and failures


  1. Microsoft Windows IPv6 proprietary peer-to-peer name resolution system


  1. used primarily to determine if the IP address that a user presents matches the domain name from which the user claims to originate
  2. first reference implementation of DNS


  1. used primarily for commercial organizations


  1. first entry in any DNS file


  1. goal is to speed access to specific domain names by storing a copy of the lookup data locally, while providing neither primary nor secondary DNS server functions







































  1. What are the advantages of DNS?



  1. Briefly define six of the nine most commonly used resource record types.


  1. What is the difference between a recursive query and an iterative query?



  1. Why do some recursive queries involve a root server?


  1. What are some of the disadvantages of a round robin DNS?



  1. What is the purpose of the destination address selection algorithm?


  1. Provide a high-level description of the address selection process from end-to-end.



  1. Resolvers interpret responses from the name servers that they query, regardless of whether those responses contain resource record data or error messages. What are the possible causes of these errors?


  1. What are some of the shortcomings of DNS?


  1. Briefly discuss how to use nslookup with IPv6.


Chapter 9: TCP/IP Transport Layer Protocols






  1. UDP offers connection-oriented services with sequencing, error recovery, and a sliding window mechanism.


REF:  517


  1. UDP is the only connectionless TCP/IP protocol at the Transport layer.


REF:  519


  1. When the Protocol field of an IP header contains the value 17 (0x11), the UDP header follows the IP header.


REF:  520


  1. TCP half-open connections occur when the handshake process does not end successfully with a final ACK.


REF:  531


  1. TCP keep-alives are enabled by default on Windows XP, Windows Vista, Windows 7, Windows Server 2003, and Windows Server 2008, although any application may disable TCP keep-alives, if desired by its programmer.


REF:  532





  1. ____ provide the simplest kind of transport services because they simply package messages, taken as is from the TCP/IP Application layer, into datagrams.
a. Core services c. Logical connections
b. Port numbers d. Connectionless protocols
PTS:  1 REF: 514


  1. ____ is a simple protocol that is used by applications that contain their own connection-oriented timeout values and retry counters, similar to those provided by TCP.
a. UDP c. RTO
b. DoS d. MSS
PTS:  1 REF: 514


  1. UDP runs up to ____ percent faster than TCP, under some conditions, because it does next to nothing.
a. 20 c. 40
b. 30 d. 50
PTS:  1 REF: 515











4. TCP hosts create a virtual connection with each other using a ____.
a. sliding window c. teardown sequence
b. handshake process d. retry mechanism
PTS: 1 REF: 517
5. Dynamic ports are used as ____ for specific communications while they are underway.
a. temporary ports c. byte streams
b. core services d. lost segments
PTS: 1 REF: 521


  1. The ____ field value defines the destination application or process that uses the IP and UDP headers.
a. Checksum c. Length
b. Dynamic Port Number d. Destination Port Number
PTS:  1 REF: 522


  1. The ____ field defines the length of the packet from the UDP header to the end of valid data (not including any data link padding, if padding is required).
a. Checksum c. Length
b. Dynamic Port Number d. Destination Port Number
PTS:  1 REF: 522


  1. Once a TCP connection is established, a ____ can maintain the connection when there is no data sent across the wire.
a. watchdog process c. keep-alive process
b. core service d. handshake process
PTS: 1 REF: 532
9.  The TCP connection termination process requires ____ packets.
a. one c. three
b. two d. four
PTS: 1 REF: 533


  1. The ____ process guarantees that packets are ordered properly and protects against missing segments.
a. watchdog c. handshake
b. keep-alive d. sequence and acknowledgement
PTS: 1 REF: 535
11.  ____ is the overloading of the network or a receiver.
a. Sequence number tracking c. Congestion
b. Buffering d. Windowing
PTS: 1 REF: 538


  1. Overloading a receiver occurs when the number of data bytes is greater than the ____.


a. advertised window c. sliding window
b. bandwidth d. ephemeral port
PTS:  1 REF: 538








  1. TCP supports ____ – the process of sending numerous data packets in sequence without waiting for an intervening acknowledgment.
a. retries c. windowing
b. sequence number tracking d. error recovery
PTS:  1 REF: 538


