Module 1: TCP/IP Framework 

by
Contents hide
1 INTRODUCTION – TCP/IP Framework
2 INTRODUCTION TO THE TCP/IP PROTOCOL FRAMEWORK
3 NETWORK PROTOCOLS OVER ETHERNET AND LOCAL AREA NETWORKS
4 BASICS OF ROUTING AND SWITCHING, NETWORK PACKETS AND STRUCTURES
5 TCP/IP FRAMEWORK
6 CONCLUSION – TCP/IP Framework
Spread the love

INTRODUCTION – TCP/IP Framework

This module serves as an introduction to the TCP/IP framework, Ethernet, LAN networks, and basic concepts in routing and switching. In addition, you will learn about address translation and the differences between Intrusion Detection and Intrusion Prevention Systems. Finally, the course will conclude with an exploration of packet networks.

Learning Objectives:

  • Define routing tables and their role in network routing.
  • Explain how address resolution protocol (ARP) tables are used.
  • Understand the use of broadcasting domains.
  • Differentiate between an IP address and a MAC address.
  • Identify various network devices.
  • Describe methods to segment broadcast domains.
  • Differentiate between collision and broadcast domains.
  • Distinguish between Layer 2 and Layer 3 addressing schemes.
  • Explain how Ethernet networks function.
  • Compare static and dynamic IP address translation.
  • Define network address translation (NAT).
  • Contrast Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS).
  • Differentiate between stateful and stateless inspection.

INTRODUCTION TO THE TCP/IP PROTOCOL FRAMEWORK

1. Which four (4) factors does a stateless firewall look at to determine if a packet should be allowed pass?

  • if the packet belongs to an open session
  • the source IP address (CORRECT)
  • the destination port (CORRECT)
  • the service or protocol used (CORRECT)
  • the destination IP address (CORRECT)

Correct, this is one of the four factors.

2. Can a single firewall conduct both a stateless and stateful inspection?

  • Yes but not on the same packet. A decision is made which type of inspection will be most effective on a packet-by-packet bases.
  • Yes, the stateless inspection is conducted first and then a stateful inspection is done. (CORRECT)
  • No, the latency created by a double inspection is too great to be practical.
  • No, stateless and stateful firewalls are distinctly different and used for different purposes.

Correct, The stateless inspection first takes place, and then stateful inspection occurs afterward.

3. True or False: An Intrusion Prevention System (IPS) is generally a passive device that listens to network traffic and alerts an administrator when a potential problem is detected?

  • True
  • False (CORRECT)

Correct, Usually, an Intrusion Detection System (IDS) is a passive device. It listens to network traffic, and when there is some traffic that potentially indicates a security threat, it informs an administrator.

4. Network Address Translation (NAT) typically conducts which of the following translations?

  • An IP address to a physical address and vice versa.
  • A MAC address to an IP address and vice versa.
  • A private network IP address to a public network IP address and vice versa. (CORRECT)
  • An IP address to a domain name and vice versa.

Correct, Private IP addresses are translated into public network addresses or vice versa.

5. Which type of NAT routing allows one-to-one mapping between local and global addresses?

  • Dynamic
  • Kinetic
  • Overload
  • Static (CORRECT)

Correct, Static mapping allows a one-to-one binding.

NETWORK PROTOCOLS OVER ETHERNET AND LOCAL AREA NETWORKS

1. Which network layer do IP addresses belong to?

  • The Physical Layer
  • The Network Layer (CORRECT)
  • The Data Link Layer
  • The Application Layer

Correct, the network layer.

2. Which address assures a packet is delivered to a computer on a different network segment from the sender?

  • The IP Address (CORRECT)
  • The MAC address.
  • The DHCP Address
  • The DNS Address

Correct, it is the IP Address.

3. A network device that is capable of sending and receiving data at the same time is referred to as which of the following?

  • Unidirectional
  • Monoplex
  • Half duplex
  • Full duplex (CORRECT)

Correct, it is full duplex.

4. True or False: Collision avoidance protocols are critical to the smooth operation of modern networks.

  • True
  • False (CORRECT)

Correct,  Collision avoidance protocols are not critical to the smooth operation of modern networks.

5. Comparing bridges with switches, which are three (3) characteristics specific to a bridge?

  • Full-duplex transmission.
  • End-user devices share bandwidth on each port. (CORRECT)
  • Virtual LANs are possible.
  • Each port is dedicated to a single device; bandwidth is not shared.
  • Virtual LANs are not possible. (CORRECT)
  • Half-duplex transmission. (CORRECT)

Partially correct, This is a feature unique to a bridge.

6. True or False: Switches solved the problem of network loops and improved performance of multicast/broadcast traffic.

  • True
  • False (CORRECT)

Correct, Switches wouldn’t solve problems related to the loop in the network or improve the quality of multicast/broadcast traffic, though.

BASICS OF ROUTING AND SWITCHING, NETWORK PACKETS AND STRUCTURES

1. If a network server has four (4) network interface cards, how many MAC addresses will be associated with that server?

  • 4 (CORRECT)
  • 2
  • 1
  • 0

Correct, 4 network interface cards

2. True or False: When you connect your laptop to a new network, a new IP address must be assigned, either automatically or manually.

  • True (CORRECT)
  • False

Correct, a new IP address will be assigned.

