1 :: What is the use of IGMP protocol?
Internet Group Management Protocol: - It allows internet hosts to participate in multicasting. The IGMP messages are used to learn which hosts is part of which multicast groups. The mechanism also allow a host to inform its local router, that it wants to receive messages.
2 :: What are Ping and Tracert?
Ping and tracert are the commands used to send information to some remote computers to receive some information. Information is sent and received by packets. Ping I particularly used to check if the system is in network or not. It also gives packet lost information. In windows ping command is written as ping ip_address Tracert is called as trace route. It is used to track or trace the path the packet takes from the computer where the command is given until the destination. In windows ping command is written as tracert ip_address
3 :: Explain RSVP. How does it work?
Resource Reservation protocol is used to reserve resources across a network. It is used for requesting a specific Quality of Service (QoS) from the network. This is done by carrying the request (that needs a reservation of the resource) of the host throughout the network. It visits each node in the network. RSVP used two local modules for reservation of resources. Admission control module confirms if there are sufficient available resources while policy module checks for the permission of making a reservation. RSVP offers scalability. On a successful completion of both checks RSVP uses the packet classifier and packet scheduler for the desired Qos requested.
4 :: Explain the concept of DHCP.
Dynamic Host Configuration Protocol is used assigning IP addresses to computers in a network. The IP addresses are assigned dynamically. Certainly, using DHCP, the computer will have a different IP address every time it is connected to the network. In some cases the IP address may change even when the computer is in network. This means that DHCP leases out the IP address to the computer for sometime. Clear advantage of DHCP is that the software can be used to manage IP address rather than the administrator.
5 :: What are the differences between a domain and a workgroup?
In a domain, one or more computer can be a server to
manage the network. On the other hand in a workgroup all computers are peers
having no control on each other. In a domain, user doesn’t need an account to
logon on a specific computer if an account is available on the domain. In a
work group user needs to have an account for every computer.
In a domain,
Computers can be on different local networks. In a work group all computers
needs to be a part of the same local network.
6 :: Explain how NAT works.
Network Address Translation translates and IP address used in a network to another IP address known within another network. A NAT table is maintained for global to local and local to mapping of IP’s. NAT can be statically defined or dynamically translate from a pool of addresses. The NAT router is responsible for translating traffic coming and leaving the network. NAT prevents malicious activity initiated by outside hosts from reaching local hosts by being dependent on a machine on the local network to initiate any connection to hosts on the other side of the router.
7 :: What is PPP protocol? Explain PPP packet format.
Point to Point protocol helps communication between 2
computers over a serial cable, phone line or other fiber optic lines. E.g.
Connection between an Internet Service Provider and a host. PPP also provides
authentication. PPP operates by sending Request packets and waiting for
Acknowledge packets that accept, reject or try to change the request. The
protocol is also used to negotiate on network address or compression options
between the nodes.
Packet format:-
Flag field: 1 byte: -
Indicates frames beginning or end
Address field: 1 byte: - Used for broadcast
address (destination address)
Control field: 1 byte: - Used as a control
byte
Protocol field: - 1 or 2 bytes: - Setting of protocol in information
field (of datagram)
Information: - 0 or more bytes: - Datagram (whether it
contains data or control information)
Padding: - 0 or more bytes: - optional
padding
FCS: - 2 or more bytes: - error check sum
8 :: What is IP Spoofing and how can it be prevented?
IP spoofing is a mechanism used by attackers to gain
unauthorized access to a system. Here, the intruder sends messages to a
computer with an IP address indicating that the message is coming from a
trusted host. This is done by forging the header so it contains a different
address and make it appear that the packet was sent by a different
machine.
Prevention:-
Packet filtering: - to allow packets with
recognized formats to enter the network
Using special routers and
firewalls.
Encrypting the session
9 :: Explain IP datagram, Fragmentation and MTU.
IP datagram can be used to describe a portion of IP
data. Each IP datagram has set of fields arranged in an order. The order is
specific which helps to decode and read the stream easily. IP datagram has
fields like Version, header length, Type of service, Total length, checksum,
flag, protocol, Time to live, Identification, source and destination ip address,
padding, options and payload.
MTU:- Maximum Transmission
Unit is the size of the largest packet that a communication protocol can pass.
The size can be fixed by some standard or decided at the time of
connection
Fragmentation is a process of breaking the IP packets into
smaller pieces. Fragmentation is needed when the datagram is larger than the
MTU. Each fragment becomes a datagram in itself and transmitted independently
from source. When received by destination they are
reassembled.
10 :: What is an application gateway?
An application gateway is an application program that runs on a firewall between two networks. An application gateway is used for establishing connection between client program and destination service. The client negotiates with the gateway to communicate with the service of destination. Here, gateway can be called as a proxy. Hence, two connections are made. One between
11 :: Explain Circuit Level Gateway.
A circuit level gateway is used to find if a session in TCP handshaking is legitimate or not. It can be considered as a layer between application layer and transport layer. They protect the information of the private network they protect. Circuit level gateways do not filter packets.
12 :: What is "Gateway Of Last Resort"?
A Gateway of Last Resort or Default gateway is a route used by the router when no other known route exists to transmit the IP packet. Known routes are present in the routing table. Hence, any route not known by the routing table is forwarded to the default route. Each router which receives this packet will treat the packet the same way, if the route is known, packet will be forwarded to the known route.
13 :: What is LAN?
LAN is a computer network that spans a relatively small area. Most LANs are confined to a single building or group of buildings. However, one LAN can be connected to other LANs over any distance via telephone lines and radio waves. A system of LANs connected in this way is called a wide-area network (WAN). Most LANs connect workstations and personal computers. Each node (individual computer) in a LAN has its own CPU with which it executes programs, but it also is able to access data and devices anywhere on the LAN. This means that many users can share expensive devices, such as laser printers, as well as data. Users can also use the LAN to communicate with each other, by sending e-mail or engaging in chat sessions.
14 :: What is the difference Between an Intranet and the Internet?
There's one major distinction between an intranet and
the Internet: The Internet is an open, public space, while an intranet is
designed to be a private space. An intranet may be accessible from the Internet,
but as a rule it's protected by a password and accessible only to employees or
other authorized users.
From within a company, an intranet server
may respond much more quickly than a typical Web site. This is because the
public Internet is at the mercy of traffic spikes, server breakdowns and other
problems that may slow the network. Within a company, however, users have much
more bandwidth and network hardware may be more reliable. This makes it easier
to serve high-bandwidth content, such as audio and video, over an
intranet.
15 :: Define the term Protocol.
Protocol is a standard way of communicating across a network. A protocol is the "language" of the network. It is a method by which two dissimilar systems can communicate. TCP is a protocol which runs over a network.
16 :: Define File Transfer Protocol.
File Transfer Protocol (FTP), a standard Internet protocol, is the simplest way to exchange files between computers on the Internet. Like the Hypertext Transfer Protocol (HTTP), which transfers displayable Web pages and related files, and the Simple Mail Transfer Protocol (SMTP), which transfers e-mail, FTP is an application protocol that uses the Internet's TCP/IP protocols. FTP is commonly used to transfer Web page files from their creator to the computer that acts as their server for everyone on the Internet. It's also commonly used to download programs and other files to your computer from other servers.
17 :: Explain the 7 Layers of OSI.
Layer
1: Physical layer
It represents all the electrical and physical
specifications for devices.
Layer 2: Data link layer
It
provides the functional and procedural means to transfer data between network
entities and to detect and possibly correct errors that may occur in the
Physical layer.
Layer 3: Network layer
The Network layer
provides the functional and procedural means of transferring variable length
data sequences from a source to a destination via one or more
networks.
Layer 4: Transport layer
It provides transparent
transfer of data between end users.
Layer 5: Session layer
It
controls the sessions between computers. It connects, manages and terminates the
connections between the local and remote application.
Layer 6:
Presentation layer
It transforms data to provide a standard interface for
the Application layer.
Layer 7: Application layer
It provides a
means for the user to access information on the network through an
application.
18 :: What is a network? What are the different kinds of network? Explain them.
A network is a group of computers or nodes connected
together. They are connected with each other by communication
paths.
Types of Networks:
LAN – Local Area
Network connects a group of nodes covering a small physical area. LAN’s are most
commonly seen in offices, building etc. LAN’s enable higher transfer rate of
data, smaller coverage of area and hence less wiring.
WAN –
Wide Area Network connects a group of nodes covering a wide area. WAN typically
connects and allow communication between regions or national boundaries. The
most common example of WAN is internet.
VPN – Virtual Private
Network connects or links nodes in some larger area by open connections or
virtual circuits in some larger network (e.g., the Internet) instead of by
physical wires. It is used for secure communication through the public internet.
VPN alone may not support explicit security features, such as authentication or
content encryption.
Intranet – It is a set of networks under
the control of a single administrative person. It can be considered as an
internal network of an organization. If it is large, web servers are used to
provide information to the users.
Extranet – It is a network
that restricts itself within a single organization. It can be categorized as
WAN, MAN etc. however; it cannot have a single LAN. It must have a connection
(at least one) with external network.
19 :: What are network topologies? Explain Ring, Bus and Star topology.
A network topology describes the layout of a network.
It describes how different nodes and elements are connected to each other.
Different types of topology:
a. Ring:-
* All nodes
connected with another in a loop.
* Each device is connected to one or more
another device on either side.
b. Bus
* All nodes connected
to a central and a common cable called as a back bone.
* In bus topology, the
server is at one end and the clients are connected at different positions across
the network.
* Easy to manage and install.
* If the backbone fails, the
entire communication fails.
c. Star
* All nodes connected
to a central hub.
* The communication between the nodes is through the
hub.
* Relative requires more cables as compared to BUS. However if any node
fails, it wont affect the entire LAN.
20 :: Explain IP, TCP and UDP.
TCP – Transmission control Protocol is used to
establish communication between nodes or networks and exchange data packets. It
guarantees delivery of data packets in the order they were sent. Hence it is
most commonly used in all applications that require guaranteed delivery of data.
It can handle both timeouts (if packets were delayed) and retransmission (if
packets were lost). The stream of data is transmitted in segments. The segment
header is 32 bit. it is a connectionless communication protocol at the third
level (network) of the OSI model.
IP – Internet protocol is
used for transmission of data over the internet. IP uses IP addresses to
identity each machine uniquely. Message is sent using small packets. The packet
contains both the sender and receivers address. IP does not guarantee the
delivery in the same order as sent. This is because the packets are sent via
different routes. It is a connectionless communication protocol at the third
level (network) of the OSI model.
UDP – User Data Protocol is
a communication protocol. It is normally used as an alternative for TCP/IP.
However there are a number of differences between them. UDP does not divide data
into packets. Also, UDP does not send data packets in sequence. Hence, the
application program must ensure the sequencing. UDP uses port numbers to
distinguish user requests. It also has a checksum capability to verify the
data.
21 :: Explain the different classes of addresses supported by IP addressing.
Computers using the TCP/IP for communication are
uniquely identified by a 32 bit address called as an IP address. The routers use
the IP address information to forward the packet to the destination
computer.
IP addresses are categorized as:
Private address:
these IP addresses are used exclusively within a private network and not for
public to see.
Public Address: these are registered IP addresses used
for public.
Each IP address has a network address and a host address.
IP addresses are expressed in four sets of three numbers, separated with dots.
Each set is called as an octet because when converted to binary; it denotes
eight binary
22 :: What is multicasting?
Multicasting allows a single message to be sent to a group of recipients. Emailing, teleconferencing, are examples of multicasting. It uses the network infrastructure and standards to send messages.
23 :: Explain the functionality of PING.
Ping Is particularly used to check if the system is in network or not. It also gives packet lost information. In windows ping command is written as ping ip_address. The output returns the data packets information. The number of packets sent, received and lost is returned by PING.
24 :: Explain the core naming mechanism, Domain Name System (DNS).
A Domain Name system is used to convert the names of the website on the internet to IP addresses. The domain names for each IP addresses are stored in a database that is distributed across different servers. A domain name space consists of a tree of domain names. The tree has zones. Zones consist of a collection of connected nodes. These nodes are served by a name server. A domain name is usually in the form of mydomain.com. Here, .com is the top level domain. Where as mydomain is the sub domain or subdivision. A host name is a domain name that has one or more IP addresses associated with it.
25 :: Describe Application layer.
The application layer is located at the top of the TCP/IP protocol layers. This one contains the network applications which make it possible to communicate using the lower layers. The software in this layer therefore communicates using one of the two protocols of the layer below (the transport layer), i.e. TCP or UDP. In computer networking, an application layer firewall is a firewall operating at the application layer of a protocol stack.[1] Generally it is a host using various forms of proxy servers to proxy traffic instead of routing it. As it works on the application layer, it may inspect the contents of the traffic, blocking what the firewall administrator views as inappropriate content, such as certain websites, viruses, and attempts to exploit known logical flaws in client software, and so forth. An application layer firewall does not route traffic on the network layer. All traffic stops at the firewall which may initiate its own connections if the traffic satisfies the rules.
26 :: Define DNS
The DNS translates Internet domain and host names to IP addresses. DNS automatically converts the names we type in our Web browser address bar to the IP addresses of Web servers hosting those sites. DNS implements a distributed database to store this name and address information for all public hosts on the Internet.
27 :: Define Telnet
Telnet is the main Internet protocol for creating a connection to a remote server.
28 :: Define SMTP
SMTP - Short for Simple Mail Transfer Protocol, a protocol for sending e-mail messages between servers.
29 :: What Is a MAC Address?
MAC (Media Access Control) addresses are globally unique addressed that are written into hardware at the time of manufacture. The MAC address is a unique value associated with a network adapter. MAC addresses are also known as hardware addresses or physical addresses. They uniquely identify an adapter on a LAN. MAC addresses are 12-digit hexadecimal numbers (48 bits in length).
30 :: MAC vs. IP Addressing
Whereas MAC addressing works at the data link layer, IP addressing functions at the network layer (layer 3). It's a slight oversimplification, but one can think of IP addressing as supporting the software implementation and MAC addresses as supporting the hardware implementation of the network stack. The MAC address generally remains fixed and follows the network device, but the IP address changes as the network device moves from one network to another.
31 :: Define Spanning-Tree Protocol (STP)
Spanning-Tree Protocol (STP) as defined in the IEEE 802.1D is a link management protocol that provides path redundancy while preventing undesirable loops in the network. For an Ethernet network to function properly, only one active path can exist between two stations. Loops occur in networks for a variety of reasons. The most common reason you find loops in networks is the result of a deliberate attempt to provide redundancy - in case one link or switch fails, another link or switch can take over.
32 :: What is VPN?
A VPN is a service that offers secure, reliable connectivity over a shared public network infrastructure such as the Internet. VPNs maintain the same security and management policies as a private network. They are the most cost effective method of establishing a virtual point-to-point connection between remote users and an enterprise customer's network.
33 :: Define broadcast domain.
It is a logical area in a computer network where any computer connected to the network can directly transmit to any other computer in the domain without having to go through a routing device.
34 :: Bridge vs switch.
A bridge connects two different LAN networks. A switch is something like you can connect many computers to a switch and then one computer can connect to another through the switch. Switch is a unicast one to one connection
35 :: What is a Router?
A router is a device or sometimes a software in a computer which decides the next network point to which a packet should be forwarded to reach its destination on Internet. It is usually included as part of the network switch and is located at a gateway, including each point-of-presence on the Internet. The router is connected to at least two networks and determines which way
36 :: Define gateway.
A gateway is a network point that provides entrance into another network. On the Internet, a node or stopping point can be either a gateway node or a host (end-point) node. Both the computers of Internet users and the computers that serve pages to users are host nodes. The computers that control traffic within your company's network or at your local Internet service provider (ISP) are gateway nodes.
37 :: What is firewall?
A firewall is a hardware or software installed to provide security to the private networks connected to the internet. They can be implemented in both hardware and software, or a combination of both. All data entering or leaving the Intranet passes through the firewall which allows only the data meeting the administrators’ rules to pass through it.
38 :: What are the types of firewalls?
Packet
Filtering Firewall:
This type of Firewall detects packets and block
unnecessary packets and makes network traffic release.
Screening
Router Firewalls:
It's a software base firewall available in Router
provides only light filtering.
Computer-based Firewall:
It's a
firewall stored in server with an existing Operating System like Windows and
UNIX.
Hardware base Firewall:
Its device like box allows strong
security from public network. Mostly used by big networks.
Proxy
Server:
Proxy server allows all clients to access Internet with different
access limits. Proxy server has its own firewall which filters the all packet
from web server.
39 :: What is Data encryption?
Data encryption ensures data safety and very important for confidential or critical data. It protect data from being read, altered or forged while transmission.
40 :: What is the Public Key Encryption?
Public key encryption use public and private key for encryption and decryption. In this mechanism, public key is used to encrypt messages and only the corresponding private key can be used to decrypt them. To encrypt a message, a sender has to know recipient’s public key.
41 :: What is Digital Signatures?
Digital signature is an attachment to an electronic message used for security purpose. It is used to verify the authenticity of the sender.
42 :: What is Ethernet technology?
Ethernet technology is a high speed broadcast bus technology. In this type, all the station shares a single ether channel and receives every single transmitted signal.
43 :: Explain the use of network interface card, NIC.
NIC is used to connect computer to an Ethernet network.
44 :: Explain token ring technology.
In this technology, all the devices are arranged in a circle. A token moves around the circular network. A device waits for the token before it sends its frame. Once it receives token, it initiates transmission of its frame.
45 :: What is CSMA and CD concept?
In CSDA (carrier sense multiple access), presence of
any digital signal in a network is checked before transmission. Data
transmission occurs only when no signal is sensed.
CD, Collision
detection is responsible for monitoring carrier in order to avoid signal
jam.
46 :: What is NetBIOS protocol?
NetBIOS (Network Basic Input/Output System) Protocol allows applications on separate computers to communicate over a LAN. It runs over TCP/IP giving each computer in the network a NetBIOS name and IP address. E.g. It can be used for computers running Windows 2000 (or before) to join a computer network running Windows 2000 (or later).
47 :: What is IGMP protocol?
Internet Group Management Protocol, allows internet hosts to multicast. i.e. to send messages to a group of computers. There may be a group of internet hosts interested to multicast. IGMP allows router to determine which host groups have members on a given network segment. It helps to establish group memberships. It is commonly used for streamlining videos and gaming. The protocol can be implemented both as a host side and router side. The host side is responsible to notify its membership in a group. The notification is made to a local router. This local router (router side) in turn sends out queries.
48 :: Explain PPP protocol.
Point to Point protocol helps communication between 2
computers over a serial cable, phone line or other fiber optic lines. E.g.
Connection between an Internet Service Provider and a host. PPP also provides
authentication. PPP operates by sending Request packets and waiting for
Acknowledge packets that accept, reject or try to change the request.
The protocol is also used to negotiate on network address or compression options
between the nodes. PPP has a number of phases as below:
* Link
dead: - takes place when the connection fails.
* Link
Establishment Phase: - Used to establish connection. If authentication
is desired, it moves to next phase.
* Authentication Phase: - Allows
the nodes to authenticate each other.
* Network-Layer Protocol
Phase: - here, the network control protocols come into play. Data transport,
closing of the protocols takes place in this phase.
* Link Termination Phase:
- here, the connection is terminated.
49 :: What is TCP / IP protocol?
Transmission Control Protocol / Internet Protocol: - It is a family of protocols used for communication and connection between hosts on the internet. It is the most widely used standard for transmitting data over the internet. The four layers in the protocol are (from bottom to top):- Physical layer, Data link layer, Network layer, transport layer and application layer, also called as the OSI model. In TCP/IP , IP is responsible for forwarding packets while TCP ensures the correct delivery of data from client to server. TCP detects loss of data as well.
50 :: What is FTP (File Transfer Protocol)?
FTP is File Transfer Protocol. It used to exchange files on the internet. To enable the data transfer FTP uses TCP/IP, FTP is most commonly used to upload and download files from the internet. FTP can be invoked from the command prompt or some graphical user interface. FTP also allows to update (delete, rename, move, and copy) files at a server. It uses a reserved port no 21.
51 :: What is HTTP (Hypertext Transfer Protocol)?
HTTP or Hyper Text Transfer Protocol is provides a set of rules to transfer files, videos, images over the world wide web. When the web browser is opened, a HTTP request call is made. A web server contains a HTTP daemon. This daemon is used to wait for HTTP requests and handle them when they arrive. The web browser from where HTTP requests are made is called as a client. These requests are sent to the server. It uses a reserved port no 80.
52 :: What is NNTP (Network News Transfer Protocol)?
NNTP or Network News Transfer Protocol is used to manage the notes posted on Unset newsgroup (a collection of posted notes on a subject posted by different users). NNTP servers are responsible for managing Usenet newsgroup collected globally. A NTTP client is a part of the web browser also called as a news reader. It uses a reserver port no 119.
53 :: What is SMTP (Simple Mail Transfer Protocol)?
SMTP or Simple Mail Transfer Protocol is used to send email messages between servers. The messages are retrieved using email clients. SMTP is more commonly used to send messages from a mail client to a mail server. And hence the email client like POP needs to be configured. Hence, SMTP is used to send emails while POP or IMAP are used to receive messages. It is usually operated on port25 on the internet.
54 :: What is POP3 (Post Office Protocol 3)?
POP3 or Post Office Box 3 is used fro receiving emails. It is a client server protocol which holds the email. Once the email is downloaded from the server, POP3 deletes it from the server. Ordinal numbers are used to identify specific messages.
55 :: What is SNMP (Simple Network Management Protocol)?
SNMP or Simple Network Management Protocol is typically used for managing the network. Managing the network includes managing the nodes present in the network. These nodes may be server, routers, bridges and hubs. SNMP agents are used to achieve this. Managing the network is essential because it helps to monitor network performance, detect network faults or failures, audit network usage etc. the SNMP messages like TRAP, GET or SET may be invoked by network elements or network management system.
Technical Interview Questions –
Networking
Q:-What is an IP address?