  1. ____ is detected whenever three or more duplicate ACK packets (known as a triple-ACK) or timeout events occur, and timeout events are considered more serious than duplicate acknowledgements.
a. Logical connection c. Retransmission
b. Congestion d. Windowing
PTS:  1 REF: 539


  1. When an out-of-order data segment is received, the Fast Retransmit process requires the receiver to immediately send ____.
a. duplicate ACKs c. byte streams
b. core services d. lost segments
PTS:  1 REF: 539


  1. The Fast Recovery process dictates that when a host receives three duplicate ACKs, it must immediately start retransmitting the ____ without waiting for the retransmission timer to expire.
a. duplicate ACKs c. byte streams
b. core services d. lost segments
PTS:  1 REF: 539


  1. TCP supports a ____ mechanism, which is a management method for data transmission used to determine the amount of unacknowledged data that can go out on the wire from any sender.
a. congestion c. sliding window
b. retry d. watchdog
PTS:  1 REF: 540


  1. ____ is caused when enough data is sent to a TCP host to fill its receiver buffer, thereby putting the receiver in a zero-window state.
a. DoS c. Time Wait delay
b. Silly Window Syndrome d. Retransmission timeout
PTS:  1 REF: 541


  1. The initial sequence number used in a TCP connection is defined by the ____ and, for security purposes, should be randomly assigned.
a. host c. port
b. packet d. segment
PTS:  1 REF: 543


  1. The ____ flag is used to indicate that the host completed a transaction.


a. Reset c. SYN
b. FIN d. URG
PTS:  1 REF: 543










  1. By default, Windows Vista, Windows 7, and Windows Server 2008 support a port range of 49152 to ____.
a. 55874 c. 61000
b. 58314 d. 65535
PTS:  1 REF: 524




  1. Because of ____________________抯 end-to-end reliability and flexibility, it is the preferred transport method for applications that transfer large quantities of data and require reliable delivery services.



  1. ____________________ defines the range of numbers that identifies dynamic ports.



  1. The ____________________ window is always the lesser of what the network and receiver can handle.



  1. TCP has four defined congestion control mechanisms to ensure the most efficient use of


____________________ along with quick error and congestion recovery.



  1. The ____________________ pseudo-header consists of three fields taken from the IP header: the IP Source Address field value, the IP Destination Address field value, and the Protocol field value.




Match each item with a statement below.


  1. Well-known port numbers


  1. UDP port number 520


  1. TCP port number 520


  1. TCP


  1. Retransmission timer



  1. Nagle algorithm


  1. Sequence number field


  1. Acknowledgement number field


  1. Window size field



  1. assigned to the Router Information Protocol


  1. a connection-oriented protocol


  1. contains a number that uniquely identifies the TCP segment


  1. assigned to the Extended File Name Server process


  1. indicates the size of the TCP receiver buffer in bytes


  1. indicates the next expected sequence number from the other side of the communication


  1. specifies that when small data segments are being sent, but not acknowledged, no other small segments can be sent


  1. assigned to the key or core services that systems offer


  1. the first error-detection and error-recovery mechanism





  1. Briefly discuss the type of tasks typically handled by connectionless protocols.


  1. What are the functions of a connection-oriented protocol?



  1. Briefly discuss four limitations of UDP.


  1. List the fields contained in the UDP header.



  1. Briefly describe the TCP startup connection process.



  1. What is the order of the half-open connection communication sequence?



  1. Briefly describe the following TCP connection states: LISTEN, SYN SENT, SYN RECD, AND CLOSE WAIT.


  1. List the two TCP control mechanisms, as defined in RFC 2581.



  1. Briefly define the following TCP flag settings: URG (Urgent), ACK (Acknowledgement), and PSH(Push).



  1. What is the difference between the window size field and the urgent pointer field?


Chapter 10: Transitioning from IPv4 to IPv6: Interoperation






  1. The obvious solution to an Internet running two versions of IP is to have it populated by hosts and routers that also run two versions of IP.


