Comptia Net+ - Module 3

What are the 4 addressing methods?

• Data Link layer MAC address

• Network layer IP address

• Transport layer port numbers

• Application layer FQDNs, computer names, and host names (URL)

What are the different names for data link layer MAC address?

Also called physical, hardware, or layer 2 address

What are the characteristics of the MAC address

MAC address has 48 bits, six hex numbers separated by colons

What are the 2 different network layer IP addresses?

• IPv4 & IPv6

Compare IPv4 and IPv6 characteristics.

• IPv4 addresses have 32 bits written as four decimal numbers called octets

• IPv6 addresses have 128 bits written as eight blocks of hexadecimal numbers

What is an application layer FQDN (fully qualified domain name)?

Is a unique character-based name

What information do the 2 parts (first and last 24 bits) of a MAC address mean?

• First 24 bits are known as the OUI (Organizationally Unique Identifier) or manufacturer-ID

• Last 24 bits make up the device-ID

Who assigns the OUI (organizational unique identifier) and the device ID for MAC addresses?

• OUI is assigned by the IEEE

• Manufacturers assign each NIC a unique device ID

What utility in command prompt can you use to find current TCP/IP settings (addressing and domain name information)?

Use the ipconfig utility in a Command Prompt to find TCP/IP settings

What assigns Static and Dynamic IP addresses?

• Static IP addresses assigned manually by administrator

• Dynamic IP addresses automatically assigned by DHCP

Give a brief explanation of settings (“big 4”) for ip addresses

• IP address— Layer 3 address assigned to NIC

• Subnet mask—Indicates portion of IP address that’s network vs. host

• Gateway—Use to access outside world

• DNS server— Tracks computer names and their IP addresses

What is classful addressing?

The dividing line between the network and host portions is determined by class

What are the 5 classes for IPv4?

Class A, Class B, Class C, Class D, and Class E

• classes a-c are public IP addresses

• class d is for multi-casting (start with octets 224 -239)

• class e is research (start with octets 240-254)

Give 3 IP address ranges used for private networks.

• 10.0.0.0 through 10.255.255.255

• 172.16.0.0 through 172.31.255.255

• 192.168.0.0 through 192.168.255.255

What are the ranges for class a-c IPv4 addresses?

• A: 1.x.y.z to 126.x.y.z

• B: 128.0.x.y to 191.255.x.y

• C: 192.0.0.x to 223.255.255.x

What are Network Address Translation (NAT) designed for?

Designed to conserve public IP addresses

What is Address translation?

Gateway device substitutes private IP addresses with its own public address (when computers need access to Internet)

What is Port Address Translation (PAT)?

Process of assigning a TCP port number to ongoing session between a local host and Internet host

What are the 2 variations of NAT to be aware of?

• SNAT (Static Network Address Translation)

• DNAT (Dynamic Network Address Translation)

What is SNAT (Static Network Address Translation)? From the book

The gateway assigns the same public IP address to a host each time

What is DNAT (Dynamic Network Address Translation)? From the book

The gateway has a pool of public address that it is free to assign to a local host when it makes a request to access the Internet

SNAT for __ messages, and DNAT for __ messages

• incoming

• outgoing

SNAT for outgoing messages, and DNAT for incoming messages

What is SNAT (Static Network Address Translation)? From the field

Public IP address mapped to an internal private address for in-bound connections such as a web server

What does Link (sometimes called local link) mean in IPv6 terms?

Any LAN bounded by routers

What does an interface mean in IPv6 terms?

an interface is a node’s attachment to a link

When a network can use both IPv4 and IPv6 what is it called?

Dual stacked

What is tunneling?

Method used to transport IPv6 packets through an IPv4 network

What is interface id?

The last 64 bits or four blocks of an IPv6 address that identify the interface

What does neighbors mean in IPv6 terms?

Two or more nodes on the same link

What are the 3 types of IPv6 addresses?

• Unicast address—Specifies a single node on a network

  • Global unicast address—Can be routed on the Internet

  • Link local unicast address—Can be used for communicating with nodes in the same link

• Multicast address—Packets are delivered to nodes that have subscribed

• Anycast address—Can identify multiple destinations, with packets delivered to the closest destination

What do port numbers ensure?

Ensure data is transmitted to correct process running on the computer

What are the 3 types port numbers are divided into?

• Well-known ports—0 to 1023

• Registered ports—1024 to 49151

• Dynamic and private ports—49152 to 65535

What is a socket and what does it consist of?

• A socket identifies a unique application running on a unique computer anywhere in the world

• Consists of host’s IP address and port number of an application running on the host:

  • Colon separates the two values (ex 10.43.3.87:23)

What part of an FQDN (fully qualified domain name) is called a TLD (top level domain)?

Last part of an FQDN called top-level domain (TLD)

• .edu, .com, etc

What association restricts what type of hosts can be associated with?

ICANN (Internet Corporation for Assigned Names & Numbers) restricts what type of hosts can be associated with .arpa, .mil, .int, .edu, and .gov

What is name resolution?

The process of discovering IP address when you know the FQDN

What are the 3 elements a DNS database is made up of?