An Internet Protocol address (IP address) is a numerical label that is assigned
to devices participating in a
computer network that uses the Internet
Protocol for communication between its nodes.[
1]
An IP address serves
two
principal functions: host or network interface identification and
location addressing. Its role has been characterized as
follows: "A name
indicates what we seek. An address indicates where it is. A route indicates how
to get there."[
2]
Q :- What is a subnet mask?
The word subnetwork (usually shortened to subnet) has two related meanings. In
the older and more general meaning,
it meant one physical network of an
internetwork. In the Internet Protocol (IP), a subnetwork is a division of a
classful network. The rest of this article is about the second meaning.
Subnetting an IP network allows a single large
network to be broken down into
what appear (logically) to be several smaller ones. It was originally
introduced
before the introduction of classful network numbers in IPv4, to
allow a single site to have a number of local area
networks. Even after the
introduction of classful network numbers, subnetting continued to be useful, as
it reduced
the number of entries in the Internet-wide routing table (by
hiding information about all the individual subnets inside
a site). As a side
benefit, it also resulted in reduced network overhead, by dividing the parts
which receive IP
broadcasts.
Q :- What is ARP?
The Address Resolution Protocol (ARP) is a computer networking protocol for
determining a network host's link
layer or hardware address when only its
Internet Layer (IP) or Network Layer address is known. This function is
critical in local area networking as well as for routing internetworking traffic
across gateways (routers) based on IP
addresses when the next-hop router must
be determined. ARP was defined by RFC 826 in 1982.[
1]
It is Internet
Standard STD 37.
Q :- What is ARP Cache
Poisoning?
ARP stands for Address Resolution Protocol. Every computer in a LAN has 2
identifiers: IP and MAC address. IP is
either entered by the user or
dynamically allocated by a server. But the MAC address is unique for any
Ethernet card.
For example, if you have 2 ethernet cards, one for wired and
the other for WiFi, you have 2 MAC addresses on your
machine. The MAC address
is a hardware code for your ethernet card.
The communications between
computers is done on the IP level. Means that if you want to send a file to a
computer,
you need to know the other computer IP.
Now, ARP is the protocol
that matches every IP with a certain MAC address in ARP table that is saved on
your
switch in your LAN.
ARP cache poisoning is changing this ARP table on
the switch.
For Normal case, when a machine tries to connect to another
machine. The first machine goes to the ARP table with
the other machine IP,
the ARP table provide the MAC address for the other machine and the
communication starts.
But if someone plays with the table, the first machine
goes with the IP and the ARP table will provide a faulty MAC
address to a 3rd
machine who wants to intrude through your communication.
This Kind of attach
is known as "Man in the Middle".
Q ) What is the ANDing process?
In order to determine whether a destination host is local or remote, a computer
will perform a simple mathematical
computation referred to as an AND
operation. While the sending host does this operation internally,
understanding
what takes place is the key to understanding how an IP-based
system knows whether to send packets directly to a host
or to a
router.
Q ) What is a default gateway? What happens if I don't
have one?
A gateway is a routing device that knows how to pass traffic between different
subnets and networks. A computer
will know some routes (a route is the
address of each node a packet must go through on the Internet to reach a
specific destination), but not the routes to every address on the Internet. It
won’t even know all the routes on the
nearest subnets. A gateway will not
have this information either, but will at least know the addresses of other
gateways it can hand the traffic off to. Your default gateway is on the same
subnet as your computer, and is the
gateway your computer relies on when it
doesn’t know how to route traffic. The default gateway is typically very
similar to your IP address, in that many of the numbers may be the same.
However, the default gateway is not your IP
address. To see what default
gateway you are using, follow the steps below for your operating
system.
Q ) Can a workstation computer be configured to browse
the Internet and yet NOT have a default gateway?
If we are using public ip address, we can browse the internet. If it is having
an intranet address a gateway is needed as
a router or firewall to
communicate with internet.Without default gateway you cannot browse internet. It
doesnt
matter if you are on public or private network. Default Gateway is
required to route your IP packets from your
network to the other
networks.
Q) What is a subnet? Why do I
care?
A subnet specifies a range of IP addresses. The special attribute of a subnet is
that all the computers within the subnet
(a "sub-network") can talk directly
to each other, and don't need a router to communicate.
When it's time to send
a packet, your computer delivers a packet a) directly to the destination
computer or b) sends it
to the router for ultimate delivery.
But how does
your computer know whether the packet's destination is within its subnet? The
answer is that your
computer uses the subnet mask to determine the members of
the subnet. If your computer's address and the destination
computer's IP
addresses are in the same subnet address range, then they can send packets
directly to each other. If
they're not in the same range, then they must send
their data through a router for delivery.The chart below associates
the
number of IP addresses in a subnet to the subnet mask. For example, the subnet
mask "255.255.255.0" represents
254 consecutive IP addresses.
Subnet Mask
# of Addresses Subnet Mask # of Addresses
/1 128.0.0.0 2.1 billion /17
255.255.128.0 32,766
/2 192.0.0.0 1 billion /18 255.255.192.0 16,382
/3
224.0.0.0 536 million /19 255.255.224.0 8,190
/4 240.0.0.0 268 million /20
255.255.240.0 4,094
/5 248.0.0.0 134 million /21 255.255.248.0 2,046
/6
252.0.0.0 67 million /22 255.255.252.0 1,022
/7 254.0.0.0 34 million /23
255.255.254.0 510
/8 255.0.0.0 17 million (Class A) /24 255.255.255.0 254
(Class C)
/9 255.128.0.0 8.4 million /25 255.255.255.128 126
/10
255.192.0.0 4.2 million /26 255.255.255.192 62
/11 255.224.0.0 2.1 million
/27 255.255.255.224 30
/12 255.240.0.0 1 million /28 255.255.255.240 14
/13 255.248.0.0 524 thousand /29 255.255.255.248 6
/14 255.252.0.0 262
thousand /30 255.255.255.252 2
/15 255.254.0.0 131 thousand /31
255.255.255.254 RFC 3021
/16 255.255.0.0 65,534 (Class B) /32
255.255.255.255. A single address
Q ) What is APIPA?
Zero configuration networking (zeroconf), is a set of techniques that
automatically creates a usable Internet Protocol
(IP) network without manual
operator intervention or special configuration servers.Automatic Private IP
Addressing:
a safety mechanism in dynamic host client processing to assign IP
addresses within a given range when the main
DHCP mechanism fails
APIPA,
also known as Automatic Private IP Addressing, is a feature used in Windows
operating systems. It comes
into action only when DHCP (Dynamic Host
Configuration Protocol) servers are available. When the DHCP client
first
comes on, it will try to establish a connection with the DHCP server in order to
get an IP address. It is when this
server is (or at a later point becomes)
unavailable, that APIPA will kick in.
As the client is unable to connect with
the server, APIPA will automatically try to configure itself with an IP
address
from an specially reserved range. (This reserved IP address range
goes from 169.254.0.0 to 169.254.255.255).
Q ) What is an RFC? Name a few if possible (not
necessarily the numbers, just the ideas behind them)
A Request For Comments (RFC) document defines a protocol or policy used on the
Internet. An RFC can be
submitted by anyone. Eventually, if it gains enough
interest, it may evolve into an Internet Standard Each RFC is
designated by
an RFC number. Once published, an RFC never changes. Modifications to an
original RFC are
assigned a new RFC number.
Q ) What is RFC 1918?
RFC 1918 is Address Allocation for Private Internets The Internet Assigned
Numbers Authority (IANA) has reserved
the following three blocks of the IP
address space for private internets: 10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix) 192.168.0.0 - 192.168.255.255
(192.168/16
prefix) We will refer to the first block as "24-bit block", the
second as "20-bit block", and to the third as "16-bit"
block. Note that (in
pre-CIDR notation) the first block is nothing but a single class A network
number, while the
second block is a set of 16 contiguous class B network
numbers, and third block is a set of 256 contiguous class C
network
numbers.
Q ) What is CIDR?
CIDR (Classless Inter-Domain Routing, sometimes known as supernetting) is a way
to allocate and specify the
Internet addresses used in inter-domain routing
more flexibly than with the original system of Internet Protocol (IP)
address
classes. As a result, the number of available Internet addresses has been
greatly increased. CIDR is now the
routing system used by virtually all
gateway hosts on the Internet's backbone network. The Internet's regulating
authorities now expect every Internet service provider (ISP) to use it for
routing.
The original Internet Protocol defines IP addresses in four major
classes of address structure, Classes A through D.
Each of these classes
allocates one portion of the 32-bit Internet address format to a network address
and the
remaining portion to the specific host machines within the network
specified by the address. One of the most
commonly used classes is (or was)
Class B, which allocates space for up to 65,533 host addresses. A company
who
needed more than 254 host machines but far fewer than the 65,533 host
addresses possible would essentially be
"wasting" most of the block of
addresses allocated. For this reason, the Internet was, until the arrival of
CIDR,
running out of address space much more quickly than necessary. CIDR
effectively solved the problem by providing a
new and more flexible way to
specify network addresses in routers. (With a new version of the Internet
Protocol -
IPv6 - a 128-bit address is possible, greatly expanding the number
of possible addresses on the Internet. However, it
will be some time before
IPv6 is in widespread use.)
Using CIDR, each IP address has a network prefix
that identifies either an aggregation of network gateways or an
individual
gateway. The length of the network prefix is also specified as part of the IP
address and varies depending
on the number of bits that are needed (rather
than any arbitrary class assignment structure). A destination IP address
or
route that describes many possible destinations has a shorter prefix and is said
to be less specific. A longer prefix
describes a destination gateway more
specifically. Routers are required to use the most specific or longest
network
prefix in the routing table when forwarding packets.
A CIDR
network address looks like this:
192.30.250.00/18
The "192.30.250.00" is
the network address itself and the "18" says that the first 18 bits are the
network part of the
address, leaving the last 14 bits for specific host
addresses. CIDR lets one routing table entry represent an aggregation
of
networks that exist in the forward path that don't need to be specified on that
particular gateway, much as the
public telephone system uses area codes to
channel calls toward a certain part of the network. This aggregation of
networks in a single address is sometimes referred to as a supernet.
CIDR is
supported by the Border Gateway Protocol, the prevailing exterior (interdomain)
gateway protocol. (The
older exterior or interdomain gateway protocols,
Exterior Gateway Protocol and Routing Information Protocol, do not
support
CIDR.) CIDR is also supported by the OSPF interior or intradomain gateway
protocol.
Q :- You have the following Network ID:
192.115.103.64/27. What is the IP range for your
network?
It ranges from 192.115.103.64 - 192.115.103.96
But the usable address are
from 192.115.103.64 -
192.115.103.94
192.115.103.95 - it is the broadcast
address
192.115.103.96 - will be the ip address of next range
we can use
30 hostes in this network
Q :- You have the following Network ID: 131.112.0.0.
You need at least 500 hosts per network. How many
networks can you create? What subnet mask will you use?
subnetmask is
255.255.252.0, we can create 4 subnet and atleast we can connect 500host per
network
Q :- You need to view at network traffic. What will you
use? Name a few tools
Depends what type of traffic I want to monitor and the network design. I really
liked using Fluke Networks OptiView
Network Analyzer. Software though I
would say wireshark, sitrace, Iris Network Traffic Analyzer, Airsnare,
Packetcapsa. Backtrack (a linux live CD) has tons of different applications that
you can use to monitor and view
network traffic
Q :- How do I know the path that a packet takes to the
destination?
use "tracert" command-line
Q :- What is DHCP? What are the benefits and drawbacks
of using it?
Benefits:
1. DHCP minimizes configuration errors caused by manual IP address
configurationDHCP minimizes configuration
errors caused by manual IP address
configuration
2. Reduced network administration.
Disadvantage
Your
machine name does not change when you get a new IP address. The DNS (Domain Name
System) name is
associated with your IP address and therefore does change.
This only presents a problem if other clients try to access
your machine by
its DNS name.
Benefits:
1. DHCP minimizes configuration errors caused by
manual IP address configurationDHCP minimizes configuration
errors caused by
manual IP address configuration
2. Reduced network administration.
Disadvantage
Your machine name does not change when you get a new IP address.
The DNS (Domain Name System) name is
associated with your IP address and
therefore does change. This only presents a problem if other clients try to
access
your machine by its DNS name.
Q :- Describe the steps taken by the
client and DHCP server in order to obtain an IP address.
At least one DHCP
server must exist on a network. Once the DHCP server software is installed, you
create a DHCP scope, which is a pool of IP addresses that the server manages.
When clients log on,
they request an IP address from the server, and the
server provides an IP address from its pool of available addresses. DHCP was
originally defined in RFC 1531 (Dynamic Host Configuration Protocol,
October
1993) but the most recent update is RFC 2131 (Dynamic Host Configuration
Protocol, March 1997). The IETF Dynamic Host Configuration (dhc) Working Group
is chartered to produce a
protocol for automated allocation, configuration,
and management of IP addresses and TCP/IP protocol stack
parameters.
Q :- What is the DHCPNACK and when do I get one? Name 2
scenarios.
Recently I saw a lot of queries regarding when the Microsoft DHCP server issues
a NAK to DHCP clients.
For simplification purposes, I am listing down the
possible scenarios in which the server should NOT issue a NAK.
This should
give you a good understanding of DHCP NAK behavior.
When a DHCP server
receives a DHCPRequest with a previously assigned address specified, it first
checks to see if it
came from the local segment by checking the GIADDR field.
If it originated from the local segment, the DHCP
server compares the
requested address to the IP address and subnet mask belonging to the local
interface that received
the request.
DHCP server will issue a NAK to the
client ONLY IF it is sure that the client, "on the local subnet", is asking for
an
address that doesn't exist on that subnet.
The server will send a NAK
EXCEPT in the following scenarios:-
1. Requested address from possibly the
same subnet but not in the address pool of the server:-
This can be the
failover scenario in which 2 DHCP servers are serving the same subnet so that
when one goes down,
the other should not NAK to clients which got an IP from
the first server.
2. Requested address on a different subnet:- If the Address
is from the same superscope to which the subnet belongs,
DHCP server will ACK
the REQUEST.
Q :- What ports are used by DHCP and the DHCP
clients?
Requests are on UDP port 68, Server replies on UDP 67
double check. these are
reversed.
Q :- D escribe the process of installing a DHCP server in an AD
infrastructure .
Terms you'll need to understand:
DHCP
Lease
duration
Scopes
Superscopes
Multicast scopes
Scope options
Techniques you'll need to master:
Installing DHCP
Understanding the DHCP
lease process
Creating scopes, superscopes, and multicast scopes
Configuring the lease duration
Configuring optional IP parameters that can be
assigned to DHCP clients
Understanding how DHCP interacts with DNS
Configuring DHCP for DNS integration
Authorizing a DHCP server in Active
Directory
Managing a DHCP server
Monitoring a DHCP server
Introduction
The TCP/IP protocol is an Active Directory operational
requirement. This means that all computers on Windows
2000 network require a
unique IP address to communicate with the Active Directory. Static IP addresses
can
add a lot of administrative overhead. Not only can management of static
IP addresses become time consuming,
but such management also increases the
chances of misconfigured parameters. Imagine having to manually type
10,000
IP addresses and not make a single error. The Dynamic Host Configuration
Protocol (DHCP) can be
implemented to centralize the administration of IP
addresses. Through DHCP, many of the tasks associated
with IP addressing can
be automated. However, implementing DHCP also introduces some security
issues
because anyone with physical access to the network can plug in a
laptop and obtain IP information about the
internal network.
In this
chapter, you'll learn how to implement a DHCP server, including the installation
process, authorization of the
server, and the configuration of DHCP scopes.
The chapter ends by looking at how to manage a DHCP server and
monitor its
performance.
Q :- What is DHCPINFORM?
DHCPInform is a DHCP message used by DHCP clients to obtain DHCP options. While
PPP remote access clients
do not use DHCP to obtain IP addresses for the
remote access connection, Windows 2000 and Windows 98 remote
access clients
use the DHCPInform message to obtain DNS server IP addresses, WINS server IP
addresses, and a
DNS domain name. The DHCPInform message is sent after the
IPCP negotiation is concluded.
The DHCPInform message received by the remote
access server is then forwarded to a DHCP server. The remote
access server
forwards DHCPInform messages only if it has been configured with the DHCP Relay
Agent..
Q :- D escribe the integration between DHCP and DNS.
Traditionally, DNS and DHCP servers have been configured and managed one at a
time. Similarly, changing
authorization rights for a particular user on a
group of devices has meant visiting each one and making configuration
changes. DHCP integration with DNS allows the aggregation of these tasks across
devices, enabling a company's
network services to scale in step with the
growth of network users, devices, and policies, while reducing
administrative
operations and costs.
This integration provides practical operational
efficiencies that lower total cost of ownership. Creating a DHCP
network
automatically creates an associated DNS zone, for example, reducing the number
of tasks required of
network administrators. And integration of DNS and DHCP
in the same database instance provides unmatched
consistency between service
and management views of IP address-centric network services data.
Windows
Server 2003 DNS supports DHCP by means of the dynamic update of DNS zones. By
integrating DHCP
and DNS in a DNS deployment, you can provide your network
resources with dynamic addressing information stored
in DNS. To enable this
integration, you can use the Windows Server 2003 DHCP service.
The dynamic
update standard, specified in RFC 2136: Dynamic Updates in the Domain Name
System (DNS
UPDATE), automatically updates DNS records. Both Windows Server
2003 and Windows 2000 support dynamic
update, and both clients and DHCP
servers can send dynamic updates when their IP addresses change.
Dynamic
update enables a DHCP server to register address (A) and pointer (PTR) resource
records on behalf of a
DHCP client by using DHCP Client FQDN option 81.
Option 81 enables the DHCP client to provide its FQDN to the
DHCP server. The
DHCP client also provides instructions to the DHCP server describing how to
process DNS
dynamic updates on behalf of the DHCP client.
The DHCP server
can dynamically update DNS A and PTR records on behalf of DHCP clients that are
not capable of
sending option 81 to the DHCP server. You can also configure
the DHCP server to discard client A and PTR records
when the DHCP client
lease is deleted. This reduces the time needed to manage these records manually
and provides
support for DHCP clients that cannot perform dynamic updates. In
addition, dynamic update simplifies the setup of
Active Directory by enabling
domain controllers to dynamically register SRV resource records.
If the DHCP
server is configured to perform DNS dynamic updates, it performs one of the
following actions:
The DHCP server updates resource records at the request of
the client. The client requests the DHCP server to update
the DNS PTR record
on behalf of the client, and the client registers A.
The DHCP server updates
DNS A and PTR records regardless of whether the client requests this action or
not.
By itself, dynamic update is not secure because any client can modify
DNS records. To secure dynamic updates, you
can use the secure dynamic update
feature provided in Windows Server 2003. To delete outdated records, you can
use the DNS server aging and scavenging feature.
Q :- What options in DHCP do you regularly use for an
MS network?
Automatic providing IP address
Subnet mask
DNS server
Domain name
Default getaway or router
Q :- What are User Classes and Vendor Classes in
DHCP?
Microsoft Vendor Classes
The following list contains pre-defined vendor
classes that are available in Windows 2000 DHCP server.
Collapse this
tableExpand this table
Class
Data
Class
Name
Description
MSFT
5.0 Microsoft Windows 2000 options Class that includes all Windows 2000
DHCP
clients. MSFT 98 Microsoft Windows 98 options Class that includes all
Windows
98 and Microsoft Windows Millennium Edition (Me) DHCP clients. MSFT
Microsoft
options Class that includes all Windows 98, Windows Me, and Windows
2000 DHCP
clients.
If you have non-Microsoft DHCP clients, you can define
other vendor-specific classes on the DHCP server. When
you define such
classes, make sure the vendor class identifier that you define matches the
identifier used by the
clients.
Back to the top
User Classes
The
following list contains pre-defined user classes that are available in Windows
2000 DHCP server.
Collapse this tableExpand this table
Class
ID
Class
Type
Description
Unspecified Default user class All DHCP clients
that have no user class specified.
RRAS.Microsoft Default Routing and Remote
Access class All Dial-Up Networking
(DUN) clients. Bootp Default Bootp class
All Bootp clients
In addition to these pre-defined classes, you can also add
custom user classes for Windows 2000 DHCP clients.
When you configure such
classes, you must specify a custom identifier that corresponds to the user class
defined on
the DHCP server.
For additional information about how to create
other user and vendor classes, click the article number below to view
the
article in the Microsoft Knowledge Base
Q :- How do I configure a client machine to use a
specific User Class?
The command to configure a client machine to use a specific user class is
ipconfig /setclassid "<Name of your Network card>" <Name of the class
you created on DHCP and you want to join
(Name is case sensitive)>
Eg:
ipconfig /setclassid " Local Area Network" Accounting
Q :- What is the BOOTP protocol used for, where might
you find it in Windows network infrastructure?
BootP (RFC951) provides a unique IP address to the requester (using port 67)
similar to the DHCP request on port 68
AND can provide (where supported) the
ability to boot a system without a hard drive (ie: a diskless client)
Apple
OS X 10.* Server supports BootP (albeit) renamed as NetBoot. The facility allows
the Admin to maintain a
selected set of configurations as boot images and
then assign sets of client systems to share(or boot from) that image.
For
example Accounting, Management, and Engineering departments have elements in
common, but which can be
unique from other departments. Performing upgrades
and maintenance on three images is far more productive that
working on all
client systems individually.
Startup is obviously network intensive, and
beyond 40-50 clients, the Admin needs to
carefully subnet the infrastructure,
use gigabit switches, and host the images local to the clients to avoid
saturating the
network. This will expand the number of BootP servers and
multiply the number of images, but the productivity of 1
BootP server per 50
clients is undeniable :)
Sunmicro, Linux, and AIX RS/600 all support
BootP.
Todate, Windows does not support booting "diskless
clients".
Q :- DNS zones – describe the differences between the 4
types.
Dns zone is actual file which contains all the records for a specific
domain.
i)Forward Lookup Zones :-
This zone is responsible to resolve host
name to ip.
ii)Reverse Lookup Zones :-
This zone is responsible to resolve
ip to host name.
iii)Stub Zone :-
Stubzone is read only copy of primary
zone.but it contains only 3 records viz
the SOA for the primary zone, NS
record and a Host (A) record.