REF:  564


  1. By default, application services such as DNS, DHCP, and FTP are compatible with the IPv6 address space.


REF:  567


  1. The nested model could be used for an IPv6 site that requires one or more 搃slands? of IPv4 subnets.


REF:  571


  1. The transition from IPv4 to IPv6 requires that multiple stages occur in the move from a pure IPv4 environment to one that exclusively uses IPv6.


REF:  574


  1. Both dual-IP-layer and dual-stack architecture require IPv6-over-IPv6 tunneling to be effective as a transition mechanism.


REF:  577





  1. ____ is used throughout the industry today to provide translation between private IP addresses and public IP addresses.
a. 6to4 c. ISATAP
b. NAT d. Teredo
PTS:  1 REF: 566


  1. Windows Server 2008, Windows Vista, and Windows 7 support a TCP/IP implementation that integrates IPv4 and IPv6 in a dual-stack configuration that Microsoft calls its ____ TCP/IP stack.
a. Updated c. Next Generation
b. Version 2.0 d. Advanced
PTS:  1 REF: 568


  1. ____ addresses are composed of a valid 64-bit unicast address prefix and an IPv4 interface identifier.
a. ISATAP c. 6to4
b. Teredo d. 6over4
PTS:  1 REF: 568











  1. The ____ network model can represent a number of hybrid configurations, but it assumes that a site has a variety of different subnets, based on IP version implementation.
a. basic hybrid c. nested
b. transition hybrid d. true hybrid
PTS:  1 REF: 572


  1. The ____ specification describes two domains, an IPv4 domain and an IPv6 domain, joined by one or more IP/ICMP translators called XLATs.
PTS:  1 REF: 573


  1. SIIT defines a type of IPv6 address called ____ addresses that can be formatted as ::ffff:0:0:0/96 or ::ffff:0:a.b.c.d.
a. unique hybrid c. domain
b. transition d. IPv4 translated
PTS:  1 REF: 573


  1. A(n) ____ protocol for a host or router is implemented at the level of the device抯 operating system, allowing the device to support both IPv4 and IPv6, either as independent protocols or in a hybrid form.
a. dual-stack c. hybrid
b. dual-architecture d. transition
PTS:  1 REF: 574


  1. A network node possessing a(n) ____ architecture has both IPv4 and IPv6 protocols operating in a single Transport layer implementation.
a. dual-stack c. hybrid-layer
b. dual-IP-layer d. dual-transport
PTS:  1 REF: 575


  1. A computer possessing a(n) ____ architecture maintains separate stacks at both the Network and Transport layers.
a. hybrid-layer c. dual-IP-layer
b. dual-transport d. dual-stack
PTS:  1 REF: 576


  1. With IPv6-over-IPv4, when the IPv4 header is created, the protocol field value is set at ____ to indicate that it is an encapsulated IPv6 packet.
a. 37 c. 53
b. 41 d. 61
PTS:  1 REF: 578


  1. To transition name resolution services from IPv4 to IPv6 on a mixed network, DNS servers must be configured for dual stack and support both A records for IPv4 nodes and ____ records for IPv6 nodes to allow names to be resolved into addresses.
a. AAAA c. domain
b. master d. AA
PTS:  1 REF: 579







  1. The ____ node is responsible for reassembling any fragmented packets, removing the IPv4 header encapsulation, and processing the IPv6 packet.
a. encapsulator c. decapsulator
b. parser d. gateway
PTS:  1 REF: 580


  1. IPv4/IPv6-capable routers that are linked in an IPv4 routing infrastructure can tunnel IPv6 packets between each other by creating a(n) ____ path.
a. router-to-host c. host-to-router
b. end-to-end d. host-to-host
PTS:  1 REF: 580


  1. ____ tunneling requires that an administrator configure the end points of a tunnel.


a. Automatic c. Configured
b. Dynamic d. Managed
PTS:  1 REF: 580


  1. For a ____ tunnel, two IPv6 nodes are linked directly using a tunnel over an IPv4 network infrastructure.
  2. host-to-host c.    router-to-host


  1. router-to-router d.    host-to-router


REF:  582


  1. RFC 4213, which made RFC 2893 obsolete, removed references to ____ tunneling and the use of IPv4-compatible addresses.
a. managed c. static
b. configured d. automatic
PTS:  1 REF: 582


  1. ____ is used to connect dual-stack IPv4/IPv6 devices across IPv4 network infrastructures.