• namespace—The entire collection of computer names and associated IP addresses stored in databases on DNS servers around the globe

• name servers—Hold parts of the namespace, which are organized in a
  hierarchical structure

• resolvers—A DNS client that requests information from DNS servers

What are the domains that the organization is responsible for called?

zones

What are the 4 common types of DNS servers?

• Primary DNS server—Authoritative for the organization

  • Holds the authoritative DNS database (read/write)

• Secondary DNS server—Backup authoritative name server for the organization (read only)

• Caching DNS server—Accesses the public DNS data and caches the DNS information it collects

• Forwarding DNS server—Receives queries from local clients but doesn’t work to resolve the queries

What are the 2 types of DNS requests?

• Recursive—A query that demands a resolution or the answer “It can’t be found”

  • Local DNS server is usually recursive, makes multiple queries on behalf of client

• Iterative—A query where the local server issues queries to other servers

  • Local DNS server issues iterative queries to root and top level name servers to get to the authoritative name server

What does an “A (address) record” do, and is found in DNS database?

Stores the name-to-address mapping for a host

What does an “AAAA (address) record” do, and is found in DNS database?

Holds the name-to-address mapping, the IP address is an IPv6 type IP address

What does a “C NAME (canonical name) record do, and is found in DNS database?

Holds alternative names for a host

What is a “PTR (pointer) record” used for, and is found in DNS database?

Used for reverse lookups

What does a “NS (name server) record” do, and is found in DNS database?

Indicates the authoritative name server for a domain

What does a “MX (mail exchanger) record“ do, and is found in DNS database?

Identifies a mail server and is used for email traffic

What is the most popular, open sourced, DNS server software?

BIND (Berkeley Internet Name Domain) is this most popular

What is the name for the built-in DNS service in the Windows Server OS?

Microsoft DNS Server

What goal is trying to be achieved when doing the following two things?

• Internal and external DNS queries should be handled by different DNS servers

• Use a firewall to filter or block traffic between networks

to create a more secure network

What is one of the first places to start looking for clues when something goes wrong?

Event Viewer because it provides the diagnosis of a problem and recommends steps to fix the problem

What are the 5 most helpful tools to troubleshoot network problems?

• ping

• ipconfig (Windows only)

• ifconfig (Linux only) - used to view and manage TCP/IP settings

• nslookup (name space lookup) - used to query the DNS database from any computer

  • interactive mode: test multiple DNS servers at a time

  • non-interactive mode: test 1 DNS server at a time

• dig (domain information groper -Linux only) - Provides more detailed information than nslookup and uses more reliable sources of information to output its results

What is “ping (Packet Internet Groper)“ used for?

Used to verify that TCP/IP is:

• Installed

• Bound to the NIC

• Configured correctly

• Communicating with the network

What is a “ICMP (Internet Control Message Protocol)” ?

is a protocol used by ping and other utilities to check health of network

ping6 and ping -6 are both used to verify whether an IPv6 host is available, what is the difference between them?

• ping6—On Linux

• ping -6—On Windows

for commands to work over the Internet, you must have access to the IPv6 Internet

What is the range of addresses that might be assigned by APIPA?

169.254.0.1 through 169.254.255.254

You are the network manager for a computer training center that allows students to bring their own laptops to class for learning and taking notes. Students need access to the Internet, so you have configured your network’s DHCP server to issue IP addresses automatically.

Which DHCP option should you modify to make sure you are not wasting addresses used by students who have left for the day?

Lease time

You have decided to use SNAT and PAT on your small office network. At minimum, how many IP addresses must you obtain from your ISP for all five clients in your office to be able to access servers on the Internet?

1

Explain how the bits of an IPv6 address are organized and describe IPv6 shorthand
notation.

An IPv6 address has 128 bits that are written as eight blocks (also called quartets) of hexadecimal numbers separated by colons. Each block is 16 bits long. Leading zeroes in a four- character hex block can be eliminated. If blocks contain all zeroes, they can be eliminated and replaced by double colons (::). To avoid confusion, only one set of double colons is used in an IPv6 address.

FTP sometimes uses a random port for data transfer, but an FTP server always, unless
programmed otherwise, listens to the same port for session requests from clients. What port does an FTP server listen on?

21

You issue a transmission from your workstation to the following socket on your LAN: 10.1.1.145:53. Assuming your network uses standard port designations, what application layer protocol handles your transmission?

DNS (Domain Name Service)

Suppose you want to change the default port for RDP as a security precaution. What port does RDP use by default, and from what range of numbers should you select a private port number?

3389; 49152 through 65535

You have just set up a new wireless network at your house, and you want to determine whether your Linux laptop has connected to it and obtained a valid IP address. What command will give you the information you need?

ip address show or ifconfig -a

While troubleshooting a network connection problem for a coworker, you discover the computer is querying a nonexistent DNS server. What command-line utility can you use to assign the correct DNS server IP address?

nslookup (in interactive mode)

When running a scan on your computer, you find that a session has been established with a host at the address 208.85.40.44:443. Which application layer protocol is in use for this session? What command-line utility might you use to determine the domain name of the other computer?

• Port 443 indicates this an HTTPS session

• nslookup can identify the domain name of the host at that IP address.