Q :- DNS record types – describe the most important
ones.
Type of Record What it does
A (Host) Classic resource record. Maps hostname to IP(ipv4)
PTR Maps IP to
hostname (Reverse of A (Host)
AAAA Maps hostname to ip (ipv6)
Cname
Canonical name, in plain English an alias.such as
Web Server,FTP Server, Chat
Server
NS Identifies DNS name servers. Important for forwarders
MX Mail
servers, particularly for other domains.MX records required to deliver internet
email.
_SRV Required for Active Directory. Whole family of
underscore
service,records, for example, gc = global catalog.
SOA Make a point of
finding the Start of Authority (SOA) tab at the
DNS Server.
For more
knowledge
Srv records :- A SRV or Service Record is a category of data in the
DNS specifying information on available
services. When looking up for a
service, you must first lookup the SRV Record for the service to see which
server
actually handles it. Then it looks up the Address Record for the
server to connect to its IP Address.
Authoritative Name Server [NS] Record
:-A Zone should contain one NS Record for each of its own DNS servers
(primary and secondary). This mostly is used for Zone Transfer purposes
(notify). These NS Records have the same
name as the Zone in which they are
located.
SOA :-This record is used while syncronising data between multiple
computers.A given zone must have precisely
one SOA record which contains Name
of Primary DNS Server,Mailbox of the Responsible Person,Serial Number:
Used
by Secondary DNS Servers to check if the Zone has changed. If the Serial Number
is higher than what the
Secondary Server has, a Zone Transfer will be
initiated,Refresh Interval: How often Secondary DNS Servers should
check if
changes are made to the zone,Retry Interval: How often Secondary DNS Server
should retry checking, if
changes are made - if the first refresh
fails,Expire Interval: How long the Zone will be valid after a refresh.
Secondary
Servers will discard the Zone if no refresh could be made within
this interval.Minimum (Default) TTL: Used as the
default TTL for new Records
created within the zone. Also used by other DNS Server to cache negative
responses
(such as Record does not exist, etc.).
Q :- Describe the process of working with an external
domain name
Serving Sites with External Domain Name Servers
If you host Web sites on this
server and have a standalone DNS server acting as a primary (master) name server
for
your sites, you may want to set up your control panel's DNS server to
function as a secondary (slave) name server:
To make the control panel's DNS
server act as a secondary name server:
Go to Domains > domain name >
DNS Settings (in the Web Site group).
Click Switch DNS Service Mode.
Specify the IP address of the primary (master) DNS server.
Click Add.
Repeat steps from 1 to 5 for each Web site that needs to have a secondary name
server on this machine.
To make the control panel's DNS server act as a
primary for a zone:
Go to Domains > domain name > DNS Settings (in the
Web Site group).
Click Switch DNS Service Mode. The original resource records
for the zone will be restored.
If you host Web sites on this server and rely
entirely on other machines to perform the Domain Name Service for
your sites
(there are two external name servers - a primary and a secondary), switch off
the control panel's DNS
service for each site served by external name
servers.
To switch off the control panel's DNS service for a site served by
an external name server:
Go to Domains > domain name > DNS Settings (in
the Web Site group).
Click Switch Off the DNS Service in the Tools group.
Turning the DNS service off for the zone will refresh the
screen, so that
only a list of name servers remains.
Note: The listed name server records
have no effect on the system. They are only presented on the screen as
clickable
links to give you a chance to validate the configuration of the
zone maintained on the external authoritative name
servers.
Repeat the
steps from 1 to 3 to switch off the local domain name service for each site
served by external name
servers.
If you wish to validate the configuration
of a zone maintained on authoritative name servers:
Go to Domains > domain
name > DNS Settings (in the Web Site group).
Add to the list the entries
pointing to the appropriate name servers that are authoritative for the zone:
click Add,
specify a name server, and click OK. Repeat this for each name
server you would like to test.
The records will appear in the list.
Click
the records that you have just created. Parallels Plesk Panel will retrieve the
zone file from a remote name
server and check the resource records to make
sure that domain's resources are properly resolved.
The results will be
interpreted and displayed on the screen.
Q :- Describe the importance of DNS to
AD.
When you install Active Directory on a server, you promote the server to the
role of a domain controller for a
specified domain. When completing this
process, you are prompted to specify a DNS domain name for the Active
Directory domain for which you are joining and promoting the server.If during
this process, a DNS server
authoritative for the domain that you specified
either cannot be located on the network or does not support the DNS
dynamic
update protocol, you are prompted with the option to install a DNS server. This
option is provided because a
DNS server is required to locate this server or
other domain controllers for members of an Active Directory
domain
Q :- Describe a few methods of finding an MX record for
a remote domain on the Internet.
In order to find MX Records for SMTP domains you can use Command-line tools such
as NSLOOKUP or DIG. You
can also use online web services that allow you to
perform quick searches and display the information in a convenient
manner.
Q :- What does "Disable Recursion" in DNS
mean?
In the Windows 2000/2003 DNS console (dnsmgmt.msc), under a server's Properties
-> Forwarders tab is the
setting Do not use recursion for this domain. On
the Advanced tab you will find the confusingly similar option
Disable
recursion (also disables forwarders).
Recursion refers to the action of a DNS
server querying additional DNS servers (e.g. local ISP DNS or the root DNS
servers) to resolve queries that it cannot resolve from its own database. So
what is the difference between these
settings?
The DNS server will
attempt to resolve the name locally, then will forward requests to any DNS
servers specified as
forwarders. If Do not use recursion for this domain is
enabled, the DNS server will pass the query on to forwarders,
but will not
recursively query any other DNS servers (e.g. external DNS servers) if the
forwarders cannot resolve the
query.
If Disable recursion (also disables
forwarders) is set, the server will attempt to resolve a query from its own
database
only. It will not query any additional servers.
If neither of
these options is set, the server will attempt to resolve queries normally:
... the local database is queried
... if an entry is not found, the request
is passed to any forwarders that are set
... if no forwarders are set, the
server will query servers on the Root Hints tab to resolve queries beginning at
the root
domains.
Q :- What could cause the Forwarders and Root Hints to
be grayed out?
Win2K configured your DNS server as a private root server
Q :- What is a "Single Label domain name" and what sort
of issues can it cause?
Single-label names consist of a single word like "contoso".
• Single-label
DNS names cannot be registered by using an Internet registrar.
• Client
computers and domain controllers that joined to single-label domains require
additional configuration to
dynamically register DNS records in single-label
DNS zones. • Client computers and domain controllers may require
additional
configuration to resolve DNS queries in single-label DNS zones.
• By default,
Windows Server 2003-based domain members, Windows XP-based domain members, and
Windows
2000-based domain members do not perform dynamic updates to
single-label DNS zones.
• Some server-based applications are incompatible
with single-label domain names. Application support may not
exist in the
initial release of an application, or support may be dropped in a future
release. For example, Microsoft
Exchange Server 2007 is not supported in
environments in which single-label DNS is used.
• Some server-based
applications are incompatible with the domain rename feature that is supported
in Windows
Server 2003 domain controllers and in Windows Server 2008 domain
controllers. These incompatibilities either block
or complicate the use of
the domain rename feature when you try to rename a single-label DNS name to a
fully
qualified domain name.
Q :- What is the "in-addr.arpa" zone used
for?
When creating DNS records for your hosts, A records make sense. After all, how
can the world find your mail server
unless the IP address of that server is
associated with its hostname within a DNS database? However, PTR records
aren't as easily understood. If you already have a zone file, why does there
have to be a separate in-addr.arpa zone
containing PTR records matching your
A records? And who should be making those PTR records--you or your
provider?
Let's start by defining in-addr.arpa. .arpa is actually a TLD like .com or .org.
The name of the TLD comes
from Address and Routing Parameter Area and it has
been designated by the IANA to be used exclusively for Internet
infrastructure purposes. In other words, it is an important zone and an integral
part of the inner workings of DNS. The
RFC for DNS (RFC 1035) has an entire
section on the in-addr.arpa domain. The first two paragraphs in that section
state the purpose of the domain: "The Internet uses a special domain to support
gateway location and Internet address
to host mapping. Other classes may
employ a similar strategy in other domains. The intent of this domain is to
provide a guaranteed method to perform host address to host name mapping, and to
facilitate queries to locate all
gateways on a particular network in the
Internet. Note that both of these services are similar to functions that could
be
performed by inverse queries; the difference is that this part of the
domain name space is structured according to
address, and hence can guarantee
that the appropriate data can be located without an exhaustive search of the
domain
space." In other words, this zone provides a database of all allocated
networks and the DNS reachable hosts within
those networks. If your assigned
network does not appear in this zone, it appears to be unallocated. And if your
hosts
don't have a PTR record in this database, they appear to be unreachable
through DNS. Assuming an A record exists
for a host, a missing PTR record may
or may not impact on the DNS reachability of that host, depending upon the
applications running on that host. For example, a mail server will definitely be
impacted as PTR records are used in
mail header checks and by most anti-SPAM
mechanisms. Depending upon your web server configuration, it may also
depend
upon an existing PTR record. This is why the DNS RFCs recommend that every A
record has an associated
PTR record. But who should make and host those PTR
records? Twenty years ago when you could buy a full Class C
network address
(i.e. 254 host addresses) the answer was easy: you. Remember, the in-addr.arpa
zone is concerned
with delegated network addresses. In other words, the owner
of the network address is authoritative (i.e. responsible)
for the host PTR
records associated with that network address space. If you only own one or two
host addresses
within a network address space, the provider you purchased
those addresses from needs to host your PTR records as
the provider is the
owner of (i.e. authoritative for) the network address. Things are a bit more
interesting if you have
been delegated a CIDR block of addresses. The
in-addr.arpa zone assumes a classful addressing scheme where a
Class A
address is one octet (or /8), a Class B is 2 octets (or /16) and a Class C is 3
octets (or /24). CIDR allows for
delegating address space outside of these
boundaries--say a /19 or a /28. RFC 2317 provides a best current practice
for
maintaining in-addr.arpa with these types of network allocations. Here is a
summary regarding PTR records: •
Don't wait until users complain about DNS
unreachability--be proactive and ensure there is an associated PTR record
for
every A record. • If your provider hosts your A records, they should also host
your PTR records. • If you only
have one or two assigned IP addresses, your
provider should host your PTR records as they are authoritative for the
network those hosts belong to. • If you own an entire network address (e.g. a
Class C address ending in 0), you are
responsible for hosting your PTR
records. • If you are configuring an internal DNS server within the private
address
ranges (e.g. 10.0.0.0 or 192.168.0.0), you are responsible for your
own internal PTR records. • Remember: the key to
PTR hosting is knowing who
is authoritative for the network address for your domain. When in doubt, it
probably is
not you.
Q:-DNS requirements for installing Active
Directory
When you install Active Directory on a member server, the member server is
promoted to a domain controller. Active
Directory uses DNS as the location
mechanism for domain controllers, enabling computers on the network to
obtain
IP addresses of domain controllers.
During the installation of
Active Directory, the service (SRV) and address (A) resource records are
dynamically
registered in DNS, which are necessary for the successful
functionality of the domain controller locator (Locator)
mechanism.
To
find domain controllers in a domain or forest, a client queries DNS for the SRV
and A DNS resource records of
the domain controller, which provide the client
with the names and IP addresses of the domain controllers. In this
context,
the SRV and A resource records are referred to as Locator DNS resource
records.
When adding a domain controller to a forest, you are updating a DNS
zone hosted on a DNS server with the Locator
DNS resource records and
identifying the domain controller. For this reason, the DNS zone must allow
dynamic
updates (RFC 2136) and the DNS server hosting that zone must support
the SRV resource records (RFC 2782) to
advertise the Active Directory
directory service. For more information about RFCs, see DNS RFCs.
If the DNS
server hosting the authoritative DNS zone is not a server running Windows 2000
or Windows Server
2003, contact your DNS administrator to determine if the
DNS server supports the required standards. If the server
does not support
the required standards, or the authoritative DNS zone cannot be configured to
allow dynamic
updates, then modification is required to your existing DNS
infrastructure.
For more information, see Checklist: Verifying DNS before
installing Active Directory and Using the Active
Directory Installation
Wizard.
Important
• The DNS server used to support Active Directory must
support SRV resource records for the Locator mechanism to
function. For more
information, see Managing resource records.
• It is recommended that the DNS
infrastructure allows dynamic updates of Locator DNS resource records (SRV
and
A) before installing Active Directory, but your DNS administrator may add
these resource records manually after
installation.
After installing
Active Directory, these records can be found on the domain controller in the
following location:
systemroot\System32\Config\Netlogon.dns
Q :- How do you manually create SRV records in
DNS?
this is on windows server
go to run ---> dnsmgmt.msc
rightclick on the
zone you want to add srv record to and choose "other new record"
and choose
service location(srv).....
Q :- N ame 3 benefits of using AD-integrated
zones.
1. you can give easy name resolution to ur clients.
2. By creating AD-
integrated zone you can also trace hacker and spammer by creating reverse
zone.
3. AD integrated zoned all for incremental zone transfers which on
transfer changes and not the entire zone. This
reduces zone transfer
traffic.
4. AD Integrated zones suport both secure and dmanic updates.
5.
AD integrated zones are stored as part of the active directory and support
domain-wide or forest-wide replication
through application pertitions in
AD.
Q :- What are the benefits of using Windows 2003 DNS
when using AD-integrated zones?
Advantages:
DNS supports Dynamic registration of SRV records registered by a
Active Directory server or a domain controller
during promotion. With the
help of SRV records client machines can find domain controllers in the
network.
1. DNS supports Secure Dynamic updates. Unauthorized access is
denied.
2. Exchange server needs internal DNS or AD DNS to locate Global
Catalog servers.
3. Active Directory Integrated Zone. If you have more than
one domain controller (recommended) you need not
worry about zone
replication. Active Directory replication will take care of DNS zone replication
also.
4. If your network use DHCP with Active Directory then no other DHCP
will be able to service client requests
coming from different network. It is
because DHCP server is authorized in AD and will be the only server to
participate on network to provide IP Address information to client machines.
5. Moreover, you can use NT4 DNS with Service Pack 4 or later. It supports both
SRV record registration and
Dynamic Updates.
Using Microsoft DNS gives
the following benefits:
If you implement networks that require secure
updates.
If you want to take benefit of Active Directory replication.
If
you want to integrate DHCP with DNS for Low-level clients to register their Host
records in Zone database.
Q :- You installed a new AD domain and the new (and
first) DC has not registered its SRV records in DNS.
Name a few possible causes.
The machine cannot be configured with DNS client
her own
The DNS service cannot be run
Q :- What are the benefits and scenarios of using Stub
zones?
One of the new features introduced in the Windows Server 2003-based
implementation of DNS are stub zones. Its
main purpose is to provide name
resolution in domains, for which a local DNS server is not authoritative. The
stub
zone contains only a few records: - Start of Authority (SOA) record
pointing to a remote DNS server that is
considered to be the best source of
information about the target DNS domain, - one or more Name Server (NS)
records (including the entry associated with the SOA record), which are
authoritative for the DNS domain
represented by the stub zone, -
corresponding A records for each of the NS entries (providing IP addresses of
the
servers). While you can also provide name resolution for a remote domain
by either creating a secondary zone (which
was a common approach in Windows
Server 2000 DNS implementation) or delegation (when dealing with a
contiguous
namespace), such approach forces periodic zone transfers, which are not needed
when stub zones are
used. Necessity to traverse network in order to obtain
individual records hosted on the remote Name Servers is
mitigated to some
extent by caching process, which keeps them on the local server for the duration
of their Time-toLive
(TTL) parameter. In addition, records residing in a stub
zone are periodically validated and refreshed in order to
avoid lame
delegations.
Q :- What are the benefits and scenarios of using
Conditional Forwarding?
The benefits are speed up name resolution in certain scenarios. According to
research that is forwarded to the correct
server or with specific speed. And
down where DNS queries are sent in specific areas.
Q :- What are the differences between Windows
Clustering, Network Load Balancing and Round Robin, and
scenarios for each
use?
I will make a few assumptions here: 1) By "Windows Clustering Network Load
Balancing" you mean Windows
Network Load Balancing software included in
Windows Server software a.k.a NLB., and 2) By Round Robin, you
mean DNS Round
Robin meaning the absence of a software or hardware load balancing device, or
the concept of the
Round Robin algorithm available in just about every load
balancing solution.
Microsoft NLB is designed for a small number (4 - 6) of
Windows Servers and a low to moderate number of new
connections per second,
to provide distribution of web server requests to multiple servers in a virtual
resource pool.
Some would call this a "cluster", but there are suttle
differences between a clustered group of devices and a more
loosely
configured virtual pool. From the standpoint of scalability and performance,
almost all hardware load
balancing solutions are superior to this and other
less known software load balancing solutions [e.g. Bright Tiger
circa
1998].
DNS Round Robin is an inherent load balancing method built into DNS.
When you resolve an IP address that has
more than one A record, DNS hands out
different resolutions to different requesting local DNS servers. Although
there are several factors effecting the exact resulting algorithm (e.g. DNS
caching, TTL, multiple DNS servers
[authoritative or cached]), I stress the
term "roughly" when I say it roughly results in an even distribution of
resolutions to each of the addresses specified for a particular URL. It does not
however, consider availability,
performance, or any other metric and is
completely static. The basic RR algorithm is available in many software and
hardware load balancing solutions and simply hands the next request to the next
resource and starts back at the first
resource when it hits the last
one.
NLB is based on proprietary software, meant for small groups of Windows
servers only on private networks, and is
dynamic in nature (takes into
account availability of a server, and in some cases performance). "Round Robin",
DNS
or otherwise, is more generic, static in nature (does not take into
account anything but the resource is a member of the
resource pool and each
member is equal), and ranges from DNS to the default static load balancing
method on every
hardware device in the market.
Q :- How do I clear the DNS cache on the DNS
server?
To clear DNS Cache do the following:
1. Start
2. Run
3. Type "cmd" and
press enter
4. In the command window type "ipconfig /flushdns"
5.a If done
correctly it should say "Successfully flushed the DNS Resolver Cache."
5.b If
you receive an error "Could not flush the DNS Resolver Cache: Function failed
during execution.", follow the
Microsoft KB Article 919746 to enable the
cache. The cache will be empty however this will allow successful cacheflush
in future.
Q :- What is the 224.0.1.24 address used
for?
WINS server group address. Used to support autodiscovery and dynamic
configuration of replication for WINS
servers. For more information, see
WINS replication overview
WINS server group address. Used to support
autodiscovery and dynamic configuration of replication for WINS
servers. For
more information, see WINS replication overview
by following the below
link
Q :- What is WINS and when do we use
it?
WINS is windows internet name service who is use for
resolved the
NetBIOS(computer name)name to IP address.This
is proprietary for Windows.You
can use in LAN.
DNS is a Domain Naming System, which resolves Host names
to
IP addresses. It uses fully qualified domain names. DNS is an Internet
standard used to resolve host names
Q :- Can you have a Microsoft-based network without any
WINS server on it? What are the "considerations"
regarding not using
WINS?
Yes, you can. WINS was designed to speed up information flow about the Windows
workstations in a network. It
will work without it, and most networks do not
utilize WINS servers anymore because it is based on an old protocol
(NetBUI)
which is no longer in common use.
Q :- Describe the differences between WINS push and
pull replications.
To replicate database entries between a pair of WINS servers, you must configure
each WINS server as a pull partner,
a push partner, or both with the other
WINS server.
A push partner is a WINS server that sends a message to its pull
partners, notifying them that it has new WINS
database entries. When a WINS
server's pull partner responds to the message with a replication request, the
WINS
server sends (pushes) copies of its new WINS database entries (also
known as replicas) to the requesting pull partner.
A pull partner is a WINS
server that pulls WINS database entries from its push partners by requesting any
new WINS
database entries that the push partners have. The pull partner
requests the new WINS database entries that have a
higher version number than
the last entry the pull partner received during the most recent
replication.
Q :- Wh at is the difference between tombstoning a WINS
record and simply deleting it?
Simple deletion removes the records that are
selected in the WINS console only from the local WINS server you
are
currently managing. If the WINS records deleted in this way exist in WINS data
replicated to other WINS servers on
your network, these additional records
are not fully removed. Also, records that are simply deleted on only one
server
can reappear after replication between the WINS server where simple
deletion was used and any of its replication
partners.
Tombstoning marks
the selected records as tombstoned, that is, marked locally as extinct and
immediately released
from active use by the local WINS server. This method
allows the tombstoned records to remain present in the server
database for
purposes of subsequent replication of these records to other servers. When the
tombstoned records are
replicated, the tombstone status is updated and
applied by other WINS servers that store replicated copies of these
records.
Each replicating WINS server then updates and tombstones
Q :- Name the NetBIOS names you might expect from a
Windows 2003 DC that is registered in WINS.
54 name the netbios names you might expect from a windows 2003 dc that is
registered in wins
Q :- What are router interfaces? What types can they
be?
Router
Interfaces
Routers can have many different types of connectors; from
Ethernet, Fast Ethernet, and Token Ring to Serial and
ISDN ports. Some of the
available configurable items are logical addresses (IP,IPX), media types,
bandwidth, and
administrative commands. Interfaces are configured in
interface mode which you get to from global configuration
mode after logging
in.
Logging in to the Router
Depending on the port you're using, you might
have to press enter to get the prompt to appear (console port). The first
prompt will look like Routername> the greater than sign at the prompt tell
you that you are in user mode. In user
mode you can only view limited
statistics of the router in this mode. To change configurations you first need
to enter
privileged EXEC mode. This is done by typing enable at the
Routername> prompt, the prompt then changes to
Routername#. This mode
supports testing commands, debugging commands, and commands to manage the
router
configuration files. To go back to user mode, type disable at the
Routername# prompt. If you want to leave
completely, type logout at the user
mode prompt. You can also exit from the router while in privileged mode by
typing exit or logout at the Routername# prompt.