PTS:  1 REF: 583


  1. ISATAP nodes locate an ISATAP router by using address prefixes advertised by the ISATAP


____ that identifies the logical ISATAP subnet for the nodes.

a. proxy c. relay
b. gateway d. router
PTS:  1 REF: 585


  1. ISATAP nodes use the default route of ____ and set that address on their tunneling interface as the next-hop address for the link-local address of the router.
a. ::/0 c. ::/f
b. ff::/0 d. /0:ff::
PTS:  1 REF: 585













  1. A 6to4 ____ is a specialized device that acts as an IPv6/IPv4 router.


a. router c. node/router
b. relay d. host/router
PTS:  1 REF: 593


  1. A Teredo ____ is an IPv4/IPv6 node that is connected to both an IPv4 Internet and an IPv6 Internet using different interfaces.
a. client c. relay
b. host d. server
PTS:  1 REF: 597




  1. _____ means that one technology can work with another technology.
  2. The ____ network model can be considered an adaptation of the basic hybrid model.
  3. _____ was created as a replacement for NAT-PT, which was originally specified in RFC 2766 and subsequently documented in RFC 4966.



  1. _____ nodes allow a single computer to communicate to both IPv4-only and IPv6-only destination nodes without any tunneling mechanism in most cases, but often some form of tunneling must be deployed.


  1. The _____ is the node at the sending end of the tunnel, and it is responsible for encapsulating the IPv6 packet in an IPv4 header, then transmitting the packet in the tunnel.




Match each item with a statement below.
a. Dual-stack router f. IPv4/IPv6 transition mechanisms
b. 6to4 tunneling method g. Decapsulator
c. Teredo h. netsh interface command
d. Basic hybrid network model i. Potential Router List
  1. IP address parser


  1. contains a list of IPv4 addresses used to advertise the ISATAP interfaces of the routers used by nodes for filtering decisions
  2. used on Windows 7 to create a configured tunnel


  1. provides a connection between the IPv4 Internet and an office (or set of ISP customers) that already has made the switch to IPv6


  1. receiving node at the other end of the tunnel


  1. technologies designed to allow the protocols and network infrastructure elements to be used in the transition from one version of the Internet Protocol to the next
  2. an example of how IPv6-capable sites communicate with each other over the IPv4 Internet backbone
  3. permits IPv6 and IPv4 traffic to traverse one or more IPv4 NATs


  1. specified in RFC 3056


  1. attempts to translate an IPv4 address into its IPv6 equivalent






































  1. Briefly explain how to tunnel through the IPv4 cloud.




  1. What are some of the network elements that you must consider when transitioning to IPv6?



  1. What are some of the utilities designed to monitor, report on, and manage the network infrastructure?


  1. Briefly describe ? over4? addresses.



  1. Briefly describe the basic hybrid network model.



  1. Briefly describe the nested hybrid network model.



  1. Briefly describe IPv6-over-IPv4 tunneling.



  1. Briefly describe the Host-to-Router and Router-to-Host tunneling topology.



  1. Briefly describe ISATAP.



  1. Briefly describe 6to4 tunneling.
























Chapter 11: Deploying IPv6






  1. When applications are written, they usually call functions in standard libraries that implement network tasks.


REF:  616


  1. Most IPv4 drivers are old, which means that they are full of bugs.


REF:  617


  1. The reasons for which a company is deploying IPv6 should not determine the due dates and project funding.


REF:  618


  1. You do not have to perform IP subnetting in IPv6 because each subnet can support an extremely large number of hosts.


REF:  622


  1. Use of DHCPv6 for address assignment will result in a locally unique host identifier that changes when you move to a different network.


