1. Home
  2. Flashcards
  3. Preview

CyberSecurity2_Module 7 & 8-My questions

  1. What does the acronym ICMP stand for?
    Internet Control Message Protocol
  2. What is the purpose of ICMP messages?
    is to provide feedback about issues related to the processing of IP packets under certain conditions, not to make IP reliable.
  3. List some common ICMP messages for ICMPv4 and ICMPv6.
    • • Host confirmation
    • • Destination or Service Unreachable
    • • Time exceeded
    • • Route redirection
  4. What does the ICMP message Host Confirmation do?
    • • An ICMP Echo Message can be used to determine if a host is operational.
    • • The local host sends an ICMP Echo Request to a host. If the host is available, the destination host responds with an Echo Reply.
  5. What does the ICMP message Destination or Service Unreachable do?
    When a host or gateway receives a packet that it cannot deliver, it can use an ICMP Destination Unreachable message to notify the source that the destination or service is unreachable.
  6. List the Destination Unreachable codes for ICMPv4 and describe what they mean.
    • • 0 - Net unreachable
    • • 1 - Host unreachable
    • • 2 - Protocol unreachable
    • • 3 - Port unreachable
  7. What does an ICMP Destination Unreachable code of 0 mean?
    Net unreachable
  8. What does an ICMP Destination Unreachable code of 1 mean?
    Host unreachable
  9. What does an ICMP Destination Unreachable code of 2 mean?
    Protocol unreachable
  10. What does an ICMP Destination Unreachable code of 3 mean?
    Port unreachable
  11. What does the ICMPv4 message Time exceeded do?
    • An ICMPv4 Time Exceeded message is used by a router to indicate that a packet cannot be forwarded because the Time to Live (TTL) field of the packet was decremented to 0. If a router receives a packet and decrements the TTL field in the IPv4 packet to zero, it discards the packet and sends a Time Exceeded message to the source host.
  12. What does the ICMPv6 message Time exceeded do? How is it different form ICMPv4?
    • • ICMPv6 also sends a Time Exceeded message if the router cannot forward an IPv6 packet because the packet has expired.
    • • IPv6 does not have a TTL field. It uses the hop limit field to determine if the packet has expired.
  13. What are ICMPv6 messages encapsulated in?
    ICMPv6 messages are encapsulated in IPv6.
  14. What ICMPv6 message goes between an IPv6 router and an IPv6 device?
    • • Router Solicitation (RS) message
    • • Router Advertisement (RA) message
  15. What ICMPv6 message goes between IPv6 devices?
    • • Neighbor Solicitation (NS) message
    • • Neighbor Advertisement (NA) message
  16. What ICMPv6 protocols as part of the Neighbor Discovery Protocol (ND or NDP) is used for
    • messaging between an IPv6 router and an IPv6 device?
    • • Router Solicitation (RS) message
    • • Router Advertisement (RA) message
  17. What ICMPv6 protocols as part of the Neighbor Discovery Protocol (ND or NDP) is used for
    • messaging between IPv6 devices?
    • • Neighbor Solicitation (NS) message
    • • Neighbor Advertisement (NA) message
  18. What does an ping test?
    Ping is an IPv4 and IPv6 testing utility that uses ICMP echo request and echo reply messages to test connectivity between hosts.
  19. What are the steps in a ping command?
    • • To test connectivity to another host on a network, an echo request is sent to the host address using the ping command. If the host at the specified address receives the echo request, it responds with an echo reply.
    • • As each echo reply is received, ping provides feedback on the time between when the request was sent and when the reply was received. This can be a measure of network performance.
  20. What happens if a ping reply has timed out?
    • • If a reply is not received within the timeout, ping provides a message indicating that a response was not received.
    • • This may indicate that there is a problem, but could also indicate that security features blocking ping messages have been enabled on the network.
  21. List some types of connectivity tests that can be performed with ping.
    • • Pinging the local loopback
    • • Pinging the default gateway
    • • Pinging the remote host
  22. What does a successful ping to the default gate way mean?
    A successful ping to the default gateway indicates that the host and the router interface serving as the default gateway are both operational on the local network.
  23. What does ping loopback do? What does a response mean and what does an error mean?
    • • Ping can be used to test the internal configuration of IPv4 or IPv6 on the local host.
    • • A response indicates that IP is properly installed on the host.
    • • AKA test if the TCP/IP stack is operational
    • • An error message indicates that TCP/IP is not operational on the host.
  24. What does pinging the default gateway do? How to know if it was successful? What if the default gate way does not respond?