Global Configuration
Mode
Enter this mode from the privileged mode by typing configure terminal or
(conf t for short). The prompt will
change to Routername(config)#. Changes
made in this mode change the running-config file in DRAM. Use
configure
memory to change the startup-config in NVRAM. Using configure network allows you
to change the
configuration file on a TFTP server. If you change the memory
or network config files, the router has to put them
into memory (DRAM) in
order to work with them, so this will change your router's current
running-config file.
Interfaces mode
While in global configuration mode
you can make changes to individual interfaces with the command
Routername(config)#interface ethernet 0 or Routername(config)#int e0 for short,
this enters the interface
configuration mode for Ethernet port 0 and changes
the prompt to look like Routername(config-if)#.
Bringing Up Interfaces
If
an interface is shown administratively down when the show interface command is
given in privileged EXEC
mode, use the command no shutdown to enable the
interface while in interface configuration mode.
Setting IP Addresses
In
global configuration mode, enter the interface configuration mode
(Routername(config)#int e0) and use the
command Routername(config-if)#ip
address [ip address] [network mask]. If it is the first time using the
interface, also use the no shutdown command to enable and bring up the
interface.
Router_2(config)#int e0
Router_2(config-if)#ip address
192.168.1.1 255.255.255.0
Router_2(config-if)#no shutdown
Secondary IP
Addresses
You can add another IP address to an interface with the secondary
command. The syntax is the same as setting an IP
address except you add
secondary to the end of it. Using secondary interfaces, it allows you to specify
2 IP addresses
for 1 interface. Use subinterfaces instead, since they allow
for more than 2 IP addresses on an interface and
secondaries will probably be
replaced soon.
Subinterfaces
In global configuration mode you can create
virtual interfaces (subinterfaces), so at the prompt Routername(config)#
type
int e0.1 and the prompt will change to Routername(config-subif)#. For all
practical purposes there isn't a limit
to the amount of subinterfaces an
interface can have.
Show Interfaces
To view information about an
interface, use the command:
Router_2#show interface e0
Ethernet0 is up,
line protocol is up
Hardware is Lance, address is 0000.cc34.ec7d (bia
0000.cc34.ec7d)
Internet address is 192.168.1.1/24
MTU 1500 bytes, BW
10000 Kbit, DLY 1000 usec, rely 255/255, load 1/255
Encapsulation ARPA,
loopback not set, keepalive set (10 sec)
ARP type: ARPA, ARP Timeout
04:00:00
Last input never, output 00:00:07, output hang never
Last
clearing of "show interface" counters never
Queueing strategy: fifo
Output
queue 0/40, 0 drops; input queue 0/75, 0 drops
5 minute input rate 0
bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0
packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants,
0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 input packets with dribble condition detected
614 packets output, 58692
bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0
babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0
output buffer failures, 0 output buffers swapped out
Interface Problems
When using the command show interface [type #] interface problems can be seen
and appropriate action taken.
Message Solution
Ethernet0 is up, line
protocol is up None needed, interface working properly
Ethernet0 is up, line
protocol is down
Clocking or framing problem, check clock rate and
encapsulation
type on both routers
Ethernet0 is down, line protocol is
down
Cable or interface problem, check interfaces on both ends to ensure
they aren't shutdown
Ethernet0 is administratively down, line
protocol is
down
The interface has been shutdown, use the no shutdown command in
the
interface's configuration mode
Serial Interfaces
The serial interface is
usually attached to a line that is attached to a CSU/DSU that provides clocking
rates for the
line. However, if two routers are connected together, one of
the serial interfaces must act as the DCE device
and provide clocking. The
DCE end of the cable is the side of the cable that has a female connector where
it
connects to the other cable. The clocking rate on the DCE device is set in
interface configuration mode with
the commands:
Router3(config)#int
s0
Router3(config-if)#clock rate ?
Speed (bits per second)
1200
2400
4800
9600
19200
38400
56000
64000
72000
125000
148000
250000
500000
800000
1000000
1300000
2000000
4000000
< 300-8000000> Choose clockrate from list above
Router3(config-if)#clock rate 56000
Bandwidth
Cisco routers ship with T1
(1.544 mbps) bandwidth rates on their serial interfaces. Some routing protocols
use the
bandwidth of links to determine the best route. The bandwidth setting
is irrelevant with RIP routing. Bandwidth is
set with the bandwidth command
and ranges from 1 - 10000000 kilobits per second.
Router3(config)#int s0
Router3(config-if)#bandwidth ?
< 1-10000000> Bandwidth in kilobits
Router3(config-if)#bandwidth 10000000
Saving Changes
Any time you make
changes and want them saved over the next reboot, you need to copy the
running-config to the
startup-config in NVRAM. Use the command:
Router3#copy run start
You can see either of the files by using the
commands:
Router3#show run
Router3#show start
To erase the startup file
use the command:
Router3#erase start
Show Controllers
Tells you
information about the physical interface itself, it also gives you the cable
type and whether it is a DTE or
DCE interface. Syntax is:
Router_2#show
controllers s 1
*Note there is a space between the s and the
1.
Q :- What is NAT?
NAT (Network Address Translation) is a technique for preserving scarce Internet
IP addresses
Q :- What is the real difference between NAT and
PAT?
NAT is a feature of a router that will translate IP addresses. When a packet
comes in, it will be rewritten in order to
forward it to a host that is not
the IP destination. A router will keep track of this translation, and when the
host sends
a reply, it will translate back the other way.
PAT translates
ports, as the name implies, and likewise, NAT translates addresses. Sometimes
PAT is also called
Overloaded NAT
Q :- How do you configure NAT on Windows
2003?
To configure the Routing and Remote Access and the Network Address Translation
components, your computer must
have at least two network interfaces: one
connected to the Internet and the other one connected to the internal
network. You must also configure the network translation computer to use
Transport Control Protocol/Internet
Protocol (TCP/IP).
If you use dial-up
devices such as a modem or an Integrated Services Digital Network (ISDN) adapter
to connect to
the Internet, install your dial-up device before you configure
Routing and Remote Access.
Use the following data to configure the TCP/IP
address of the network adapter that connects to the internal network:
TCP/IP
address: 192.168.0.1
Subnet mask: 255.255.255.0
No default gateway
Domain Name System (DNS) server: provided by your Internet service provider
(ISP)
Windows Internet Name Service (WINS) server: provided by your ISP
Use the following data to configure the TCP/IP address of the network adapter
that connects to the external network:
TCP/IP address: provided by your
ISP
subnet mask: provided by your ISP
default gateway: provided by your
ISP
DNS server: provided by your ISP
WINS server: provided by your ISP
Before you continue, verify that all your network cards or all your dial-up
adapters are functioning correctly.
Q:-Configure Routing and Remote
Access
To activate Routing and Remote Access, follow these steps:
Click Start, point
to All Programs, point to Administrative Tools, and then click Routing and
Remote Access.
Right-click your server, and then click Configure and Enable
Routing and Remote Access.
In the Routing and Remote Access Setup Wizard,
click Next, click Network address translation (NAT), and then
click Next.
Click Use this public interface to connect to the Internet, and then click the
network adapter that is connected to
the Internet. At this stage you have
the option to reduce the risk of unauthorized access to your network. To do
so,
click to select the Enable security on the selected interface by setting
up Basic Firewall check box.
Examine the selected options in the Summary box,
and then click Finish.
Q:-Configure dynamic IP address assignment for private
network clients
You can configure your Network Address Translation computer to act as a Dynamic
Host Configuration Protocol
(DHCP) server for computers on your internal
network. To do so, follow these steps:
Click Start, point to All Programs,
point to Administrative Tools, and then click Routing and Remote Access.
Expand your server node, and then expand IP Routing.
Right-click NAT/Basic
Firewall, and then click Properties.
In the NAT/Basic Firewall Properties
dialog box, click the Address Assignment tab.
Click to select the
Automatically assign IP addresses by using the DHCP allocator check box. Notice
that default
private network 192.168.0.0 with the subnet mask of 255.255.0.0
is automatically added in the IP address and the
Mask boxes. You can keep the
default values, or you can modify these values to suit your network.
If your
internal network requires static IP assignment for some computers -- such as for
domain controllers or for
DNS servers -- exclude those IP addresses from the
DHCP pool. To do this, follow these steps:
Click Exclude.
In the Exclude
Reserved Addresses dialog box, click Add, type the IP address, and then click
OK.
Repeat step b for all addresses that you want to exclude.
Click
OK.
Q:-Configure name resolution
To configure name resolution, follow these steps:
Click Start, point to All
Programs, point to Administrative Tools, and then click Routing and Remote
Access.
Right-click NAT/Basic Firewall, and then click Properties.
In the
NAT/Basic Firewall Properties dialog box, click the Name Resolution tab.
Click to select the Clients using Domain Name System (DNS) check box. If you use
a demand-dial interface to
connect to an external DNS server, click to select
the Connect to the public network when a name needs to be
resolved check box,
and then click the appropriate dial-up interface in the list.
Q :- H ow do you allow inbound traffic for specific
hosts on Windows 2003 NAT?
You
can use the Windows Server 2003 implementation of IPSec to compensate for the
limited protections provided
by applications for network traffic, or as a
network-layer foundation of a defense-in-depth strategy. Do not use IPSec
as
a replacement for other user and application security controls, because it
cannot protect against attacks from within
established and trusted
communication paths. Your authentication strategy must be well defined and
implemented for
the potential security provided by IPSec to be realized,
because authentication verifies the identity and trust of the
computer at the
other end of the connection.
Q :- Wh at is VPN? What types of VPN does Windows 2000
and beyond work with natively?
The virtual private network (VPN) technology included in Windows Server 2003
helps enable cost-effective, secure
remote access to private networks. VPN
allows administrators to take advantage of the Internet to help provide the
functionality and security of private WAN connections at a lower cost. In
Windows Server 2003, VPN is enabled
using the Routing and Remote Access
service. VPN is part of a comprehensive network access solution that
includes
support for authentication and authorization services, and advanced
network security technologies.
There are two main strategies that help
provide secure connectivity between private networks and enabling network
access for remote users.
Dial-up or leased line connections
A dial-up or
leased line connection creates a physical connection to a port on a remote
access server on a private
network. However, using dial-up or leased lines to
provide network access is expensive when compared to the cost of
providing
network access using a VPN connection.
VPN connections
VPN connections use
either Point-to-Point Tunneling Protocol (PPTP) or Layer Two Tunneling
Protocol/Internet
Protocol security (L2TP/IPSec) over an intermediate
network, such as the Internet. By using the Internet as a
connection medium,
VPN saves the cost of long-distance phone service and hardware costs associated
with using
dial-up or leased line connections. A VPN solution includes
advanced security technologies such as data encryption,
authentication,
authorization, and Network Access Quarantine Control.
Note
Network Access
Quarantine Control is used to delay remote access to a private network until the
configuration of the
remote access computer has been examined and
validated.
Using VPN, administrators can connect remote or mobile workers
(VPN clients) to private networks. Remote users
can work as if their
computers are physically connected to the network. To accomplish this, VPN
clients can use a
Connection Manager profile to initiate a connection to a
VPN server. The VPN server can communicate with an
Internet Authentication
Service (IAS) server to authenticate and authorize a user session and maintain
the connection
until it is terminated by the VPN client or by the VPN server.
All services typically available to a LAN-connected
client (including file
and print sharing, Web server access, and messaging) are enabled by VPN.
VPN
clients can use standard tools to access resources. For example, clients can use
Windows Explorer to make drive
connections and to connect to printers.
Connections are persistent: Users do not need to reconnect to network
resources during their VPN sessions. Because drive letters and universal naming
convention (UNC) names are fully
supported by VPN, most commercial and
custom applications work without modification.
VPN Scenarios
Virtual
private networks are point-to-point connections across a private or public
network such as the Internet. A
VPN client uses special TCP/IP-based
protocols, called tunneling protocols, to make a virtual call to a virtual port
on
a VPN server. In a typical VPN deployment, a client initiates a virtual
point-to-point connection to a remote access
server over the Internet. The
remote access server answers the call, authenticates the caller, and transfers
data
between the VPN client and the organization’s private network.
To
emulate a point-to-point link, data is encapsulated, or wrapped, with a header.
The header provides routing
information that enables the data to traverse the
shared or public network to reach its endpoint. To emulate a private
link,
the data being sent is encrypted for confidentiality. Packets that are
intercepted on the shared or public network
are indecipherable without the
encryption keys. The link in which the private data is encapsulated and
encrypted is
known as a VPN connection.
A VPN Connection
There are two
types of VPN connections:
Remote access VPN
Site-to-site VPN
Remote
Access VPN
Remote access VPN connections enable users working at home or on
the road to access a server on a private network
using the infrastructure
provided by a public network, such as the Internet. From the user’s perspective,
the VPN is a
point-to-point connection between the computer (the VPN client)
and an organization’s server. The exact
infrastructure of the shared or
public network is irrelevant because it appears logically as if the data is sent
over a
dedicated private link.
Site-to-Site VPN
Site-to-site VPN
connections (also known as router-to-router VPN connections) enable
organizations to have routed
connections between separate offices or with
other organizations over a public network while helping to maintain
secure
communications. A routed VPN connection across the Internet logically operates
as a dedicated WAN link.
When networks are connected over the Internet, as
shown in the following figure, a router forwards packets to
another router
across a VPN connection. To the routers, the VPN connection operates as a
data-link layer link.
A site-to-site VPN connection connects two portions of
a private network. The VPN server provides a routed
connection to the network
to which the VPN server is attached. The calling router (the VPN client)
authenticates
itself to the answering router (the VPN server), and, for
mutual authentication, the answering router authenticates
itself to the
calling router. In a site-to site VPN connection, the packets sent from either
router across the VPN
connection typically do not originate at the
routers.
VPN Connecting Two Remote Sites Across the Internet
VPN
Connection Properties
PPTP-based VPN and L2TP/IPSec-based VPN connection
properties are described in the following sections.
Encapsulation
VPN
technology provides a way of encapsulating private data with a header that
allows the data to traverse the
network.
Authentication
There are
three types of authentication for VPN connections:
User authentication
For
the VPN connection to be established, the VPN server authenticates the VPN
client attempting the connection
and verifies that the VPN client has the
appropriate permissions. If mutual authentication is being used, the VPN
client also authenticates the VPN server, providing protection against
masquerading VPN servers.
The user attempting the PPTP or L2TP/IPSec
connection is authenticated using Point-to-Point (PPP)-based user
authentication protocols such as Extensible Authentication Protocol-Transport
Layer Security (EAP-TLS), Microsoft
Challenge-Handshake Authentication
Protocol (MS-CHAP), Microsoft Challenge-Handshake Authentication
Protocol
version 2 (MS-CHAP v2), Shiva Password Authentication Protocol (SPAP), and
Password Authentication
Protocol (PAP). For PPTP connections, you must use
EAP-TLS, MS-CHAP, or MS-CHAP v2. EAP-TLS using smart
cards or MS-CHAP v2 is
highly recommended, as they provide mutual authentication and are the most
secure
methods of exchanging credentials.
Computer authentication with
L2TP/IPSec
By performing computer-level authentication with IPSec, L2TP/IPSec
connections also verify that the remote access
client computer is
trusted.
Data authentication and integrity
To verify that the data being
sent on an L2TP/IPSec VPN connection originated at the other end of the
connection
and was not modified in transit, L2TP/IPSec packets include a
cryptographic checksum based on an encryption key
known only to the sender
and the receiver.
Data Encryption
Data can be encrypted for protection
between the endpoints of the VPN connection. Data encryption should always
be
used for VPN connections where private data is sent across a public network such
as the Internet. Data that is not
encrypted is vulnerable to unauthorized
interception. For VPN connections, Routing and Remote Access uses
Microsoft
Point-to-Point Encryption (MPPE) with PPTP and IPSec encryption with L2TP.
Address and Name Server Allocation
When a VPN server is configured, it
creates a virtual interface that represents the interface on which all VPN
connections are made. When a VPN client establishes a VPN connection, a virtual
interface is created on the VPN
client that represents the interface
connected to the VPN server. The virtual interface on the VPN client is
connected
to the virtual interface on the VPN server, creating the
point-to-point VPN connection.
The virtual interfaces of the VPN client and
the VPN server must be assigned IP addresses. The assignment of these
addresses is done by the VPN server. By default, the VPN server obtains IP
addresses for itself and VPN clients using
the Dynamic Host Configuration
Protocol (DHCP). Otherwise, a static pool of IP addresses can be configured
to
define one or more address ranges, with each range defined by an IP
network ID and a subnet mask or start and end
IP addresses.
Name server
assignment, the assignment of Domain Name System (DNS) and Windows Internet Name
Service
(WINS) servers to the VPN connection, also occurs during the process
of establishing the VPN connection.
Tunneling Overview
Tunneling is a
method of using a network infrastructure to transfer data for one network over
another network. The
data (or payload) to be transferred can be the frames
(or packets) of another protocol. Instead of sending a frame as it
is
produced by the originating node, the tunneling protocol encapsulates the frame
in an additional header. The
additional header provides routing information
so that the encapsulated payload can traverse the intermediate
network.
The encapsulated packets are then routed between tunnel endpoints over the
network. The logical path through which
the encapsulated packets travel
through the network is called a tunnel. After the encapsulated frames reach
their
destination on the network, the frame is de-encapsulated (the header is
removed) and the payload is forwarded to its
final destination. Tunneling
includes this entire process (encapsulation, transmission, and de-encapsulation
of
packets).
Tunneling
Tunneling Protocols
Tunneling enables the
encapsulation of a packet from one type of protocol within the datagram of a
different
protocol. For example, VPN uses PPTP to encapsulate IP packets over
a public network such as the Internet. A VPN
solution based on either PPTP or
L2TP can be configured.
PPTP and L2TP depend heavily on the features
originally specified for PPP. PPP was designed to send data across
dial-up or
dedicated point-to-point connections. For IP, PPP encapsulates IP packets within
PPP frames and then
transmits the encapsulated PPP-packets across a
point-to-point link. PPP was originally defined as the protocol to use
between a dial-up client and a network access server (NAS).
PPTP
PPTP
allows multiprotocol traffic to be encrypted and then encapsulated in an IP
header to be sent across an
organization’s IP network or a public IP network
such as the Internet. PPTP encapsulates Point-to-Point Protocol
(PPP) frames
in IP datagrams for transmission over the network. PPTP can be used for remote
access and site-to-site
VPN connections. PPTP is documented in RFC 2637 in
the IETF RFC Database.
PPTP uses a TCP connection for tunnel management and a
modified version of Generic Routing Encapsulation
(GRE) to encapsulate PPP
frames for tunneled data. The payloads of the encapsulated PPP frames can be
encrypted,
compressed, or both. The following figure shows the structure of a
PPTP packet containing an IP datagram.
Structure of a PPTP Packet Containing
an IP Datagram
When using the Internet as the public network for VPN, the
PPTP server is a PPTP-enabled VPN server with one
interface on the Internet
and a second interface on the intranet.
L2TP
L2TP allows multiprotocol
traffic to be encrypted and then sent over any medium that supports
point-to-point
datagram delivery, such as IP, X.25, frame relay, or
asynchronous transfer mode (ATM). L2TP is a combination of
PPTP and Layer 2
Forwarding (L2F), a technology developed by Cisco Systems, Inc. L2TP represents
the best
features of PPTP and L2F. L2TP encapsulates PPP frames to be sent
over IP, X.25, frame relay, or ATM networks.
When configured to use IP as its
datagram transport, L2TP can be used as a tunneling protocol over the
Internet.
L2TP is documented in RFC 2661 in the IETF RFC Database.
L2TP
over IP networks uses User Datagram Protocol (UDP) and a series of L2TP messages
for tunnel management.
L2TP also uses UDP to send L2TP-encapsulated PPP
frames as tunneled data. The payloads of encapsulated PPP
frames can be
encrypted, compressed, or both, although the Microsoft implementation of L2TP
does not use MPPE to
encrypt the PPP payload. The following figure shows the
structure of an L2TP packet containing an IP datagram.
Structure of an L2TP
Packet Containing an IP Datagram
L2TP with IPSec (L2TP/IPSec)
In the
Microsoft implementation of L2TP, IPSec Encapsulating Security Payload (ESP) in
transport mode is used to
encrypt L2TP traffic. The combination of L2TP (the
tunneling protocol) and IPSec (the method of encryption) is
known as
L2TP/IPSec. L2TP/IPSec is described in RFC 3193 in the IETF RFC Database.
The
result after applying ESP to an IP packet containing an L2TP message is shown in
the following figure.
Encryption of L2TP Traffic with IPSec ESP
Routing
for VPN
Routing for remote access and site-to-site VPN connections is
described in the following sections.
Routing for Remote Access VPN
Connections
Conventional routing occurs between routers over either LAN-based
shared access technologies, such as Ethernet or
Token Ring, or WAN-based
point-to-point technologies, such as T1 or frame relay.
Default Routing
The preferred method for directing packets to a remote network is to create a
default route on the remote access client
that directs packets to the remote
network (the default configuration for VPN remote access clients). Any packet
that
is not intended for the neighboring LAN segment is sent to the remote
network. When a connection is made, the
remote access client, by default,
adds a default route to its routing table and increases the metric of the
existing
default route to ensure that the newest default route is used. The
newest default route points to the new connection,
which ensures that any
packets that are not addressed to the local LAN segment are sent to the remote
network.
Under this configuration, when a VPN client connects and creates a
new default route, Internet sites that have been
accessible are no longer
accessible (unless Internet access is available through the organization’s
intranet). This poses
no problem for remote VPN clients that require access
only to the organization’s network. However, it is not
acceptable for remote
clients that need access to the Internet while they are connected to the
organization’s network.
Split Tunneling
Split tunneling enables remote
access VPN clients to route corporate-based traffic over the VPN connection
while
sending Internet-based traffic using the user’s local Internet
connection. This prevents the use of corporate bandwidth
for access to
Internet sites.
However, a split tunneling implementation can introduce a
security issue. If a remote access client has reachability to
both the
Internet and a private organization network simultaneously, the possibility
exists that the Internet connection
could be exploited to gain access to the
private organization network through the remote access client.