PTS: 1 REF: 623
1.  The key point with IPv6 deployments is that they use a new 揰 ___ layer? or 搑outed? protocol.
a. physical c. network
b. data d. transport
PTS: 1 REF: 616


  1. Network layer protocol functionality on hosts is mostly deployed as software in the form of ____.


a. ASICs c. firmware
b. NICs d. drivers
PTS:  1 REF: 616


  1. BGP has reserved a range of Autonomous System Numbers (ASNs) for private use that work much like so-called 損 rivate IP addresses? described in RFC ____.
a. 1718 c. 2021
b. 1918 d. 2322
PTS:  1 REF: 620


  1. A(n) ____ connection has uplinks to two or more switches, service providers, or other systems.


a. multihomed c. enterprise
b. external d. hub
PTS:  1 REF: 620







  1. ____ allows you to reduce the size of the routing table by having one large prefix entry point the way to many smaller ones that share the same next hop.
a. Clustering c. Multihoming
b. Chaining d. Summarization
PTS:  1 REF: 621


  1. In IPv6, ____ is the ability to move from one network to another while retaining an IP address and ongoing sessions.
a. mobility c. multihoming
b. summarization d. single-homing
PTS:  1 REF: 621


  1. ____ address autoconfiguration is accomplished via a new version of DHCP known as DHCPv6.


a. Stateless c. Aware
b. Stateful d. Awareless
PTS:  1 REF: 622


  1. Stateless address autoconfiguration is defined in the aptly named RFC ____, 揑Pv6 Stateless Address Autoconfiguration.?
a. 3314 c. 4862
b. 3786 d. 5123
PTS: 1 REF: 622
9. QoS in IPv6 is basically the same as ____ in IPv4.
a. diffserv c. FCoE
b. CMDB d. SLA
PTS: 1 REF: 623
10. Packets in IPv6 can be very large, such as jumbograms, and fragmentation is done by the ____.
a. routers c. hosts
b. switches d. intermediate systems
PTS: 1 REF: 623
11. Static tunnels on the routers are often called ____ tunnels.
a. private c. automatic
b. configured d. self-managed
PTS: 1 REF: 626
12. Automatically configured tunnels are called ____ tunnels.
a. private c. self-managed
b. configured d. automatic
PTS: 1 REF: 626
13. If you need to tunnel through NAT, using UDP is a good choice, which could mean using ____.
a. IPSec c. Teredo
b. ISATAP d. 6to4
PTS: 1 REF: 627









14. ISATAP requires all hosts to be ____ stack.
a. single c. home
b. mono d. dual
PTS: 1 REF: 627
15. RFC 6145 describes ____ IP/ICMP translation, or SIIT.
a. awareless c. awareful
b. stateless d. stateful
PTS: 1 REF: 628
16. The current clear front-runner for most IPv4-to-IPv6 transitions is the ____ method.
a. dual-stack c. Teredo
b. 6to4 d. ISATAP
PTS: 1 REF: 628
17. When deploying IPv6, ____ is perhaps the most critical and difficult task.
a. acquiring IPv6 addresses c. working with providers
b. creating a computer inventory d. application remediation
PTS: 1 REF: 633
18. A ____ is an IT environment isolated from the production environment.
a. sandbox c. virtual network
b. playbox d. virtual domain
PTS: 1 REF: 634


  1. ____ and associated tools keep track of the configuration of your network devices and let you know if something changes.
a. DHCPv6 c. OOB gateways
b. CMDBs d. IPAMs
PTS:  1 REF: 636


  1. ____ are quite popular in legacy IPv4 networks because they solve several issues regarding tracking and assignment of scarce resources and they facilitate DDNS.
a. DHCPv6 c. IPAMs
b. CMDBs d. OOB gateways
PTS:  1 REF: 637


  1. A(n) ____ is a proxy server or terminal server that has one interface on the production network for you to access a terminal via Secure Shell (SSH) or access a virtual desktop.
a. jump box c. OOB gateway
b. bastion host d. IPAM
PTS:  1 REF: 637


















  1. _____ are a list of conditions used to define whether an activity has completed successfully or not.



  1. A(n) _____ occurs when an organization buys another organization and combines assets.



  1. In the generic sense, a(n) _____ connection has uplinks to a single switch, service provider, or other system.



  1. The _____ table holds all Internet address prefixes for the default-free zone.
  2. IPv6 includes a(n) _____, which is a portion of the IPv6 header used for QoS.