    • • Ping the default gateway tests if a host can communicate on the local network.
    • • If either the default gateway or another host responds, then the local host can successfully communicate over the local network.
    • • If the default gateway does not respond but another host does, this could indicate a problem with the router interface serving as the default gateway.
  25. What does an successful ping to the default gateway from a host within a network mean?
    A successful ping to the default gateway indicates that the host and the router interface serving as the default gateway are both operational on the local network.
  26. What is pinging to a remote host used for? What does the router use to help forward packets?
    • • Ping to a remote host tests the ability of a local host to communicate across an internetwork.
    • • The router uses its IP routing table to forward the packets.
  27. What does an successful ping to a remote host mean?
    • • A successful ping confirms communication on the local network, the operation of the router serving as the default gateway, and the operation of all other routers that might be in the path between the local network and the network of the remote host.
    • • Additionally, the functionality of the remote host can be verified.
  28. What does ping not do?
    • Ping does not provide information about the details of devices between the hosts.
    • We can use traceroute (tracert) for that.
    • Ping is used to test connectivity between two hosts
  29. What is Traceroute (tracert)?
    • • is a utility that generates a list of hops that were successfully reached along the path.
    • • This list can provide important verification and troubleshooting information.
  30. What happened if a traceroute is successful? What if it is not successful?
    • • If the data reaches the destination, then the trace lists the interface of every router in the path between the hosts.
    • • If the data fails at some hop along the way, the address of the last router that responded to the trace can provide an indication of where the problem or security restrictions are found.
  31. What is Round Trip Time (RTT) in traceroute? How do you know if there is a problem?
    • • The round-trip time is the time a packet takes to reach the remote host and for the response from the host to return.
    • • An asterisk (*) is used to indicate a lost or unreplied packet.
    • • If the display shows high response times or data losses from a particular hop, this is an indication that the resources of the router or its connections may be overused.
  32. ICMP uses message codes to differentiate between different types of ICMP messages, list some common message codes.
    • • 0 – Echo reply (response to a ping)
    • • 3 – Destination Unreachable
    • • 5 – Redirect (use another route to your destination)
    • • 8 – Echo request (for ping)
    • • 11 – Time Exceeded (TTL became 0)
  33. What type of message is indicated for the message code of 0 in an ICMP messages?
    Echo reply (response to a ping)
  34. What type of message is indicated for the message code of 3 in an ICMP messages?
    Destination Unreachable
  35. What type of message is indicated for the message code of 5 in an ICMP messages?
    Redirect (use another route to your destination)
  36. What type of message is indicated for the message code of 8 in an ICMP messages?
    Echo request (for ping)
  37. What type of message is indicated for the message code of 11 in an ICMP messages?
    Time Exceeded (TTL became 0)
  38. The Layer 2 Ethernet frame contains what?
    • • Destination MAC address – This is the MAC address of the file server’s Ethernet NIC.
    • • Source MAC address – This is the MAC address of PC-A’s Ethernet NIC.
  39. The Layer 3 IP packet contains what?
    • • Source IP address – This is the IP address of the original source, PC-A.
    • • Destination IP address – This is the IP address of the final destination, the file server.
  40. What is the purpose of ethernet MAC address?
    • • MAC addresses are used to deliver the data link frame with the encapsulated IP packet from one NIC to another NIC on the same network.
    • • If the destination IP address is on the same network, the destination MAC address will be that of the destination device.
    • • If the destination IP address is not on the same network, the destination MAC address will be that of the default gate way.
  41. ARP provides what two basic functions?
    • • Resolving IPv4 addresses to MAC addresses
    • • Maintaining a table of IPv4 to MAC address mappings
  42. What does ARP stand for?
  43. Why would you use ARP?
  44. Describe the process of ARP.
  45. What is ARP request?
    What is ARP reply?
  46. What are some issues with ARP?
Author
dior
ID
357971
Card Set
CyberSecurity2_Module 7 & 8-My questions
Description
These are questions i created for myself form the material to help me study
Updated

  1. Home
  2. Flashcards
  3. Preview