Securitysensitive
companies can choose to use the default routing model to
help ensure that all VPN client communications
are protected by the corporate
firewall.
Routing for Site-to-Site VPN Connections
With conventional WAN
technologies, IP packets are forwarded between two routers over a physical or
logical pointto-
point connection. This connection is dedicated to the
customer across a private data network that is provided by the
WAN service
provider.
With the advent of the Internet, packets can now be routed between
routers that are connected to the Internet across a
virtual connection that
emulates the properties of a dedicated, private, point-to-point connection. This
type of
connection is known as a site-to-site VPN connection. Site-to-site
VPN connections can be used to replace expensive
long-haul WAN links with
short-haul WAN links to a local Internet service provider (ISP).
A
site-to-site VPN connection connects two portions of a private network. The VPN
server provides a routed
connection to the network to which the VPN server is
attached. On a site-to-site VPN connection, the packets sent
from either
router across the VPN connection typically do not originate at the routers.
To facilitate routing between the sites, each VPN server and the routing
infrastructure of its connected site must have
a set of routes that
represent the address space of the other site. These routes can be added
manually, or routing
protocols can be used to automatically add and maintain
a set of routes.
Site-to-Site Routing Protocols
There are two routing
protocols that can be used in a site-to-site VPN deployment:
Routing
Information Protocol (RIP)
Open Shortest Path First (OSPF)
RIP
RIP is
designed for exchanging routing information within a small to medium-size
network. RIP routers dynamically
exchange routing table entries.
The
Windows Server 2003 implementation of RIP has the following features:
The
ability to select which RIP version to run on each interface for incoming and
outgoing packets.
Split-horizon, poison-reverse, and triggered-update
algorithms that are used to avoid routing loops and speed
recovery of the
network when topology changes occur.
Route filters for choosing which
networks to announce or accept.
Peer filters for choosing which router’s
announcements are accepted.
Configurable announcement and route-aging
timers.
Simple password authentication support.
The ability to disable
subnet summarization.
OSPF
OSPF is designed for exchanging routing
information within a large or very large network. Instead of exchanging
routing table entries like RIP routers, OSPF routers maintain a map of the
network that is updated after any change to
the network topology. This map,
called the link state database, is synchronized between all the OSPF routers and
is
used to compute the routes in the routing table. Neighboring OSPF routers
form an adjacency, which is a logical
relationship between routers to
synchronize the link state database.
VPN and Firewalls Overview
The
routing service supports a variety of inbound and outbound packet-filtering
features that block certain types of
traffic. The filtering options include
the following: TCP port, UDP port, IP protocol ID, Internet Control Message
Protocol (ICMP) type, ICMP code, source address, and destination address. A VPN
server can be placed behind a
firewall or in front of a firewall. These two
approaches are described in the following sections.
VPN Server Behind a
Firewall
In the most common configuration, the firewall is connected to the
Internet, and the VPN server is an intranet
resource that is attached to the
perimeter network. The VPN server has an interface on both the perimeter
network
and the intranet. In this scenario, the firewall must be configured
with input and output filters on its Internet interface
that allow tunnel
maintenance traffic and tunneled data to pass to the VPN server. Additional
filters can allow traffic
to pass to Web, FTP, and other types of servers on
the perimeter network. For an additional layer of security, the
VPN server
should also be configured with PPTP or L2TP/IPSec packet filters on its
perimeter network interface.
VPN Server in Front of a Firewall
When the
VPN server is in front of the firewall and connected to the Internet, packet
filters must be added to the VPN
server’s Internet interface to allow only
VPN traffic to and from the IP address of that interface.
For inbound
traffic, when the tunneled data is decrypted by the VPN server, it is forwarded
to the firewall. Through
the use of its filters, the firewall allows the
traffic to be forwarded to intranet resources. Because the only traffic that
crosses the VPN server is generated by authenticated VPN clients, in this
scenario, firewall filtering can be used to
prevent VPN users from accessing
specific intranet resources. Because Internet traffic allowed on the intranet
must
pass through the VPN server, this approach also prevents the sharing of
FTP or Web intranet resources with non-VPN
Internet users.
Technologies
Related to VPN
Integrating VPN with the other network infrastructure
components is an important part of VPN design and
implementation. VPN has to
be integrated with directory, authentication, and security services, as well as
with IP
address assignment and name server assignment services. Without
proper design, VPN clients are unable to obtain
proper IP addresses and
resolve intranet names, and packets cannot be forwarded between VPN clients and
intranet
resources.
VPN-related technologies are described in the
following sections:
Connection Manager
DHCP
EAP-RADIUS
IAS
Name
Server Assignment (DNS and WINS)
NAT
Connection Manager
Connection
Manager is a service profile that can be used to provide customized remote
access to a network through a
VPN connection. The advanced features of
Connection Manager are a superset of basic dial-up networking.
Connection
Manager provides support for local and remote connections by using a network of
points of presence
(POPs), such as those available worldwide through ISPs.
Windows Server 2003 includes a set of tools that enable a
network manager to
deliver pre-configured connections to network users. These tools are:
The
Connection Manager Administration Kit (CMAK)
Connection Point Services
(CPS)
CMAK
A network administrator can tailor the appearance and behavior
of a connection made with Connection Manager by
using CMAK. With CMAK, an
administrator can develop client dialer and connection software that allows
users to
connect to the network by using only the connection features that
the administrator defines for them. Connection
Manager supports a variety of
features that both simplify and enhance implementation of connection support,
most of
which can be incorporated using the Connection Manager Administration
Kit Wizard.
CMAK enables administrators to build profiles that customize the
Connection Manager installation package so that it
reflects an organization’s
identity. CMAK allows administrators to determine which functions and features
to include
and how Connection Manager appears to end-users. Administrators
can do this by using the CMAK wizard to build
custom service profiles.
CPS
Connection Point Services (CPS) automatically distributes and updates
custom phone books. These phone books
contain one or more Point of Presence
(POP) entries, with each POP supplying a telephone number that provides
dialup
access to an Internet access point for VPN connections. The phone
books give users complete POP information, so
when they travel they can
connect to different Internet POPs rather than being restricted to a single
POP.
Without the ability to update phone books (a task CPS handles
automatically), users would have to contact their
organization’s technical
support staff to be informed of changes in POP information and to reconfigure
their clientdialer
software. CPS has two components:
Phone Book
Administrator
Phone Book Service
Phone Book Administrator
Phone Book
Administrator is a tool used to create and maintain the phone book database and
to publish new phone
book information to the Phone Book Service.
Phone
Book Service
The Phone Book Service runs on an IIS server and responds to
requests from Connection Manager clients to verify
the current version of
subscribers’ or corporate employees’ current phone books and, if necessary,
downloads a phone
book update to the Connection Manager client.
DHCP
For both PPTP and L2TP connections, the data being tunneled is a PPP frame. A
PPP connection must be established
before data can be sent. The VPN server
must have IP addresses available in order to assign them to a VPN server’s
virtual interface and to VPN clients during the IP Control Protocol (IPCP)
negotiation phase that is part of the process
of establishing a PPP
connection. The IP address assigned to a VPN client is also assigned to the
virtual interface of
that VPN client.
For Windows Server 2003-based VPN
servers, the IP addresses assigned to VPN clients are obtained through DHCP
by default. A static IP address pool can also be configured. DHCP is also used
by remote access VPN clients to
obtain additional configuration settings
after the PPP connection is established.
EAP-RADIUS
EAP-RADIUS is the
passing of EAP messages of any EAP type by an authenticator to a Remote
Authentication DialIn
User Service (RADIUS) server for authentication. For
example, for a remote access server that is configured for
RADIUS
authentication, the EAP messages sent between the remote access client and
remote access server are
encapsulated and formatted as RADIUS messages
between the remote access server (the authenticator) and the
RADIUS server
(the authenticator).
EAP-RADIUS is used in environments where RADIUS is the
authentication provider. An advantage of using EAPRADIUS
is that EAP types
only need to be installed at the RADIUS server, not at each remote access
server. In the
case of an IAS server, only EAP types need to be
installed.
In a typical use of EAP-RADIUS, a server running Routing and
Remote Access is configured to use EAP and to use
an IAS server for
authentication. When a connection is made, the remote access client negotiates
the use of EAP with
the remote access server. When the client sends an EAP
message to the remote access server, the remote access
server encapsulates
the EAP message as a RADIUS message and sends it to its configured IAS server.
The IAS
server processes the EAP message and sends a RADIUS-encapsulated EAP
message back to the remote access
server. The remote access server then
forwards the EAP message to the remote access client. In this configuration,
the
remote access server is only a pass-through device. All processing of EAP
messages occurs at the remote access
client and the IAS server.
Routing
and Remote Access can be configured to authenticate locally or to a RADIUS
server. If Routing and Remote
Access is configured to authenticate locally,
all EAP methods will be authenticated locally. If Routing and Remote
Access
is configured to authenticate to a RADIUS server, then all EAP messages will be
forwarded to the RADIUS
server with EAP-RADIUS.
IAS
The VPN server can
be configured to use either Windows or RADIUS as an authentication provider. If
Windows is
selected as the authentication provider, the user credentials sent
by users attempting VPN connections are
authenticated using typical Windows
authentication mechanisms, and the connection attempt is authorized using
local
remote access policies.
If RADIUS is selected and configured as the
authentication provider on the VPN server, user credentials and
parameters of
the connection request are sent as RADIUS request messages to a RADIUS
server.
The RADIUS server receives a user-connection request from the VPN
server and authenticates and authorizes the
connection attempt. In addition
to a yes or no response to an authentication request, RADIUS can inform the
VPN
server of other applicable connection parameters for this user such as
maximum session time, static IP address
assignment, and so on.
RADIUS can
respond to authentication requests based on its own user account database, or it
can be a front end to
another database server, such as a Structured Query
Language (SQL) server or a Windows domain controller (DC).
The DC can be
located on the same computer as the RADIUS server, or elsewhere. In addition, a
RADIUS proxy can
be used to forward requests to a remote RADIUS server.
IAS is the Windows implementation of a RADIUS server and proxy.
Name Server
Assignment (DNS and WINS)
Name server assignment, the assignment of Domain
Name System (DNS) and Windows Internet Name Service
(WINS) servers, occurs
during the process of establishing a VPN connection. The VPN client obtains the
IP
addresses of the DNS and WINS servers from the VPN server for the intranet
to which the VPN server is attached.
The VPN server must be configured with
DNS and WINS server addresses to assign to the VPN client during IPCP
negotiation. For NetBIOS name resolution, you do not have to use WINS and can
enable the NetBIOS over TCP/IP
(NetBT) proxy on the VPN server.
NAT
A
network address translator (NAT) translates the IP addresses and Transmission
Control Protocol/User Datagram
Protocol (TCP/UDP) port numbers of packets
that are forwarded between a private network and the Internet. The
NAT on the
private network can also provide IP address configuration information to the
other computers on the
private network.
PPTP-based VPN clients can be
located behind a NAT if the NAT includes an editor that can translate PPTP
packets.
PPTP-based VPN servers can be located behind a NAT if the NAT is
configured with static mappings for PPTP
traffic. If the L2TP/IPSec-based VPN
clients or servers are positioned behind a NAT, both client and server must
support IPSec NAT traversal (NAT-T).
L2TP (layer 2 tunneling protocol )
vpn server is also know as L2TP server in native mode & in
PPTP in mixed
mode
Q :- What is IAS? In what scenarios do we use
it?
Internet Authentication Service
IAS is deployed in these common
scenarios:
1)Dial-up corporate access.
2)Outsourced corporate access
through service providers.
3)Internet access.
Q :- What's the difference between Mixed mode and
Native mode in AD when dealing with RRAS?
The Mixed mode is for networks that have Windows 98/ME in addition to Windows
2000/XP/2003 clients. Mixed
mode requires the RAC (Remote Application
Client) to be installed for proper communication with the clients. The
Native
mode is for networks that consist only of Windows 2000/XP/2003 clients. The CMS
server communicates
natively with the clients using Windows networking
features that aren't available in 98/ME clients. The RAC program
is not
needed. If you have no or few 98/ME clients, choose this
option.
Q :- What are Conditions and Profile in RRAS
Policies?
Remote access policies are an ordered set of rules that define whether remote
access connection attempts are either
authorized or rejected. Each rule
includes one or more conditions (which identifies the criteria), a set of
profile
settings (to be applied on the connection attempt), and a permission
setting (grant or deny) for remote access. This
can be compared like a brain
of the door-keeper (VPN server) which allows entry to your network from
outside.
Remote access policy decides who can access what resources from
where using what tunnel settings. So configuring
proper set of policies are
important.
Q :- How does SSL work?
Secure Sockets Layer uses a cryptographic system that encrypts data with two
keys.
When a SSL Digital Certificate is installed on a web site, users can
see a padlock icon at the bottom area of the
navigator. When an Extended
Validation Certificates is installed on a web site, users with the latest
versions of
Firefox, Internet Explorer or Opera will see the green address
bar at the URL area of the navigator.
Q :- How does IPSec work?
IPSec is an Internet Engineering Task Force (IETF) standard suite of protocols
that provides data authentication,
integrity, and confidentiality as data is
transferred between communication points across IP networks. IPSec provides
data security at the IP packet level. A packet is a data bundle that is
organized for transmission across a network, and
it includes a header and
payload (the data in the packet). IPSec emerged as a viable network security
standard
because enterprises wanted to ensure that data could be securely
transmitted over the Internet. IPSec protects against
possible security
exposures by protecting data while in transit
Q :- How do I deploy IPSec for a large number of
computers?
Just use this program Server and Domain Isolation Using IPsec and Group
Policy
Q :- What types of authentication can IPSec
use?
Deploying L2TP/IPSec-based Remote Access
Deploying L2TP-based remote access
VPN connections using Windows Server 2003 consists of the following:
* Deploy
certificate infrastructure
* Deploy Internet infrastructure
* Deploy AAA
infrastructure
* Deploy VPN servers
* Deploy intranet infrastructure
*
Deploy VPN clients
Implantando L2TP/IPSec-based Acesso Remoto
Implantando
L2TP com base em conexões VPN de acesso remoto usando o Windows Server 2003 é
constituÃda pelos
seguintes elementos:
* Implantar certificado
infra-estrutura
* Implantar infra-estrutura Internet
* Implantar
infra-estrutura AAA
* Implementar VPN servidores
* Implantar intranet
infra-estrutura
* Implementar clientes VPN
Q :- What is PFS (Perfect Forward Secrecy) in
IPSec?
In an authenticated key-agreement protocol that uses public key cryptography,
perfect forward secrecy (or PFS) is
the property that ensures that a session
key derived from a set of long-term public and private keys will not be
compromised if one of the (long-term) private keys is compromised in the
future.
Forward secrecy has been used as a synonym for perfect forward
secrecy
[1]
, since the term perfect has been
controversial in this
context. However, at least one reference
[2]
distinguishes perfect forward
secrecy from forward
secrecy with the additional property that an agreed key
will not be compromised even if agreed keys derived from the
same long-term
keying material in a subsequent run are compromised.
Q :- How do I monitor IPSec?
To test the IPSec policies, use IPSec Monitor. IPSec Monitor (Ipsecmon.exe)
provides information about which
IPSec policy is active and whether a secure
channel between computers is established.
Q :- Looking at IPSec-encrypted traffic with a sniffer.
What packet types do I see?
You can see the packages to pass, but you can not see its contents
IPSec
Packet Types
IPSec packet types include the authentication header (AH) for
data integrity and the encapsulating security payload
(ESP) for data
confidentiality and integrity.
The authentication header (AH) protocol
creates an envelope that provides integrity, data origin identification and
protection against replay attacks. It authenticates every packet as a defense
against session-stealing attacks. Although
the IP header itself is outside
the AH header, AH also provides limited verification of it by not allowing
changes to
the IP header after packet creation (note that this usually
precludes the use of AH in NAT environments, which
modify packet headers at
the point of NAT). AH packets use IP protocol 51.
The encapsulating security
payload (ESP) protocol provides the features of AH (except for IP header
authentication),
plus encryption. It can also be used in a null encryption
mode that provides the AH protection against replay attacks
and other such
attacks, without encryption or IP header authentication. This can allow for
achieving some of the
benefits of IPSec in a NAT environment that would not
ordinarily work well with IPSec. ESP packets use IP protocol
50.
Q :- What can you do with NETSH?
Netsh is a command-line scripting utility that allows you to, either locally or
remotely, display, modify or script
the network configuration of a computer
that is currently running.
Usage: netsh [-a AliasFile] [-c Context] [-r
RemoteMachine]
[Command | -f ScriptFile]
The following commands are
available:
Commands in this context:
? - Displays a list of commands.
add - Adds a configuration entry to a list of entries.
delete - Deletes a
configuration entry from a list of entries.
dump - Displays a configuration
script.
exec - Runs a script file.
help - Displays a list of commands.
interface - Changes to the `interface' context.
ras - Changes to the `ras'
context.
routing - Changes to the `routing' context.
set - Updates
configuration settings.
show - Displays information.
The following
subcontexts are available:
routing interface ras
To view help for a
command, type the command, followed by a space, and then
type
?.
Q :- How do I look at the open ports on my
machine?
Windows: Open a command prompt (Start button -> Run-> type "cmd"), and
type:
netstat -a
Linux: Open an SSH session and type:
netstat –an
===========================================================================================
1. As system administrator, you type ³debug ipx sap´ and receive the following lines as part of the IOS
response: type 0×4, ³HELLO2<, 199.0002.0003.0006 (451), 2 hops type 0×4, ³HELLO1<,
199.0002.0003.0008 (451), 2 hops What does ³0×4< signify?
* That is a Get Nearest Server response.
* That it is a General query.
* That it is a General response.
* That it is a Get Nearest Server request.
Correct answer: A
2. To monitor IP igrp traffic, you can use ³debug IP igrp transaction´ or ³debug IP igrp events´. How do you
display information about IPX routing update packets?
* debug routing
* debug ipx transaction
* debug ipx routing activity
* debug ipx events
Correct answer: C
3. To monitor ipx traffic on a network, what command would you use?
* debug ipx transaction
* show ipx traffic
* show ipx events
* display ipx traffic
Correct answer: B
4. What command would you use to find out the names of Novell servers on a network?
* show ipx servers
* show ipx hosts
* show ipx sap
* show ipx nodes.
Correct answer: A
5. The ³ipx delay number´ command will allow an administrator to change the default settings. What are the
default settings?
* For LAN interfaces, one tick; for WAN interfaces, six ticks
* For LAN interfaces, six ticks; for WAN interfaces, one tick
* For LAN interfaces, zero ticks; for WAN interfaces, five ticks
* For LAN interfaces, five ticks; for WAN interfaces, zero Ticks
Correct answer: A
The default is±for LAN interfaces, one tick; for WAN interfaces, six ticks
6. As a system administrator, you need to set up one Ethernet interface on the Cisco router to allow for both
sap and Novell-ether encapsulations. Which set of commands will accomplish this?
* interface ethernet 0.1 ipx encapsulation Novell-ether ipx network 9e interface ethernet 0.2 ipx network
6c
* interface ethernet 0 ipx encapsulation Novell-ether ipx network 9e interface ethernet 0 ipx encapsulation
sap ipx network 6c
* interface ethernet 0.1 ipx encapsulation Novell-ether interface ethernet 0.2 ipx encapsulation sap
* interface ethernet 0.1ipx encapsulation Novell-ether ipx network 9e interface ethernet 0.2 ipx
encapsulation sap ipx network 6c
Correct answer: D
The following commands setup the subinterfaces to allow for two types of encapsulation: interface ethernet
0.1 ipx encapsulation Novell-ether ipx network 9e interface ethernet 0.2 ipx encapsulation sap ipx network
6c
7. What does the ³IPX maximum-paths 2< command accomplish?
* It enables load sharing on 2 paths if the paths are equal metric paths.
* It sets up routing to go to network 2.
* It is the default for Cisco IPX load sharing.
* It enables load sharing on 2 paths if the paths are unequal metric paths.
Correct answer: A
It enables load sharing on 2 paths if the paths are equal metric paths. The default is 1 path and the
maximum is 512 paths.
8. You want to enable both arpa and snap encapsulation on one router interface. How do you do this?
* The interface can handle multiple encapsulation types with no extra configuration.
* Assign two network numbers, one for each encapsulation type.
* Enable Novell-ether to run multiple encapsulation types.
* Both arpa and snap are enabled by default so you don¶t have to configure anything.
Correct answer: B
To assign multiple network numbers, you usually use subinterfaces. A sample configuration follows: ipx
ethernet 0.1 ipx encapsulation novell-ether ipx network 9e interface ethernet 0.2 ipx encapsulation sap ipx
network 6c
By default, Cisco routers forward GNS SAPs to remote networks.
* False
* True
Correct answer: A
GNS is Novell¶s protocol to Get Nearest Server. If there is a server on the local network, that server will
respond. If there isn¶t, the Cisco router has to be configured to forward the GNS SAP.
9. To prevent Service Advertisements (SAPs) from flooding a network, Cisco routers do not forward them. How
are services advertised to other networks?
* Each router builds its own SAP table and forwards that every 60 seconds.
* Each router assigns a service number and broadcasts that.
* SAPs aren¶t necessary with Cisco routers.
* Cisco routers filter out all SAPs.
Correct answer: A
Cisco routers build SAP tables and forward the table every 60 seconds. All SAPs can¶t be filtered even with
4.x since NDS and time synchronization uses SAPs.
10.
Novell¶s implementation of RIP updates routing tables every ____ seconds.
* 60
* 90
* 10
* 30
Correct answer: A
Novell¶s RIP updates routing tables every 60 seconds, Apple¶s RTMP is every 10 seconds, routers ARP
every 60 seconds, IGRP signal every 90 seconds, and Banyan VINES signals every 90 seconds.
11. In Novell¶s use of RIP, there are two metrics used to make routing decisions. Select the two metrics.
* Ticks.
* Hops
* Loops
* Counts
Correct answer: A &B
It first uses ticks (which is about 1/18 sec.); if there is a tie, it uses hops; if hops are equal, then it uses an
administratively assigned tiebreaker.
12.