Match each item with a statement below.
a. proprietary f. Flow
b. Border Gateway Protocol (BGP) g. Nmap
c. Default-free zone h. SNA TN3270
d. Mobility i. ISATAP
  1. RFC 3315


  1. ability to move geographically, untethered by power or network cables


  1. type of IPv6 tunnel


  1. most commonly used EGP


  1. network scanner that supports IPv6


  1. provides details about DHCPv6


  1. non-standards-based, geared toward a particular company or product line


  1. a conversation between two end points


  1. a type of protocol gateway


  1. set of all Internet networks that are operated without a default route









  1. How does the nature of networks affect the deployment of IPv6?



  1. How does the lack of IPv4 addresses affect the deployment of IPv6?



  1. What are some of the architectural decisions that you need to make when deploying IPv6?


  1. How do you select a router vendor for IPv6?



  1. What are some of the security-related decisions you will need to make to deploy IPv6?



  1. What are some of the reasons for considering tunneling options when deploying IPv6?


  1. Describe two ways to handle the IPv4-to-IPv6 migration process.



  1. Why is a test lab critical when deploying IPv6?



  1. Describe the process of updating to DHCPv6.


  1. Briefly describe how to start migrating applications during IPv6 deployment.


Chapter 12: Securing TCP/IP Environments






  1. Fundamental protocols梚ncluding IP and TCP or UDP梠 ffer no built-in security controls.


REF:  662


  1. A stealthy attacker may cover its tracks by deleting log files, or terminating any active direct connections.


REF:  667


  1. Proxy server software permits internal network addresses to be 搕ranslated? into public network addresses when packets leave inside networks so only public IP addresses are exposed on the public Internet.


REF:  679


  1. When users from outside the network attach to a service inside the network, they actually attach to the proxy server, which establishes a proxy session into the private side of the network from there.


REF:  679


  1. Strictly speaking, VPNs use tunneling protocols; therefore, they need to encrypt tunneled traffic.


REF:  680





  1. A relatively simple software program called a(n) ____ can attempt to communicate with any IP-based system while cycling through all valid TCP and UDP port addresses.
a. agent c. port scanner
b. Trojan d. socket
PTS:  1 REF: 661


  1. A(n) ____ reveals a system vulnerability and is often documented, either by the manufacturer or by an attacker.
a. hole c. break-in
b. exploit d. attack
PTS:  1 REF: 663


  1. A(n) ____ refers to a successful attempt to compromise a system抯 security.


a. discovery c. break-in
b. exploit d. gateway
PTS:  1 REF: 663













  1. An attempt to snoop inside traffic moving across the Internet to look for unprotected account and password information, or to obtain other sensitive information while it抯 in transit is called ____.
a. brute force attack c. session hijacking
b. user impersonation d. packet sniffing
PTS:  1 REF: 663


  1. In a(n) ____ attack, the attacker is able to intercept traffic from both parties and either pass the traffic unaltered to the other end of the communication link, or the attacker can forge replies from either side.
a. DoS c. man-in-the middle
b. brute force d. IP service
PTS:  1 REF: 665


  1. A ____ is a weak spot or known place of attack on any common operating system, application, or service.
a. back door c. discovery
b. hole d. hash
PTS:  1 REF: 667


  1. A ____ is an undocumented and illicit point of entry into an operating system or application added by a system抯 programmers to bypass normal security.
a. back door c. discovery
b. hole d. hash
PTS:  1 REF: 667


  1. Any knowledgeable systems professional with the right toolkit can break into just about any system in ____ minutes or less if allowed unsupervised and unrestricted access to the computer on which such a system resides.
a. 15 c. 25
b. 20 d. 30
PTS: 1 REF: 667
9. The purpose of ____ is to find out what you have and what is vulnerable.
a. reconnaissance c. session hijacking
b. covering-up d. packet sniffing
PTS: 1 REF: 669
10. ____-related attacks include SYN Flood, broadcast amplification attacks, and buffer overflow.
a. DoS c. Man-in-the middle
b. Brute force d. IP service
PTS: 1 REF: 670


  1. ____ are designed to interrupt or completely disrupt operations of a network device or network communications.
a. Trojan horse attacks c. DoS attacks
b. Dictionary attacks d. Worms
PTS:  1 REF: 670










