CYBER 2159 Midterm Study Guide

What is the correct display filter for showing all TCP traffic running on port 80 on Wireshark?

What is the correct display filter for showing all TCP traffic running on port 80 on Wireshark?

tcp and tcp.port == 80

What networks are the same as Wi-Fi except for?

Ethernet LANs

Under which menu item in Wireshark can you recover a file for captured FTP data packets?

Statistics -> conversations

True or False: Wireshark is a packet sniffer used to capture and analyze network packets.

True

What is the correct display filter for showing all Web traffic in Wireshark?

http or https

Which Wireshark feature is used to recover a file for captured FTP data packets?

Follow Stream

True or False: In packet-switched networks, the resources needed along a path are reserved for the duration of the communication session.

False

True or False: In packet-switching networks, computing devices are interconnected through communication links and packet switches.

True

What is NOT defined in a network protocol?

the length of messages sent and received among networking hosts

What term refers to taking a packet arriving on one of a host's incoming links and forwarding it to one of the host's outgoing links based on its destination?

packet switches

True or False: A packet is stored at a router until it has fully arrived.

True

What is the correct display filter for showing all traffic except ARP, DNS, and DHCP in Wireshark?

not (arp or dns or dhcp)

What is the correct display filter for showing everything except FTP traffic in Wireshark?

not ftp

What is the correct display filter for showing all HTTP and FTP traffic with the source or destination IP of 192.168.1.33 in Wireshark?

(http or ftp) and ip.addr == 192.168.1.33

What is NOT a correct statement for the Internet?

N/A

What is the Internet?

A computer network that interconnects billions of devices.

What is layered architecture in computer networking?

A hierarchical approach to organizing network protocols.

Which model uses layered architecture?

TCP/IP model.

Which layer in the OSI model interprets the meaning of data exchanged?

Presentation layer.

Which application-layer protocol is on top of UDP?

SNMP.

What is the data unit at the network layer?

IP datagram.

What is the data unit at the transport layer?

Segment.

What is the data unit at the data link layer?

Frame.

What is the data unit at the physical layer?

Raw bits.

Why is the OSI model preferred for studying network security?

Layering provides modularity and easier implementation changes.

Is it true that the more layers, the better in any protocol models?

No.

What is the TCP/IP protocol model designed for?

Modeling data communication between two applications on different hosts.

Which app-layer protocol only uses TCP services at Layer 4?

HTTPS.

Is it true that delivery of messages to their destinations is not guaranteed in TCP?

No.

Is it true that TCP is more efficient than UDP?

No.

What command can be used to display IP address, subnet mask, and default gateway in Windows?

Ipconfig.

What command with which switch can be used to display IP address, subnet mask, default gateway, DNS server, and DHCP server in Windows?

Ipconfig /all.

What command can be used to display the IP address, subnet mask and default gateway in Linux?

ifconfig

What command is used to lookup DNS information in both Windows and Linux?

Nslookup

What command is used to display connection information of a host in Windows and Linux?

Netstat

What protocol is used to determine the Layer 2 MAC address of a host when its Layer 3 IP address is known?

ARP

Which of the following is NOT a URL protocol?

Snmp

What is the solution to browsers' problem of supporting a rapidly growing collection of file types?

When a server returns a page, it also returns some additional information about the page including its MIME type

A browser plug-in extends the browser for supporting new file types

Web servers can use caching and multiple threading to improve performance.

True

A client browser's state is maintained by using.

Cookies of a browser

What command restarts the DHCP lease process in Windows?

ipconfig /renew

Name the four steps, in order, in a successful DHCP process.

-DHCP server discovery

-Receive DHCP server offer

-DHCP request from server offers

-Server DHCP acknowledgement for request confirming parameters

Which of the following statements is TRUE about HTTP request messages?

Accepts header gives the browser a chance to tell the Web server which format it wants for a resource

The following are the HTTP Request Methods in HTTP 1.0 EXCEPT FOR:

PUT

The arp -a command displays:

the current contents of the ARP cache table on your computer

To clear the arp cache, use the following command:

arp -d

Why would an ARP frame have a destination MAC address of 00:00:00:00:00:00?

To indicate the ARP frame was broadcasted to all the hosts on the network.

What technology allows an HTTP client to retrieve individual data items from Web server to update a section of the webpage without having to reload an entire page?

AJAX

"HTTP 1.1 supports pipeline requests" means.

Multiple requests can be sent without waiting for responses

Can a client browser send a 2nd request before receiving the response to the 1st request?

Yes

What is the purpose of TCP's fast-start procedure?

To increase throughput and improve data communication performance

True or False: HTTP runs on port 80 and HTTPS runs on port 443 by default.

True

How does a browser know how to interpret and display a new file format received from a Web server?

By referring to a table of MIME types

How is the HTML content type identified?

By MIME

Which of the following methods is NOT used to improve the performance of Web applications?

Using a different browser

What is a new HTML 5 feature that is NOT available in HTML 4?

Native audio and video support

What command is used to lookup DNS information in both Windows and Linux?

Nslookup

What command clears the DNS cache on a Windows machine?

ipconfig /flushdns

What is another name for a CNAME record?

Alias

What does an A record hold?

IPv4 address

Which of the following is NOT a network application?

Microsoft PowerPoint application

Why is DNS needed?

To translate domain names to IP addresses

What is a DNS zone?

A portion of the DNS namespace managed by a specific organization or administrator

True or False: DNS namespace is hierarchical from the root down with the root named COM.

False

True or False: A DNS server uses UDP port 53 for all its UDP activities.

True

What command is used to request a new IP address from a DHCP server?

ipconfig /renew

How many columns are in the DNS database table?

5

What protocols does DNS use at the transport layer?

Both TCP and UDP

Which of the following transport service primitives is ONLY called at the server side?

LISTEN

Which of the following transport service primitives is ONLY called at the client side?

CONNECT

For an application with a server and several remote clients calling transport service primitives, a client first executes a CONNECT primitive, and then the server executes a LISTEN primitive.

False

If a socket is created with the socket type SOCK_STREAM, then it is a UDP socket which is connectionless.

False

After a socket is created, it should be bound to a local address (HOST, PORT) before it can listen to incoming connection requests.

True

After the listen() method is called by the server program, it is ready to accept connection requests.

True

The backlog argument provided for the listen() method specifies.

the maximum number of queued connections

The return value of the socket method accept() is a pair (conn, address), where conn is a new socket object that can be used to send and receive data on the connection.

True

the Python statement below opens the file to write f = open(file, 'wb').

the file will be opened in binary mode

The buffer size used in the socket recv() method at the server side program should be equal to the length of the data provided to the socket send() method at the client side program.

True

The port numbers used in the socket server program and client program MUST be the same.

True

In Python, to write to an existing file, you must add a parameter to the open() function:

True

With client-server socket programming, the server program uses two sockets: one socket is used to listen for incoming connection requests, the other one performs data transfer with a client program.

True

How an application at layer 5 uses the services at layer 4 in the TCP/IP model?

through a transport address which is a port number