What is the Cisco name for the encapsulation type used on a serial interface?
* HDLC
* SDLC
* SAP
* SNAP
Correct answer: A
13.
³arpa´ is used by the Cisco IOS for which encapsulation types?
* Ethernet_II
* Ethernet_802.3
* Ethernet_802.2
* Ethernet_SNAP
Correct answer: A
14.
Novell¶s IPX and Cisco¶s IOS name their protocols differently. Cisco uses sap for Ethernet_802.2, Token-
Ring, and Novell¶s FDDI_802.2. Cisco uses snap for Ethernet_SNAP, Token-Ring_SNAP, and
FDDI_SNAP. Cisco uses arpa for Ethernet_II and, finally the default is Novell-ether for Novell¶s
Ethernet_802.3. ³snap´ is used by the Cisco IOS for which encapsulation types?
* Ethernet_SNAP
* Token-Ring_SNAP
* FDDI_SNAP
* Novell-SNAP
* Novell-FDDI.
Correct answer: A,B &C
15.
Novell¶s IPX and Cisco¶s IOS name their protocols differently. Cisco uses sap for Ethernet_802.2, Token-
Ring, and Novell¶s FDDI_802.2. Cisco uses snap for Ethernet_SNAP, Token-Ring_SNAP, and
FDDI_SNAP. Cisco uses arpa for Ethernet_II and, finally the default is Novell-ether for Novell¶s
Ethernet_802.3.15 ³sap´ is used by the Cisco IOS for which encapsulation types?
* Ethernet_802.2
* Token-Ring
* FDDI_SNAP
* Ethernet_802.3
* FDDI_802.2
Correct answer: A,B &E
16.
Novell¶s IPX and Cisco¶s IOS name their protocols differently. Cisco uses sap for Ethernet_802.2, Token-
Ring, and Novell¶s FDDI_802.2. Cisco uses snap for Ethernet_SNAP, Token-Ring_SNAP, and
FDDI_SNAP. Cisco uses arpa for Ethernet_II and, finally the default is Novell-ether for Novell¶s
Ethernet_802.3. Which type of Ethernet framing is used for TCP/IP and AppleTalk?
* Ethernet 802.3
* Ethernet 802.2
* Ethernet II
* Ethernet SNAP
Correct answer: D
Ethernet 802.3 is used with NetWare versions 2 through 3.11, Ethernet 802.2 is used with NetWare 3.12
and later plus OSI routing, Ethernet II is used with TCP/IP and DECnet, and Ethernet SNAP is used with
TCP/IP and AppleTalk.
17.
Which type of Ethernet framing is used for TCP/IP and DECnet?
* Ethernet 802.3
* Ethernet 802.2
* Ethernet II
* Ethernet SNAP
Correct answer: C
Ethernet 802.3 is used with NetWare versions 2 through 3.11, Ethernet 802.2 is used with NetWare 3.12
and later plus OSI routing, Ethernet II is used with TCP/IP and DECnet, and Ethernet SNAP is used with
TCP/IP and AppleTalk.
18. You are a system administrator on a NetWare network, you are running NetWare 4.11 and you cannot
communicate with your router. What is the likely problem?
* NetWare 4.11 defaults to 802.2 encapsulation.
* NetWare 4.11 defaults to 802.3 encapsulation
* Cisco routers only work with NetWare 3.11.
* NetWare 3.11 defaults to 802.2 encapsulation.
Correct answer: A
The default encapsulation on Cisco routers is Novell Ethernet_802.3 and NetWare 3.12 and later defaults
to 802.2 encapsulation, 3.11 and earlier defaults to 802.3.
19.
NetWare IPX addressing uses a network number and a node number. Which statements are true?
* The network address is administratively assigned and can be up to 16 hexadecimal digits long.
* The node address is always administratively assigned.
* The node address is usually the MAC address.
* If the MAC address is used as the node address, then IPX eliminates the use of ARP.
Correct answer: A, C &D
The network address can be up to 16 hexadecimal digits in length. The node number is 12 hexadecimal
digits. The node address is usually the MAC address. An example IPX address is 4a1d.0000.0c56.de33.
The network part is 4a1d. The node part is 0000.0c56.de33. The network number is assigned by the
system administrator of the Novell network.
20.
Which NetWare protocol works on layer 3±network layerââìâ¼.of the OSI model?
* IPX
* NCP
* SPX
* NetBIOS
Correct answer: A
IPX (Internetwork Packet Exchange) is a NetWare network layer 3 protocol used for transferring
information on LANs.
21.
Which NetWare protocol provides link-state routing?
* NLSP
* RIP
* SAP
* NCP
Correct answer: A
NetWare Link Services Protocol (NLSP) provides link-state routing. SAP (Service Advertisement Protocol)
advertises network services. NCP (NetWare Core Protocol) provides client-to-server connections and
applications. RIP is a distance vector routing protocol.
22. As a system administrator, you want to debug igrp but are worried that the ³debug IP igrp transaction´
command will flood the console. What is the command that you should use?
* debug IP igrp event
* debug IP igrp-events
* debug IP igrp summary
* debug IP igrp events
Correct answer: D
The ³debug IP igrp events´ is used to only display a summary of IGRP routing information. You can
append an IP address onto either command to see only the IGRP updates from a neighbor.
23.
What does the following series of commands accomplish? router igrp 71 network 10.0.0.0 router igrp 109
network 172.68.7.0
* It isolates networks 10.0.0.0 and 172.68.7.0.
* It loads igrp for networks 109 and 71.
* It disables RIP.
* It disables all routing protocols.
Correct answer: A
It isolates network 10.0.0.0 and 172.68.7.0 and associates autonomous systems 109 and 71 with IGRP.
IGRP does not disable RIP, both can be used at the same time.
24.
In the command ³router igrp 109< what does 109 signify?
* an autonomous system
* any network number which the router is attached to
* the allowable length of the routing table
* the network socket number
Correct answer: A
The Cisco IOS global configuration command ³router igrp xxx´ is used to configure the Interior Gateway
Routing Protocol. In this case, the 109 is called the process-id , which can also be used for an autonomous
system number.
25.
IGRP supports a feature that allows traffic to be distributed among up to 6 (4 default) paths to provide
greater overall throughput and reliability. What is this called?
* unequal-cost load balancing
* equal-cost load balancing
* proportionate load balancing
* low cost load balancing
Correct answer: A
An unequal-cost load balancing is used to provide alternate paths for data distribution on an internetwork.
Cisco developed this method to use unused or under utilized links to increase bandwidth and network
availability.
26.
IGRP uses flash updates, poison reverse updates, holddown times, and split horizon. How often does it
broadcast its routing table updates?
* 90 seconds
* 10 seconds
* 30 seconds
* 45 seconds
Correct answer: A
27.
The command ³show IP protocol´ displays which information?
* routing timers
* network information
* contents of the IP routing table
* information about all known network and subnetworks
Correct answer: A & B
³show IP protocol´ displays routing timers and network information. ³show IP route´ displays the routing
table with information about all known networks and subnetworks.
28.
When using RIP, routing updates are broadcast every ____ seconds.
* 30
* 10
* 60
* 90
Correct answer: A
Novell¶s RIP updates routing tables every 60 seconds, Apple¶s RTMP is every 10 seconds, routers ARP
every 60 seconds, DECnet hosts and IGRP signal every 15 seconds, and Banyan VINES signals every 90
seconds.
29. An autonomous system can only exist if all routers in that system meet which criteria?
* interconnected
* run the same routing protocol
* assigned same autonomous system number
* run IGRP only
* run RIP only
Correct answer: A,B &C
An autonomous system is a set of routers and networks under the same administration. Each router must
be interconnected, run the same routing protocol, and assigned the same autonomous system number. The
network Information Center (NIC) assigns a unique autonomous system number to enterprises.
30. A default route is analogous to a _________.
* default gateway
* static route
* dynamic route
* one-way route
Correct answer: A
A default route is analogous to a default gateway. It is used to reduce the length of routing tables and to
provide complete routing capabilities when a router might not know the routes to all other networks.
31.
Routers can learn about destinations through static routes, default, or dynamic routing. By default, a
router will use information derived from __________.
* IGRP
* RIP
* IP
* TCP
Correct answer: A
The quality of information is rated:
Connected interface 0
Static route 1
IGRP 100
RIP 120
Unknown 255
The lower the value, the more reliable the source with 255 signifying information that the router will
ignore. So, the router will use IGRP, rated at 100, before RIP, rated at 120.
32. You are logged into a router, what command would show you the IP addresses of routers connected to you?
* show cdp neighbors detail
* show run
* show neighbors
* show cdp
Correct answer: A
33. As a system administrator, you perform an extended ping at the privileged EXEC prompt. As part of the
display, you see ³Set DF bit in IP header? [yes] :´ What would happen if you answered no at the prompt.
* This lets the router fragment the packet.
* It tells the router not to fragment the packet.
* This lets the router direct the packet to the destination it finds in its routing table.
* It tell the router to send the packet to the next hop router
Correct answer: A
³Set DF bit in IP header?´ is a response to an extended ping at the router. If you answer yes (the default)
the router will not fragment the packet. If you answer no, the router will fragment the packet.
34. You have typed ³ping´ 172.16.101.1 and get the following display: Type escape sequence to abort. Sending 5,
100-byte ICMP Echoes to 172.16.101.1, timeout is 2 seconds:
.!!!!
What does the ³.´ signify?
* That one message timed out.
* That all messages were successful.
* That one message was successful.
* That one message completed in under the allotted timeframe.
Correct answer: A
The possible responses from the ping command are: ! Successful receipt of an echo reply. Timed out
waiting for a reply U Destination unreachable C Congestion-experienced packet I Ping interrupted ? Packet
type unknown & Packet TTL exceeded
35.
Which command, that is used to test address configuration, uses Time-To-Live (TTL) values to generate
messages from each router.
* trace
* ping
* telnet
* bootp
Correct answer: A
The Cisco IOS EXEC command ³trace [protocol] [destination]´ is used to discover routes that packets will
travel to their destination hosts. Trace uses TTL (Time to Live) values to report destination route
information.
36.
What does the command ³IP name-server 255.255.255.255< accomplish?
* It sets the domain name lookup to be a local broadcast.
* This is an illegal command.
* It disables domain name lookup.
* The command is now defunct and has been replaced by ³IP server-name ip any´
Correct answer: A
By default DNS is enabled on a router with a server address of 255.255.255.255, which provides for a local
broadcast.
37. As a system administrator, you need to provide your routers with a Domain Name System (DNS) server.
How many DNS servers can you specify with one command?
* 6
* 1
* 2
* 4
Correct answer: A
You can only specify six name servers in one command. The syntax is ³IP name-server server-address1 [[
server-address2 ]«server-address6]. You must also enable
DNS.
38.
How would you configure one host name that points to two IP addresses?
* IP host jacob 1.0.0.5 2.0.0.8
* IP jacob 1.0.0.5 2.0.0.8
* IP host jacob 1.0.0.5
* IP host duplicate ³all´
Correct answer: A
The correct syntax is IP host name [ TCP-port-number ] address [ address ]«.. So, ³IP host P1R1 1.0.0.5
2.0.0.8< is the correct choice. ³IP host jacob 1.0.0.5< only points the host name jacob to one IP address±
1.0.0.5.
39.
The following selections show the command prompt and the configuration of the IP network mask. Which
two are correct?
* Router#term IP netmask-format { bitcount | decimal | hexadecimal }
* Router(config-if)#IP netmask-format { bitcount | decimal | hexadecimal }
* Router(config-if)#netmask-format { bitcount | decimal | hexadecimal }
* Router#ip netmask-format { bitcount | decimal | hexadecimal }
Correct answer: A & B
Router#term IP netmask-format { bitcount | decimal | hexadecimal } and Router(config-if)#IP netmask-
format { bitcount | decimal | hexadecimal } are correct. You can configure the mask for the current session
and you can configure it for a specific line.
40.
When configuring the subnet mask for an IP address, which formats can be used?
* dotted-decimal.
* Hexadecimal
* Bit-count
* Octal
* Binary
Correct answer: A, B &C
41. You are given the following address: 153.50.6.27/25. Determine the subnet mask, address class, subnet
address, and broadcast address.
* 255.255.255.128, B,153.50.6.0, 153.50.6.127
* 255.255.255.128, C,153.50.6.0, 153.50.6.127
* 255.255.255.128, C,153.50.6.127, 153.50.6.0
* 255.255.255.224, C,153.50.6.0, 153.50.6.127
Correct answer: A
42. You are given the following address: 128.16.32.13/30. Determine the subnet mask, address class, subnet
address,
and broadcast address.
* 255.255.255.252, B,128.16.32.12, 128.16.32.15
* 255.255.255.252, C,128.16.32.12, 128.16.32.15
* 255.255.255.252, B,128.16.32.15, 128.16.32.12
* 255.255.255.248, B,128.16.32.12, 128.16.32.15
Correct answer: A
43. You are given the following address: 15.16.193.6/21. Determine the subnet mask, address class, subnet
address,
and broadcast address.
* 255.255.248.0, A, 15.16.192.0, 15.16.199.255
* 255.255.248.0, B, 15.16.192.0, 15.16.199.255
* 255.255.248.0, A, 15.16.199.255, 14.15.192.0
* 255.255.242.0, A, 15.16.192.0, 15.16.199.255
Correct answer: A
44. You have an IP host address of 201.222.5.121 and a subnet mask of 255.255.255.248. What is the broadcast
address?
* 201.222.5.127
* 201.222.5.120
* 201.222.5.121
* 201.222.5.122
Correct answer: A
The easiest way to calculate this is to subtract 255.255.255.248 (subnet mask) from 255.255.255.255, this
equals 7. Convert the address 201.222.5.121 to binary±11001001 11011110 00000101 01111001. Convert the
mask 255.255.255.248 to binary±11111111 11111111 11111111 11111000. AND them together to get: 11001001
11011110
45.
01111000 or 201.222.5.120. 201.222.5.120 is the subnet address, add 7 to this address for 201.222.5.127 or
the broadcast address. 201.222.5.121 through 201.222.5.126 are the valid host addresses.
46.
Given the address 172.16.2.120 and the subnet mask of 255.255.255.0. How many hosts are available?
* 254
* 510
* 126
* 16,372
Correct answer: A
172.16.2 120 is a standard Class B address with a subnet mask that allows 254 hosts. You are a network
administrator and have been assigned the IP address of 201.222.5.0. You need to have 20 subnets with 5
hosts per subnet. The subnet mask is 255.255.255.248.
47.
Which addresses are valid host addresses?
* 201.222.5.17
* 201.222.5.18
* 201.222.5.16
* 201.222.5.19
* 201.222.5.31
Correct answer: A,B & D
Subnet addresses in this situation are all in multiples of 8. In this example, 201.222.5.16 is the subnet,
201.22.5.31 is the broadcast address. The rest are valid host IDs on subnet 201.222.5.16.
48. You are a network administrator and have been assigned the IP address of 201.222.5.0. You need to have
20 subnets with
49. hosts per subnet. What subnet mask will you use?
* 255.255.255.248
* 255.255.255.128
* 255.255.255.192
* 255.255.255.240
Correct answer: A
By borrowing 5 bits from the last octet, you can. have 30 subnets. If you borrowed only 4 bits you could
only have 14 subnets. The formula is (2 to the power of n)-2. By borrowing 4 bits, you have (2×2x2×2)-
2=14. By borrowing 5 bits, you have (2×2x2×2x2)-2=30. To get 20 subnets, you would need to borrow 5
bits so the subnet mask would be 255.255.255.248.
50. You are given the IP address of 172.16.2.160 with a subnet mask of 255.255.0.0. What is the network
address in binary?
* 10101100 00010000
* 00000010 10100000
* 10101100 00000000
* 11100000 11110000
Correct answer: A
To find the network address, convert the IP address to binary±10101100 000100000 00000010
10100000±then ANDed it with the subnet mask±11111111 11111111 00000000 00000000. The rest is
10101100 00010000 00000000 00000000, which is 172.16.0.0 in decimal.
The first octet rule states that the class of an address can be determined by the numerical value of the first
octet.
51.
Which addresses are INCORRECTLY paired with their class?
* 128 to 191, Class B
* 192 to 223 Class B
* 128 to 191, Class C
* 192 to 223, Class C
Correct answer: B & C
Address classes are: 1 to 126, Class A; 128 to 191, Class B, 192 to 223, Class C; 224 to 239, Class D; and
52. to 255, Class E. The first octet rule states that the class of an address can be determined by the numerical
value of the first octet.
53.
Which addresses are INCORRECTLY paired with their class?
* 1 to 126, Class A
* 128 to 191, Class A
* 1 to 126, Class B
* 128 to 191, Class B
Correct answer: B & C.
Address classes are: 1 to 126, Class A; 128 to 191, Class B, 192 to 223, Class C; 224 to 239, Class D; and
54. to 255, Class E. The first octet rule states that the class of an address can be determined by the numerical
value of the first octet.
55.
Which addresses are INCORRECTLY paired with their class?
* 240 - 255, Class D
* 240 - 255, Class E
* 224 - 239, Class D
* 224 - 239, Class E
Correct answer: A & D
Address classes are: 1 to 126, Class A; 128 to 191, Class B, 192 to 223, Class C; 224 to 239, Class D; and 240
to 255, Class E.
56.
Which IP Address Class is INCORRECTLY paired with its range of network numbers?
* Class A addresses include 192.0.0.0 through 223.255.255.0
* Class A addresses include 1.0.0.0 through 126.0.0.0
* Class B addresses include 128.0.0.0 through 191.255.0.0
* Class C addresses include 192.0.0.0 through 223.255.255.0
* Class D addresses include 224.0.0.0 through 239.255.255.0
Correct answer: A
Class A addresses include 1.0.0.0 through 126.0.0.0
Class B addresses include 128.0.0.0 through 191.255.0.0
Class C addresses include 192.0.0.0 through 223.255.255.0
Class D addresses include 224.0.0.0 through 239.255.255.0
57.
Which IP Address Class can have 16 million subnets but support 254 hosts?
* Class C
* Class A
* Class B
* Class D
Correct answer: A
Possible Subnets IP Address Class Possible Hosts
58. A 16M.
64K B 64K
16M C 254
59.
Which IP Address Class can have 64,000 subnets with 64,000 hosts per subnet?
* Class B
* Class A
* Class C
* Class D
Correct answer: A
IP Address Class Possible Subnets Possible Hosts
60. A 16M
64K B 64K
16M C 254
61.
There are two processes to pair MAC address with IP addresses. Which process finds an IP address from a
MAC address?
* RARP
* ARP
* RIP
* IGRP
Correct answer: A
ARP (Address Resolution Protocol) maps an IP address to the MAC address, RARP (Reverse Address
Resolution Protocol) maps the MAC address to the IP address. ARP and RARP work at the internet layer of
the Internet Model or the network layer of the OSI model.
62.
When the router runs out of buffer space, this is called ________.
* Source Quench
* Redirect
* Information Request
* Low Memory
Correct answer: A
Source quench is the process where the destination router, or end internetworking device will ³quench´ the
date from the ³source´, or the source router. This usually happens when the destination router runs out of
buffer space to process packets.
63.
Which protocol carries messages such as destination Unreachable, Time Exceeded, Parameter Problem,
Source Quench, Redirect, Echo, Echo Reply, Timestamp, Information Request, Information Reply,
Address Request, and Address Reply?
* ICMP
* UDP
* TCP
* TFTP
* FTP
Correct answer: A
ICMP (Internet Control Message Protocol) is a network layer internet protocol described in RFC # 792.
ICMP reports IP packet information such as destination Unreachable, Time Exceeded, Parameter Problem,
Source Quench, Redirect, Echo, Echo Reply, Timestamp, Information Request, Information Reply,
Address Request, and Address Reply.
64.
Two of the protocols that can be carried in the Protocol field of an IP packet are?
* TCP
* UDP
* FTP
* TFTP
Correct answer: A & B
The following are the fields in an IP segment,
their length, and their definitions:
VERS (Version number - 16 bits)
HLEN (Number of 32-bit words in the header - 4 bits)
Type of Server (How the datagram should be handled - 32 bits)
Total Length (Total length of header and data - 32 bits)
Identification (Provide fragmentation of datagrams to allow different MTUs in the internet - 4 bits)
Flags (Provide fragmentation of datagrams to allow different MTUs in the internet - 4 bits)
Frag Offset (Provide fragmentation of datagrams to allow different MTUs in the internet - 6 bits)
TTL (Time-To-Live - 6 bits)
Protocol (Upperlayer protocol sending the datagram - 16 bits)
Header Checksum )Integrity check on the header - 16 bits)
Source IP Address (32 bits)
Destination IP Address (32 bits)
IP Options (network testing, debugging, security and others - 4 bits)
Data (4 bits).
65.
Where would network testing be included in an IP packet?
* IP Options field
* Identification field
* Type of Service field
* Reservation field
Correct answer: A
The following are the fields in an IP segment, their length, and their definitions:
VERS (Version number - 16 bits)
HLEN (Number of 32-bit words in the header - 4 bits)
Type of Server (How the datagram should be handled - 32 bits)
Total Length (Total length of header and data - 32 bits)
Identification (Provide fragmentation of datagrams to allow different MTUs in the internet - 4 bits)
Flags (Provide fragmentation of datagrams to allow different MTUs in the internet - 4 bits)
Frag Offset (Provide fragmentation of datagrams to allow different MTUs in the internet - 6 bits)
TTL (Time-To-Live - 6 bits)
Protocol (Upperlayer protocol sending the datagram - 16 bits)
Header Checksum )Integrity check on the header - 16 bits)
Source IP Address (32 bits)
Destination IP Address (32 bits)
IP Options (network testing, debugging, security and others - 4 bits)
Data (4 bits).
66.
What field tells the Internet layer how to handle an IP packet?