3. What does the Address Resolution Protocol (ARP) do when it needs to send a message to a location that is outside its broadcast domain?

  • ARP looks up the address in the ARP Table.
  • ARP drops the packet as undeliverable.
  • ARP sends the message to the MAC address of the default gateway. (CORRECT)
  • ARP sends a message to the destination IP address asking for its MAC address.

Correct, The MAC address of the default gateway is contacted through sending the ARP request.

4. Routing tables are maintained by which of the following devices?

  • Only on routers, switches, and hubs.
  • On any network connected device. (CORRECT)
  • Only on routers and network gateways.
  • Only on routers.

Correct, on any network connected device.

5. What is the purpose of a default gateway?

  • It translates IP addresses to MAC addresses and vice versa.
  • It manages all network traffic.
  • It forwards messages coming from, or going to, external networks. (CORRECT)
  • It manages network traffic on the local subnet only.

Correct, It transmits messages to and from external networks.

6. If a message is being sent to a computer that is identified in the computer’s routing table, what type of connection would be established?

  • Static
  • Default
  • Direct (CORRECT)
  • Dynamic

Correct, direct connection.

TCP/IP FRAMEWORK

1. What is meant by “stateless” packet inspection?

  • It is a packet-by-packet inspection with no awareness of previous packets. (CORRECT)
  • It is the inspection of packets by non-state actors, such as private telecom companies.
  • It is the inspection of a packet’s source and destination IP addresses only.
  • It is the inspection of a packet’s service or protocols used only.

2. True or False: An Intrusion Detection System (IDS) is generally a passive device that listens to network traffic and alerts an administrator when a potential problem is detected?

  • True (CORRECT)
  • False

3. True or False: The primary difference between an Intrusion Detection System (IDS) and an Intrusion Prevention System (IPS) is that an IDS is designed as a passive system that listens and alerts while an IPS is an active system that is designed to take action when a problem is detected?

  • True (CORRECT)
  • False

4. Which intrusion system does not add any delay to network traffic?

  • Intrusion Detection System (IDS). (CORRECT)
  • Intrusion Prevention System (IPS).

5. How does using Network Address Translation (NAT) provide an additional layer of security to your network?

  • By blocking traffic from known malware sites.
  • By hiding the real IP addresses of all the devices on your private network and exposing only a single public IP address. (CORRECT)
  • By requiring a certificate exchange to authenticate the source of external IP addresses before allowing them through the firewall.
  • By assigning a different false IP address to traffic leaving your network and translating it back to the real internal IP addresses on incoming traffic.

6. Which type of NAT routing maps unregistered IP addresses to a single registered IP address allowing thousands of users to be connected to the Internet using only a single global IP address?

  • Dynamic
  • Kinetic
  • Static
  • Overload (CORRECT)

7. Which network layer do MAC addresses belong to?

  • The Data Link Layer. (CORRECT)
  • The Physical Layer.
  • The Application Layer.
  • The Network Layer.

8. Which address assures a packet is delivered to a computer on the same network segment as the sender?

  • The Gateway address.
  • The IP address.
  • The DNS address.
  • The MAC address. (CORRECT)

9. A network device that cannot send and receive data at the same time is referred to as which of the following?

  • Full duplex
  • Unidirectional
  • Monoplex
  • Half duplex (CORRECT)

10. When a NIC reads a packet header and sees the destination address is not its own address, what does it do with the packet?

  • It returns the packet to the sender with a delivery error message.
  • It forwards the packet to the correct address if it is in the same network or the gateway if it is not.
  • It discards the packet. (CORRECT)
  • It reads the contents of the packet.

11. True or False: Switches can connect two geographically dispersed networks.

  • True
  • False (CORRECT)

12. What is the main function of the Address Resolution Protocol (ARP)?

  • To translate a MAC address to an IP address and vice versa. (CORRECT)
  • To translate a logical address to an IP address and vice versa.
  • To translate a physical address to an IP address and vice versa.
  • To translate a gateway address to an IP address and vice versa.

13. What does a router do when it needs to send a packet to an address that is not in its routing table?

  • It drops the packet as undeliverable.
  • It forwards the packet to the default gateway. (CORRECT)
  • It sends out a broadcast message looking for the correct system to reply with a confirmation message.
  • It returns the packet to the sender to deal with.

14. What happens to messages sent from a computer that has no gateway address specified?

  • Messages sent to other computers on the same subnet will not be delivered but those destined to computers on other networks will be delivered.
  • Messages sent to other computers on the same subnet and those destined to computers on other networks will be delivered.
  • Messages sent to other computers on the same subnet will be delivered but those destined to computers on other networks will not be delivered. (CORRECT)
  • No messages will be delivered.

CONCLUSION – TCP/IP Framework

All in all, this module is strong and solid in communicating the understanding of its key aspects in networking through the TCP/IP Framework and Ethernet, LAN Networks, routing, and switching. You have acquired important insights into building and managing networks effectively.

As well, you have learned about address translation and Intrusion Detection and Intrusion Prevention Systems, which are very important in securing a network. By studying network packets, you understood much better how data transfer occurs between the networks. You have now built a stronger foundation to tackle network problems and be solution-oriented in cases where it is important to solve the issues.

Leave a Comment