  1. ____ is a type of software that opens the door for a compromised machine to display all kinds of unsolicited and unwanted advertising, often of an unsavory nature.
a. SA bundle c. Adware
b. Spyware d. Cache
PTS:  1 REF: 670


  1. ____ is unsolicited and unwanted software that takes up stealthy unauthorized and uninvited residence on a computer.
a. SA bundle c. Adware
b. Spyware d. Cache
PTS:  1 REF: 670


  1. ____ is a process of borrowing identity information, such as an IP address, domain name, NetBIOS name, or TCP or UDP port numbers to hide or deflect interest in attack activities.
a. Ingress filtering c. Network sniffing
b. Data authentication d. Spoofing
PTS:  1 REF: 672


  1. The purpose of a(n) ____ attack is not to deny service but to masquerade to be an authorized user so as to gain access to a system.
a. egress filtering c. data authentication
b. session hijacking d. network sniffing
PTS:  1 REF: 672


  1. ____ means restricting who may view or use certain resources, including access to bandwidth or a computer, as well as access to information.
a. Access control c. Data origin authentication
b. Connectionless integrity d. Confidentiality
PTS: 1 REF: 677
17.  A function that provides ____ checks the integrity of each packet individually.
a. access control c. data origin authentication
b. connectionless integrity d. confidentiality
PTS: 1 REF: 677


  1. ____ is the ability to verify that the data received did in fact come from the named source.


a. Access control c. Data origin authentication
b. Connectionless integrity d. Confidentiality
PTS:  1 REF: 677


  1. A ____ is a hardened computer specifically designed to resist and oppose illicit or unwanted attempts at entry, and whose job is to guard the boundary between internal and external networks.
a. firewall c. DMZ
b. bastion host d. boundary router
PTS:  1 REF: 678













  1. A ____ is an area that抯 accessible to both outsiders and insiders, but which establishes a buffer area between what抯 completely inside and outside a network boundary.
a. firewall c. DMZ
b. bastion host d. boundary router
PTS:  1 REF: 678


  1. A ____ is a specially 揾 ardened? software service or software/hardware product that erects a barrier to inspect and control traffic flow between networks.
a. firewall c. DMZ
b. bastion host d. boundary router
PTS:  1 REF: 678




  1. A(n) ____________________ model excludes users from access to resources, by default, and then adds whatever users need access to such resources as exceptions to the general exclusionary rule.



  1. In a(n) ____________________ attack, a service is inundated with requests, or malformed service requests, which cause a server to hang or freeze, preventing it from responding to input.



  1. A(n) ____________________ consists of creating hashed values for all words in a specialized dictionary of terms, then comparing those values to the hashed values in password files.



  1. A(n) ____________________ is a weakness that can be accidentally triggered or intentionally exploited.


  1. ____________________ attacks are DoS attacks that are launched from numerous devices.






Match each item with a statement below.
a. Profiling IP network f. Handler
b. Remote logon service g. System and network security
c. PING sweep h. Security policy
d. Computer forensics i. Honeypot
  1. Port scanners


  1. an examination of any traces of attack


  1. one kind of IP service that抯 vulnerable to attack


  1. manager host for a DDoS attack


  1. also known as software security


  1. permits would-be malefactors to identify potential targets for attacks


  1. document that represents the concrete manifestation of an organization抯 requirements for security practices, rules, and procedures
  2. computer system deliberately setup to entice and trap attackers


  1. sends ICMP Echo Request packets to a range of IP addresses to determine which hosts are active


  1. a type of reconnaissance tool





























  1. Discuss the difference between physical security and personnel security.



  1. What is the difference between an attack and an exploit?


  1. Briefly describe the following types of attacks: DoS, man-in-the-middle, and IP service.


  1. Briefly describe IP service implementation vulnerabilities, and insecure IP protocols and services.



  1. Discuss the risks of allowing anonymous access.



  1. What is meant by the term buffer overflow?


  1. Provide a brief definition of spoofing.



  1. According to RFC 2401, what are the goals of IPSec?



  1. Briefly define proxy server, screening host, and screening router.


  1. What are the steps when planning and implementing firewalls and proxy servers on your networks?