* Type of Service
* Identification
* Flags
* Frag Offset
Correct answer: A
The following are the fields in an IP segment, their length, and their definitions:
VERS (Version number - 16 bits)
HLEN (Number of 32-bit words in the header - 4 bits)
Type of Server (How the datagram should be handled - 32 bits)
Total Length (Total length of header and data - 32 bits)
Identification (Provide fragmentation of datagrams to allow different MTUs in the internet - 4 bits)
Flags (Provide fragmentation of datagrams to allow different MTUs in the internet - 4 bits)
Frag Offset (Provide fragmentation of datagrams to allow different MTUs in the internet - 6 bits)
TTL (Time-To-Live - 6 bits)
Protocol (Upperlayer protocol sending the datagram - 16 bits)
Header Checksum )Integrity check on the header - 16 bits)
Source IP Address (32 bits)
Destination IP Address (32 bits)
IP Options (network testing, debugging, security and others - 4 bits) Data (4 bits).
67.
Which fields of an IP packet provide for fragmentation of datagrams to allow differing MTUs in the
internet?
* Identification
* Flags
* Frag Offset
* Type of Service
* Total Length
Correct answer: A, B & C
The following are the fields in an IP segment, their length, and their definitions:
VERS (Version number - 16 bits)
HLEN (Number of 32-bit words in the header - 4 bits)
Type of Server (How the datagram should be handled - 32 bits)
Total Length (Total length of header and data - 32 bits)
Identification (Provide fragmentation of datagrams to allow different MTUs in the internet - 4 bits)
Flags (Provide fragmentation of datagrams to allow different MTUs in the internet - 4 bits)
Frag Offset (Provide fragmentation of datagrams to allow different MTUs in the internet - 6 bits)
TTL (Time-To-Live - 6 bits)
Protocol (Upperlayer protocol sending the datagram - 16 bits)
Header Checksum )Integrity check on the header - 16 bits)
Source IP Address (32 bits)
Destination IP Address (32 bits)
IP Options (network testing, debugging, security and others - 4 bits)
Data (4 bits).
68.
Which processes does TCP, but not UDP, use?
* Windowing
* Acknowledgements
* Source Port
* Destination Port
Correct answer: A & B
UDP (User Datagram Protocol) does not use sequence or acknowledgement fields in transmission.
UDP is a connectionless and unreliable protocol, since there is no delivery checking mechanism in the UDP
data format.
69.
What is the UDP datagram format?
* Source Port - 16 bits, Destination Port - 16 bits, Length - 16 Bits, Checksum - 16 bits, Data
* Destination Port - 16 bits, Source Port - 16 bits, Length - 16 Bits, Checksum - 16 bits, Data
* Source Port - 16 bits, Destination Port - 16 bits, Checksum - 16 Bits, Length - 16 bits, Data
* Source Port - 8 bits, Destination Port - 8 bits, Length -8 Bits, Checksum - 8 bits, Data
Correct answer: A
The UDP format for a segment is as follows:
Source Port 16 bits
Destination Port 16 bits
Length 16 bits
Checksum 16 bits
Data xx bits
70.
What is the function of DDR on Cisco routers?
* DDR is dial±on-demand routing. It provides a continuous LAN only connection.
* DDR is dial-on-demand routing. It provides routing for high volume traffic.
* DDR is dial±on-demand routing. It provides a continuous WAN connection.
* DDR is dial-on-demand routing. It provides routing for low volume and periodic traffic.
Correct answer: D
DDR is dial-on-demand routing. It provides routing for low volume and periodic traffic. It initiates a call to
a remote site when there is traffic to transmit.
71.
What are the two types of access lists that can be configured on a Cisco router?
* Standard
* Extended
* Filtering
* Packet
Correct answer: A & B
The access lists are standard and extended. Standard access lists for IP check the source address of packets
that could be routed. Extended access lists can check the source and destination packet plus check for
specific protocols, port numbers, etc.
72.
When using access lists, what does a Cisco router check first?
* To see if the packet is routable or bridgeable
* The destination address
* The source address
* The packet contents
Correct answer: A
The first thing checked is to see if the packet is routable or bridgeable. If it is not, the packet will be
dropped.
73.
How many access lists are allowed per interface?
* One per port, per protocol
* Two per port, per protocol
* Unlimited
* Router interface +1 per port.
Correct answer: A
Only one access list is allowed per interface. An access list must have conditions that test true for all
packets that use the access list.
74.
What do the following commands accomplish?
access-list 1 deny 172.16.4.0 0.0.0.255
access-list 1 permit any interface ethernet 0
IP access-group 1 out
* This will block traffic from subnet 172.16.4.0 and allow all other traffic.
* This will allow traffic from subnet 172.16.4.0 and block all other traffic.
* All traffic is allowed.
* All traffic is blocked.
Correct answer: A
This will block traffic from subnet 172.16.4.0 and allow all other traffic. The first statement ³access-list 1
deny 172.16.4.0 0.0.0.255< will deny access to the subnet 172.16.4.0.
75.
What do the following statements in an extended access list accomplish?
access-list 101 deny TCP 172.16.4.0 0.0.0.255 172.16.3.0 0.0.0.255 eq 21
access-list 101 deny TCP 172.16.4.0 0.0.0.255 172.16.3.0 0.0.0.255 eq 20
access-list 101 permit TCP 172.16.4.0 0.0.0.255 0.0.0.0 255.255.255.255
* This will block ftp traffic.
* This will block http traffic.
* This will permit ftp traffic.
* This will permit tftp traffic.
Correct answer: A
This will block ftp traffic since ftp uses ports 20 and 21.
76. Access lists are numbered. Which of the following ranges could be used for an IP access list?
* 600 - 699
* 100 - 199
* 1 - 99
* 800 - 899
* 1000 - 1099
Correct answer: wer: B & C
AppleTalk access lists use numbers in the 600 - 699 range. IP uses 1 - 99 for standard access lists or 100-
199 for extended access lists. IPX uses 800 - 899 or 900 - 999 for extended access lists. IPX SAP filters use
1000 - 1099.
77.
Cisco routers use wildcard masking to identify how to check or ignore corresponding IP address bits. What
does setting a wildcard mask bit to 0 cause the router to do?
* It tells the router to check the corresponding bit value.
* It tells the router to ignore the corresponding bit value.
* It tells the router to check its alternate routing list.
* It tells the router to use its primary routing list.
Correct answer: A
It tells the router to check the corresponding bit value.
78. You are a system administrator and you want to deny access to a group of computers with addresses
172.30.16.0 to 172.30.31.0. Which wildcard mask would you use?
* 0.0.15.255
* 0.0.255.255
* 0.0.31.255
* 0.0.127.255
* 0.0.255.255
Correct answer: A
0.0.15.255 will check the last 13 bits of an address so that computers 172.30.16.0 to 172.30.31.0 will be
denied access. 0.0.31.255 would check the last 6 binary digits and deny access to addresses 172.30.32.0 to
172.30.63.0. 0.0.127.255 would check the last 7 binary digits and deny access to addresses 172.30.64.0 to
172.30.127.0. 0.0.255.255 would deny 172.30.0.0 to 172.30.254.0. If you write decimal 15 in binary, you
have 0001111, the 1¶s tell the router to ignore address with these bits set; 0¶s tell the router to check the
bits. The third octet for 172.30.16.0 is 00010000. The third octet for 172.30.31.0 would be 00011111. So,
traffic from these addresses would be denied.
79.
In order to limit the quantity of numbers that a system administrator has to enter, Cisco can use which
abbreviation to indicate 0.0.0.0?
* host
* any
* all
* include
Correct answer: A
Cisco uses host to specify 0.0.0.0. This tells the router to check all. Cisco uses any to specify
255.255.255.255. This tells the router to ignore all and permit any address to use an access list test.
80.
What do the following commands accomplish?
access-list 1 permit 172.16.0.0 0.0.255.255
interface ethernet 0
IP access-group 1 out
interface ethernet 1
IP access-group 1 out
* Only traffic from the source network 172.16.0.0 will be blocked.
* Only traffic from the source network 172.16.0.0 will be forwarded. Non-172.16.0.0 network traffic is
blocked.
* Non-172.16.0.0 traffic will be forwarded.
* All traffic will be forwarded.
Correct answer: B
Only traffic from the source network 172.16.0.0 will be forwarded. Non-172.16.0.0 network traffic is
blocked. The wildcard mask 0.0.255.255 tells the router to check the first 2 octets and to ignore the last 2
octets.
81.
When using access lists, it is important where those access lists are placed. Which statement best describes
access list placement?
* Put standard access lists as near the destination as possible. Put extended access lists as close to the
source as possible.
* Put extended access lists as near the destination as possible. Put standard access lists as close to the
source as possible.
* It isn¶t import where access lists are placed since the router will read and cache the whole list.
* Put access lists as close to corporate headquarters as possible.
Correct answer: A
Put standard access lists as near the destination as possible. Put extended access lists as close to the source
as possible. Standard access lists don¶t specify the destination address.
82. As the system administrator, you enter the following commands at the command prompt:
ipx routing
access-list 800 permit 2b 4d
int e0
ipx network 4d
ipx access-group 800 out
int e1
ipx network 2b
int e2
ipx network 3c
What did these command accomplish?
* Traffic from network 4c destined for network 4d will be forwarded out Ethernet0.
* Traffic from network 3c destined for network 4d will be forwarded out Ethernet0.
* Traffic from network 2b destined for network 4d will be forwarded out Ethernet0.
* Traffic from network 4d destined for network 2d will be forwarded out Ethernet0.
Correct answer: C
Traffic from network 2b destined for network 4d will be forwarded out Ethernet0. The other interfaces E1
and E2 are not subject to the access list since they lack the access group statement to link them to access
list 800.
83.
The following commands were entered at the command prompt of a Cisco router. What do they
accomplish?
access-list 1000 deny 9e.1234.5678.1212 4
access-list 1000 permit -1
interface ethernet 0
ipx network 9e
interface ethernet 1
ipx network 4a
interface serial 0
ipx network 1
ipx output-sap-filter 1000
* File server advertisements from server 9e.1234.5678.1212 will not be forwarded on interface S0.
* All other SAP services, other than file server, from any source will be forwarded on S0.
* All other SAP services, other than print server, from any source will be forwarded on S0.
* Print server advertisements from server 9e.1234.5678.1212 will not be forwarded on interface S0.
Correct answer: A & B
File server advertisements from server 9e.1234.5678.1212 will not be forwarded on interface S0. All other
SAP services, other than file server, from any source will be forwarded on S0.
84. You receive ³input filter list is 800 and output filter list is 801< as part of the output from a show interfaces
command. What kind of traffic are you filtering?
* IPX/SPX
* TCP/IP
* LocalTalk
* DDR
Correct answer: A
Because the access list is numbered in the 800 range, you are filtering IPX/SPX traffic.
85.
Which service uses telephone control messages and signals between the transfer points along the way to
the called destination?
* Signaling System 7 (SS7)
* Time-division Multiplexing (TDM)
* X.25
* Frame relay
Correct answer: A
Signaling System 7 (SS7) uses telephone control messages and signals between the transfer points along
the way to the called destination. Time-division Multiplexing (TDM) has information from multiple
sources and allocates bandwidth on a single media. Circuit switching uses signaling to determine the call
route, which is a dedicated path between the sender and the receiver. Basic telephone service and
Integrated Services Digital Network (ISDN) use TDM circuits. X.25 and Frame Relay services have
information contained in packets or frames to share non-dedicated bandwidth. X.25 avoids delays for call
setup. Frame Relay uses permanent virtual circuits (PVCs).
86.
Which service takes information from multiple sources and allocates bandwidth on a single media?
* Time-division Multiplexing (TDM)
* Signaling System 7 (SS7)
* X.25
* Frame relay
Correct answer: A
87.
Which three devices can be used to convert the user data from the DTE into a form acceptable to the WAN
service¶s facility?
* Modem
* CSU/DSU
* TA/NT1
* CO
* SS7
Correct answer: A, B & C
A modem, CSU/DSU (Channel Service Unit/Data Service Unit), or TA/NT1 (Terminal Adapter/Network
Termination 1) can be used to convert the user data from the DTE into a form acceptable to the WAN
service¶s facility.
88.
What is the juncture at which the CPE ends and the local loop portion of the service begins?
* Demarc
* CO
* Local loop
* Last-mile
Correct answer: A
The demarcation or demarc is the juncture at which the CPE ends and the local loop portion of the service
begins. The CO (Central Office) is the nearest point of presence for the provider¶s WAN service. The local
loop or ³last-mile´ is the cabling that extends from the demarc into the WAN service provider¶s central
office.
89. You can access three forms of WAN services with Cisco routers. Select the three forms:
* Switched or relayed services
* Interface front end to IBM enterprise data center computers
* Using protocols that connect peer-to-peer devices like HDLC or PPP encapsulation.
* IPX/SPX
* NetBEUI
Correct answer: A, B & C
You can access three forms of WAN services with Cisco routers. Switched or relayed services include X.25,
Frame Relay, and ISDN. An interface front end to IBM enterprise data center computers includes SDLC.
And, you can access the services of WAN providers using protocols that connect peer devices such as
HDLC and PPP encapsulation. IPX/SPX and NetBEUI are LAN protocols.
90.
Select the fields for the Cisco HDLC protocol:
* Flag, Address, Control
* Flag, Address, Control, Protocol, LCP (Code, Identifier, Length, Data), FCS, Flag
* Flag, Address, Control, Data, FCS, Flag
* Flag, Address, Control, Proprietary, Data, FCS, Flag
Correct answer: D
The Cisco HDLC frame format is Flag, Address, Control Proprietary, Data, FCS, Flag. The PPP frame
format is Flag, Address, Control, Protocol, LCP (Code, Identifier, Length, Data), FCS, Flag. The SDLC and
LAPB format is Flag, Address, Control, Data, FCS, Flag.
85: Select the physical interfaces that PPP can be configured on a Cisco router:
* Asynchronous serial
* HSSI
* ISDN
* Synchronous serial
Correct answer: A, B, C & D
All four of them can carry PPP traffic. HSSI is High Speed Serial Interface.
91.
Select the correct statements about PPP and SLIP for WAN communications?
* PPP uses its Network Control Programs (NCPs) component to encapsulate multiple protocols.
* PPP can only transport TCP/IP
* SLIP can only transport TCP/IP.
* SLIP uses its Network Control Programs (NCPs) component to encapsulate multiple protocols.
Correct answer: A & C
87a Which protocol for PPP LCP (Link Control Protocol) performs a challenge handshake?
* CHAP
* PAP
* UDP
* IPX
Correct answer: A
87b Which form of PPP error detection on Cisco routers monitors data dropped on a link?
* Quality
* Magic Number
* Error Monitor
* Droplink
Correct answer: A
The Quality protocol monitors data dropped on a link. Magic Number avoids frame looping.
92.
Which protocol for PPP provides load balancing across multiple links?
* Multilink Protocol (MP)
* Quality
* Magic Number
* Stacker
* Predictor
Correct answer: A
93. As the system administrator, you type ³ppp authentication chap pap secret´. Which authentication method
is used first in setting up a session?
* secret
* PAP
* CHAP
* PPP/SLIP
Correct answer: C
94.
Select the compression protocols for PPP?
* Stac
* Predictor
* Quality
* Magic Number
Correct answer: A & B
95.
What are the three phases of PPP session establishment?
* Link establishment phase
* Authentication phase
* Network layer protocol phase
* Handshake phase
* Dial-in phase
Correct answer: A, B & C
96.
What is the default IPX Ethernet encapsulation?
* SNAP
* Arpa
* 802.2
* Novell-Ether
* SAP
Correct answer: D
97.
What must be true for two Routers running IGRP to communicate their routes?
* Same autonomous system number
* Connected using Ethernet only
* Use composite metric
D)Configured for PPP
Correct answer: A
98.
The following is partial output from a routing table, identify the 2 numbers in the square brackets;
µ192.168.10.0 [100/1300] via 10.1.0.1, 00:00:23, Ethernet1;
* 100 = metric, 1300 = administrative distance
* 100 = administrative distance, 1300 = hop count
* 100 = administrative distance, 1300 = metric
* 100 = hop count, 1300 = metric
Correct answer: C
99.
Identify 3 methods used to prevent routing loops?
* Split horizon
* Holddown timers
* Poison reverse
* SPF algorithm
* LSP¶s
Correct answer: A B C
100. Which statement is true regarding full duplex?
* Allows for transmission and receiving of data simultaneously
* Only works in a multipoint configuration
* Does not affect the bandwidth
* Allows for transmission and receiving of data but not a the same time
Correct answer: A
Full duplex is just the opposite of half duplex. It handles traffic in both directions simultaneously.
101. Identify the switching method that receives the entire frame then dispatches it?
* Cut-through
* Receive and forward
* Store and forward
* Fast forward
Correct answer: C
Store and forward switching receives the entire frame before dispatching it.
98Identify the purpose of ICMP?
* Avoiding routing loops
* Send error and control messages
* Transporting routing updates
* Collision detection
Correct answer: B
ICMP is used to send error and control messages. Ping uses ICMP to carry the echo-request and echo-
reply.
99Which statement is true regarding the user exec and privileged exec mode?
* The µ?¶ only works in Privileged exec
* They are identical
* They both require the enable password
* User exec is a subset of the privileged exec
Correct answer: D
The user exec mode is a subset of the privileged exec mode. Only a certain number of commands are
available at the user exec mode.
102. Which OSI layer end to end communication, segmentation and re-assembly?
* Network
* Transport
* Physical
* Application
* Data-Link
* Presentation
Correct answer: B
Layer 4 the Transport layer performs this function.
103. What IP command would you use to test the entire IP stack?
* Stack-test
* Arp
* Telnet
* Ping
* Trace
Correct answer: C
Because Telnet is an application and it resides at the top of the stack it traverses down the stack and up the
stack at the receiving end.
104. Identify the 2 hardware components used to manage and/or configure a router?
* Auxiliary port
* ROM port
* Management port
* Console port
Correct answer: A D
The 2 hardware ports used to configure the router are the console and auxiliary ports.
105. What is the default bandwidth of a serial connection?
* 1200 baud
* 1.544 Mbps (T1)
* 10 Mbps
* 96Kpbs
Correct answer: B
The default bandwidth is T1.
106. Identify 2 functions of IPX access-lists?
* Control SAP traffic
* Limit number of Novell servers on a network
* Limit number of workstations on a network
* Block IPX traffic
Correct answer: A D
IPX access lists are used to restrict IPX traffic and SAP broadcasts.
107. Identify 2 HDLC characteristics?
* Default serial encapsulation
* Open standard
* Supports Stacker compression
* Supports point-to-point and multipoint
Correct answer: A D
HDLC is the default serial encapsulation and supports point-to-point and multipoint. It is not an open
standard and does not support compression.
108. Identify 3 IP applications?
* AURP
* ARP
* Telnet
* SMTP
* DNS
* RARP
Correct answer: C D E
ARP and AURP are not part the application layer of the TCP/IP stack. SMTP - Simple Mail Transfer
Protocol, Telnet, DNS - Domain Name Services (name to IP resolution).
109. Identify 3 LAN technologies?
* FDDI
* HDLC
* HSSI
* X.25
* 802.3
* 802.5
Correct answer: A E F
The question is asking for 3 LAN technologies, HDLC, HSSI and X.25 are all WAN technologies.
110. Identify the 4 that are not LAN technologies?
* HDLC
* FDDI
* 802.5
* HSSI
* SDLC
* Frame Relay
Correct answer: A D E F
802.5 and FDDI are LAN technologies
111. Which OSI layer supports the communication component of an application?
* Data-Link
* Physical
* Session
* Presentation
* Application
* Transport
Correct answer: E
Layer 7 the Application layer performs this function.
112. Identify the length of an IPX address and it¶s components?
* 80 bits, 48 bits network and 32 bits node
* 32 bits, 16 bits network and 16 bits node
* None of the above
* 80 bits, 32 bits network and 48 bits node
Correct answer: D
IPX address has 2 components; network and node. The network address is 32 bits and the node is 48 bits,
total of 80 bits.
113. Identify the administrative distance and appropriate routing protocol?
* RIP = 255, IGRP = 100
* RIP = 100, IGRP = 120
* RIP = 1, IGRP = 0
* RIP = 120, IGRP = 100
Correct answer: D
The administrative distance for RIP is 120 and IGRP is 100. The lower the AD the better the routing
information.
114. Which OSI layer incorporates the MAC address and the LLC?
* Data link
* Network
* Physcial
* Transport
Correct answer: ): A
Layer 2 the Data-Link layer incorporates the MAC and LLC sublayers
115. If configuring a Cisco router to connect to a non-Cisco router across a Frame Relay network, which
encapsulation type would you select?
* Q933a
* ISDN
* IETF
* CISCO
* ANSI
Correct answer: C
There are two types of Frame Relay encapsulations; Cisco and IETF. IETF is required when connecting a
Cisco to a non-Cisco router.
116. Identify the 2 items that TCP and UDP share in common?
* Both use port numbers to identify upper level applications
* Operate at the Network layer
* Both are Transport protocols
* Both are reliable communications
Correct answer: A C
TCP and UPD are both layer 4 Transport protocols and both use port number to identify upper level
applications.
117. Identify 3 characteristics of IP RIP?
* Distance vector
* Administrative distance is 120
* Periodic updates every 60 seconds
* Uses a composite metric
* Can load balance
Correct answer: A B E
IP RIP is a distance vector protocol, it can load balance up to 4 equal cost paths and it¶s rating of
trustworthiness is 120.
118. Which of the following is a layer 2 device?
* Switch
* Router
* Repeater
* Hub
Correct answer: A
A Hub and Repeater are layer 1 devices. A Router is a layer 3 device.
119. Identify the definition of demarcation?
* Date in which the WAN service contract expires
* Cabling which extends from the WAN service provider to the customer
* Division of responsibility, where the CPE ends and the local loop begins
* Equipment which is located at the customer premises
Correct answer: C
Demarcation is the point in which responsibility changes hands.
120. Identify the 3 key features of the Cisco Discovery Protocol?
* Off by default
* Will allow for the discovery of layer 3 addresses on neighbor routers
* Verify connectivity
* Open standard
* Does not require any layer 3 protocols to be configured
Correct answer: B C E
CDP is used for 2 basic reasons; neighbor connectivity and layer 3 discovery if configured. It is proprietary
and is on by default.
121. Identify the 3 characteristics of IPX RIP?
* Distance vector
* Does not support multiple paths
* 60 second updates
* Default encapsulation is SAP
* Uses ticks and hop count as a metric
Correct answer: A C E
IPX RIP is a distance vector routing protocol, it does support multiple paths, the default encapsulation is
µnovell-ether¶, it uses tick count as a primary metric and hop count as a tie breaker and it sends itââìâÄ¢s
updates every 60 seconds.
122. Identify the access-list range for an extended IP access-list?
* 800 - 899
* 1 - 99
* 1000 - 1099
* 100 - 199
Correct answer: D
IP extended access-lists use the number range of 100-199.
123. Identify the X.25 addressing standard?
* X.121
* X.25a
* ITU-1
* Q933a
Correct answer: A
The X.25 layer 3 addressing standards is X.121.
124. Identify 3 features of IGRP?
* Composite metric
* New horizon
* Flash updates
* 60 periodic updates
* Poison reverse
Correct answer: A C E
IGRP uses a composite metric made up of bandwidth and delay by default, it updates every 60 seconds and
will trigger an update if the topology changes.
125. Where is the backup configuration file stored?
* RAM
* ROM
* Console
* NVRAM
Correct answer: D
One location to store the backup configuration is NVRAM.
126. Identify the correct pair of Novell Ethernet encapsulation and Cisco terminology?
* Ethernet II, Snap
* Ethernet 802.3, Novell-Ether
* Ethernet SNAP, Arpa
* Ethernet 802.2, Snap
Correct answer: B
The default IPX LAN encapsulation is Novell-Ether which is 802.3
127. Identify 3 characteristics regarding IP access-lists?
* Can be configured as a standard access-list
* Can be run from another router running IP
* Can be configured as a named access-list
* Are the same as IPX access-lists
* Can be configured as an extended access-list
Correct answer: A C E
There are 3 types of IP access-lists; standard, extended and named. Named access-lists can be either
standard or extended depending on how they are configured.
128. Identify 3 ways in which a router can be configured?
* TFTP
* Nvram
* Ping
* Console
* Trace
Correct answer: A B D
Changes to the configuration can be entered via the console, a config stored in NVRAM or on a TFTP
server. Trace and ping are tools to verify connectivity.
129. A traffic light is an example of what type of mechanism?
* Collision detection
* Flow control
* Sequence numbering
* Network management
Correct answer: B
A Traffic light is an example of flow control.
130. Windowing is a type of?
* Negative acknowledgement
* Address resolution
* Layer transition mechanism
* Flow control
Correct answer: D
Windowing allow the sender and receiver to dictate how much information that can be received prior to an
acknowledgement. It is a form of flow control.
131. Identify the 2 types of access-list filters that control SAP traffic?
* Novell-ether
* Arpa
* Input-sap-filter
* Round-robin
* Output-sap-filter
Correct answer: C E
SAP¶s can be blocked by 2 methods; inbound and outbound.
132. Identify the 3 guidelines for routers in the same autonomous system?
* Must be configured for IGRP or RIP
* Interconnected
* Assigned the same autonomous system number
* Configured for the same routing protocol
* Must be same model of router
Correct answer: B C D
Autonomous system must be interconnected, assigned the same AS # and configured with the same
routing protocol.
133. Identify the hardware component used to store buffers, tables, running-configuration etc?
* NVRAM
* ROM
* RAM
* Flash
Correct answer: C
RAM is the dynamic memory area. ROM contains the boot strap code, NVRAM contains the startup-config
and Flash contains the IOS.
134. Identify 3 UDP characteristics?
* Reliable communication protocol
* Applications that use UDP must incorporate reliability
* Connection-less oriented
* Incorporates no handshaking
Correct answer: B C D
UPD is a layer 4 Transport protocol. It is connection-less because it does establish a connection therefore
the 3 step handshake is not needed, it does NOT implement any flow control or acknowledgments. Any
application that uses UDP must incorporate any needed reliability.
135. Identify the IPX standard access-list number range?
* 600 - 699
* 1000 - 1099
* 1 - 99
* 100 - 199
* 800 - 899
Correct answer: E
IPX standard access-list range is 800-899.
136. Which OSI layer provides best effort end to end packet delivery?
* Data-Link
* Presentation
* Network
* Transport
* Physical
* Application
Correct answer: C
Layer 3 the Network layer performs this function.
137. Identify the 2 methods to modify the routers boot sequence?
* Setup program
* Boot system commands
* RXBoot
* Config-register
Correct answer: B D
µBoot system¶ command the µconfig-register¶ are used to manipulate the boot sequence.
138. Identify the 3 pieces of hardware you would not install to prevent broadcasts?
* Switch
* Repeater
* Bridge
* Router
Correct answer: A B C
Router are implemented not only to break up networks into smaller segments but they are used to block
broadcasts.
139. Identify 2 features of PPP PAP authentication?
* Username and password is sent in clear text
* Authentication messages are sent periodically during the connection
* More secure than CHAP
* Remote node is control of authentication process
Correct answer: A D
PPP PAP authentication sends the username and passwords in clear text and the remote node initiates the
authentication process.
140. Identify the switching method that examines the destination MAC address as the frame is being received
then begins forwarding the frame prior to receiving the entire frame?
* Fragment-free
* Store and Forward
* Cut-through
* Fast forward
Correct answer: C
Cut through examines the destination MAC address and begins forwarding the frame prior to receiving the
entire frame.
141. Identify 1 characteristic of RARP?
* IP to MAC address translation
* Connectionless delivery of packets
* Can be used to initiate remote O/S load sequence
* Generates error and control messages
Correct answer: C
Reverse Address Resolution Protocol is used to obtain a layer 3 address if the MAC address is known which
then facilitates the loading of the O/S.
142. Identify the protocol to test connectivity without configuring any layer 3 protocols?
* TCP
* Ping
* IP
* CDP
* Telnet
Correct answer: D
CDP can be used to verify connectivity prior to any layer 3 protocols being configured.
143. LMI operates between the Frame Switch and what other device?
* CPE device
* Another Frame Switch
* X.25 switch
* Novell File Server
Correct answer: A
LMI stands for local management interface. It operates between the Frame Relay switch and the customer
equipment.
144. Identify IPX SAP and it¶s purpose?
* Sonet Access Pipe - interface to Sonet ring
* Service Advertising Protocol - advertise services
* Server Appletalk Protocol - appletalk directory services
* Service Access Point - identify upper layer protocols
Correct answer: B
SAP is an Novell protocol to advertise services.
145. Identify the default values that make up IGRP¶s composite metric?
* Bandwidth
* Load
* Reliability
* MTU
* Delay
Correct answer: A E
IGRP can be configured to use all 5 within it¶s metric. By default it uses bandwidth and delay.
146. Identify the default serial encapsulation?
* ISDN
* HDLC
* SDLC
* Frame Relay
* PPP
Correct answer: B
The default serial encapsulation is HDLC.
147. Identify the purpose of ARP?
* Avoiding routing loops
* Determining a workstation¶s IP address
* Sending a directed broadcast
* Determining a workstation¶s MAC address
Correct answer: D
ARP is used to find a devices MAC address given an IP address.
148. What is the purpose of the DLCI?
* Identifies the remote routers
* Contained with a 802.2 frame for routing purposes
* Used with PPP during authentication
* Identifies the PVC in a Frame Relay network
Correct answer: D
DLCI stands for Data Link Connection Identifier. It identifies the local PVC.
149. Identify 3 characteristics of the Network layer (OSI layer 3)?
* Connection oriented
* Path determination
* Supports multiplexing
* Manages sessions
* Packet forwarding
Correct answer: B C E
The network layer is responsible for routing which entails learning the paths, selecting the best path and
forwarding the packet. Because it services multiple layer 4 protocols it multiplexes.
150. Identify 3 characteristics of switches?
* Increase available bandwidth
* Decrease broadcast traffic
* Support full duplex in a multipoint topology
* Make forwarding decision using MAC address
* Create collision domains
Correct answer: A D E
Switches operate at layer 2. They increase bandwidth by reducing the number of devices sharing the
media. They isolate collisions. Like a bridge they forward traffic based upon layer 2 address/ MAC address.
151. Which OSI layer handles physical address, network topology?
* Presentation
* Physical
* Transport
* Application
* Data-Link
* Network
Correct answer: E
Layer 2 the Data-Link layer performs this function.
152. Identify 2 reasons for disabling CDP?
* If the router is not configured for RIP
* Save bandwidth by eliminating overhead
* If the router is configured for Appletalk
* When connected to a non-Cisco router
Correct answer: B D
CDP can be disabled here are a couple of reasons. Connecting a Cisco router to a non-Cisco router. Don¶t
want to exchange CDP information to save bandwidth.
153. Identify 3 characteristics of ISDN?
* Transports voice and data
* Transports voice only
* Support both BRI and PRI
* Runs over existing phone lines
* Same as X.25
Correct answer: A C D
ISDN supports voice, data, and video. It runs over existing phone lines and supports 128K (BRI) and T1
(PRI).
154. Identify the 3 characteristics of IGRP?
* Uses hop count as a metric
* Supports multiple unequal paths
* Administrative distance is 100
* Configured with an Autonomous system number
* Link state
Correct answer: B C D
IGRP is a distance vector routing protocol, it¶s degree of trustworthiness is 100, it can support up to 6 un-
equal paths and must be configured with an autonomous system number.
155. Identify 2 features of PPP CHAP authentication?
* Username and password is sent in clear text
* Authentication messages are sent periodically during the connection
* Less secure then PAP
* Local router µchallenges¶ the remote router
Correct answer: B D
PPP CHAP authentication message are sent periodically during the connection by challenging the other
end of the connection.
It is more secure than PAP and passwords and username are encrypted.
156. Identify the default IPX serial encapsulation?
* Novell-Ether
* SDLC
* SNAP
* HDLC
Correct answer: D
The default IPX serial encapsulation is HDLC.
157. Identify the hardware component that stores the backup configuration?
* RAM
* NVRAM
* Flash
* ROM
Correct answer: B
NVRAM contains the backup config. RAM is the dynamic memory area, ROM contains the boot strap code
and Flash contains the IOS.
158. Identify the extended IP access-list number range?
* 600 - 699
* 1 - 99
* 900 - 999
* 100 - 199
Correct answer: D
The extended IP access-list range is 100-199.
159. Identify 3 Fast Ethernet technologies?
* 100 Base FastEther
* 100 Base FX
* 100 Base T4
* 100 Base TX
Correct answer: B C D
160. BaseFastEther is false. 100 Base FX, TX and T4 are all valid.
161. Identify the OSI layer which is responsible for end-to-end connections?
* Network
* Transport
* Session
* Data link
* TCP
Correct answer: B
Layer 4 is the Transport layer and is responsible for end-to-end connections.
162. Identify the 2 characteristics regarding MAC addresses?
* Contains a network portion and host portion
* Always assigned by System Administrator
* 48 bits long
* Contains a vendor code and serial number
Correct answer: C D
MAC addresses are assigned by the vendor. Each MAC address is 48 bits long and made up of 24 bits
vendor code and 24 bits serial number.
163. Identify the number range for IPX SAP filters?
* 900 - 999
* 1000 - 1099
* 800 -899
* 100 - 199
Correct answer: B
The IPX SAP filtering range is 1000-1099.
164. What is the purpose of ARP?
* IP to host name resolution
* Host name to IP address resolution
* Mac to IP address resolution
* IP to Mac address resolution
Correct answer: D
Address Resolution Protocol resolves the MAC address if the IP address is known. It is a layer 3 protocol.
165. Which OSI layer establishes, maintains and terminates sessions between hosts?
* Application
* Physical
* Data-Link
* Presentation
* Network
* Session
Correct answer: F
Layer 5 the Session layer performs this function.
166. Which statement is true regarding Administrative distance?
* It is a metric
* Number of hops between two routers
* Trustworthiness of the routing information
* RIP Administrative distance is 100
Correct answer: C
Administrative distance is rating of trustworthiness of the routing information. The lower the AD the
better the information.
167. Identify the purpose of the Ping command?
* Share routing information with a neighbor router
* Transmit user data when buffers are full
* Test connectivity at layer 3
* Test entire protocol stack
Correct answer: C
The ping command tests layer 3 connectivity.
168. Identify the order of the 5 step encapsulation?
1. Create the segment
2. Convert the frame to bits
3. Create the packet
4. Create the frame
5. User creates the data
* 1,2,4,2,5
* 2,1,3,4,5
* 5,1,3,4,2
* 5,3,4,1,2
Correct answer: C
Cisco 5 step encapsulation.
1) User creates Data
2) Data is converted into a segment at layer 4
3) The segment is converted to packet at layer 3
4) The packet it converted into a frame at layer 2
5) The frame is converted into bits at layer 1
169. The Cisco IOS is stored where?
* ROM
* CD
* Flash
* NVRAM
Correct answer: C
By default the Cisco IOS is stored in flash.
170. Sequence and acknowledgement numbers are used for?
* Layer transitioning
* Flow control
* Port number addressing
* Reliability
Correct answer: D
TCP uses sequence numbers and acknowledgements to implement reliability.
171. Identify IPX GNS and it¶s purpose?
* Go Network Server - sends a print job to a network server
* Get Nearest Server - locate the nearest server
* Guaranteed Network Services - allocates resources to users
* Get Notes Server - locates Domino Server
Correct answer: B
GNS stands for Get Nearest Server, initiated by a workstation.
172. Identify the true statement regarding subnetting?
* Allows for more host address
* Borrow bits from the network portion of the address
* Allows for unlimited number of networks
* Borrow bits from the host portion of the address
Correct answer: D
Subnetting involves borrowing bits for the host portion of the address to be used to subnet addressing.
173. Inverse ARP serves what purpose?
* Method for a local router to introduce itself to the remote end of the connection
* Broadcast a routing table update
* Identify MAC addresses if the IP address is known
* Sent every 10 seconds used to verify the Frame Switch is still active
Correct answer: A
Inverse ARP operates in a Frame Relay network so the two end points can identify themselves to each
other.
174. Identify 3 characteristics of a MAC address?
* Burned into the NIC
* 48 bits long
* Length is 32 bits
* Used to deliver the frame to the end device
* Contains a network portion and a host portion
Correct answer: A B D
The MAC address is 48 bits long not 32. It does NOT contain a network and host portion with the address.
It is used to deliver the frame to the destination device.
175. Identify 3 IP routing protocols?
* RIP
* AURP
* OSPF
* IGRP
* ARP
* ICMP
Correct answer: A C D
AURP and ICMP are not routing protocols.
176. Identify the type of routing protocol that exchanges entire routing tables at regular intervals?
* Link state
* Interior gateway protocols
* Appletalk routing
* Distance vector
Correct answer: D
Distance Vector routing protocols exchange entire routing tables with it¶s neighbors. Link State routing
protocols exchange LSP¶s to share information regarding the networks they know.
177. Identify the type of hardware required to connect a Token ring network to an Ethernet network?
* Repeater
* TR-Enet
* Router
* Token Ring to Ethernet translation hub
Correct answer: C
Routers are used to connect dissimilar networks with different access-methods, like connecting Token
Ring to Ethernet.
178. Identify 3 characteristics regarding CDP?
* On by default
* Shows only directly connected neighbors
* Requires IP or IPX
* 60 second update interval by default
* 30 second updates interval by default
Correct answer: A B D
CDP stands for Cisco Discovery Protocol. It is used to discover directly connected neighbors, it is on by
default and has a 60 second update interval by default.
179. Identify 2 transport layer protocols?
* IP
* TCP
* CDP
* ARP
* UDP
Correct answer: B E
TPC and UDP are 2 layer4 Transport protocols.
180. Identify 2 features of X.25?
* Supports only IP
* Utilizes switched and permanent virtual circuits
* Contains minimal flow control and error recovery
* Utilizes LAPB as it¶s data-link protocol
Correct answer: B D
X.25 utilizes LAPB and uses switched and permanent VC¶s. It supports multiple layer protocols and is
heavy laden with error detection and correction mechanisms.
181. Identify the purpose of the Trace command?
* Explorer packet transmitting routing information
* Test connectivity
* Determine the path a packet is taking through the network
* Transmits user data when buffers are full
Correct answer: C
The trace command is used to determine the path a packet has taken through the network.
182. Identify the purpose of the TCP 3 step handshake?
* Setup a un-reliable connection
* Initialize routing tables
* Synchronize sequence numbers between hosts
* Connection tear down process
Correct answer: C
The 3 step handshake establishes the parameters required for a TCP connection. During the handshake
process sequence numbers are synchronized allowing for the end points to properly acknowledge and re-
assemble the segments.
183. Identify 2 PPP characteristics?
* Is proprietary to Cisco
* Supports authentication
* Support compression
* Run on a multi-access network
Correct answer: B C
PPP supports authentication; PAP and CHAP. It also supports compression; Stacker and Predictor.
184. Which statement is true regarding half duplex?
* Only works in a point-to-point configuration
* Allows for transmitting and receiving but not a the same time
* Allow for transmitting and receiving of data simultaneously
* Doubles the bandwidth
Correct answer: B
Half duplex is analogous to a single a lane bridge, it can handle traffic in both directions but no at the same
time.
185. Identify the purpose of the wildcard mask?
* Match a certain portion of the IP address while ignoring the rest of the address
* Determine the class of the IP address
* Determine the network portion of an IP address
* Hide the host portion of an IP address
Correct answer: A
The purpose of the wildcard mask to match a certain portion of the IP address while ignoring the rest.
186. Identify the OSI layer associated with bits?
* Physical
* Network
* Binary
* Data link
Correct answer: A
The Physical layer converts the frames to bits.
187. Identify the type of routing protocol that maintains a topological database of the network?
* Topological state
* Shortest Path First
* Link state
* Distance vector
Correct answer: C
Link State routing protocols maintain a database that lists all the networks in the internetwork.
188. Identify the 3 major functions at layer 3 of the OSI model?
* Forwarding process
* Logical addressing
* End-to-end connections
* Path selection
* MAC address examination
* Network monitoring
Correct answer: A B D
Layer 3 determines the path, forwards the packet and implements software or logical addressing.
189. Identify the 2 rules used when configuring a Distance Vector routing protocol?
* Physically connected network(s)
* Configure the classful address, no subnets
* Enable CDP so neighbors can be detected
* Configure all networks in Area0
Correct answer: A B
When configuring a Distance Vector routing protocol only assign the physically connected networks with
the classful address only.
190. Identify 3 characteristics of an IP address?
* Contains a network portion and a host portion
* 32 bits long
* Unique to each network
* Part of the default Cisco configuration
* Referred to as the hardware address
Correct answer: A B C
An IP address is 32 bits long, it is referred as the logical or software address. It contains a network and host
portion. Each IP address is unique.
191. Identify 3 feature of access-lists?
* Implicit deny will deny any packets not matched
* Processed sequentially from bottom to top
* Processed sequentially from top to bottom
* If a packet is denied it would be tested against the remaining statements in the access-list
* Once a match is made the packet is either denied or permitted
* Enabled on all interfaces by default
Correct answer: A C E
Access-list are processed from top to bottom, once a match occurs the packet is either denied or permitted
and is no longer tested and if no match occurs the packet is denied via the implicit deny.
192. Which OSI layer performs code conversion, code formatting and encryption?
* Physical
* Data-Link
* Application
* Transport
* Presentation
* Network
Correct answer: E
Layer 6 the Presentation layers performs this function.
193. Identify the 3 methods routers learn paths to destinations?
* Dynamic routing
* None of the above, configured by default
* Default routes
* Administrative distance
* Static routes
Correct answer: A C E
Routers can learn paths via 3 different sources; static routes, dynamic routing protocols (i.e. RIP) and
default routes.
194. Identify the purpose of the following command µip route 192.168.100.0 255.255.255.0 10.1.0.1;
* Enabling a dynamic routing protocol
* Creating a static route to the 10.1.0.0 network
* Teaches the router about the distant network 192.168.100.0 and how it can be reached via 10.1.0.1
* Assigning the IP address 192.168.100.0 to an interface
Correct answer: C
A static routes teaches the router about a distant network and the next hop to reach that network.
Command syntax:
ip route network-address subnet-mask next-hop-address
195. Based upon the 1st octet rule identify the range for a Class A address?
* 1 - 126
* 192 - 223
* 128 - 191
* 1 - 191
Correct answer: A
Class A address has the 1st octet between 1 - 126. Class B between 128 - 191 and Class C between 192 - 223.
196. What does a Standard IP Access-list use as test criteria?
* IP source address
* IP source and destination address, protocol numbers and port numbers
* IPX source and destination address
* Source MAC address
Correct answer: A
Standard IP access list use only source address.
197. What is the function of the Transport layer and which protocols reside there?
* MAC addressing - IP
* Interhost communication - SQL, NFS
* Best effort Packet delivery - TCP, UDP
* End-to-end connections - TCP, UDP
Correct answer: D
Layer 4, the Transport layer, is responsible for end-to-end connections. The two TCP/IP protocols that
reside there are TCP and UDP.
198. Identify the 3 Internet layer IP protocols?
* NetBios
* IPX
* ARP
* IP
* RARP
Correct answer: C D E
NetBios and IPX are not layer 3 IP protocols. IP - Internet Protocol, ARP - Address Resolution Protocol
and RARP - Reverse Address Resolution Protocol.
199. IPX routing updates occur how often?
* Every 30 seconds
* Every 60 seconds
* Only as needed
* When the remote router asks for an update
Correct answer: B
IPX RIP updates are exchanged every 60 seconds.
200.
Identify 3 methods not used to prevent routing loops?
* Holddown timers
* Sequence numbers
* Triggered updates
* Split horizon
* Area hierarchies
* Order of router startup
Correct answer: B E F
Area hierarchies, sequence numbers and order of router startup all relate to Link State routing protocols
which do NOT incur routing loops.
201. Identify the hardware component that stores the bootstrap program?
* ROM
* NVRAM
* Booter load
* RAM
* Flash
Correct answer: A
ROM contains the boot strap code.
202.
Which OSI layer provides mechanical, electrical, procedural for activating, maintaining physical
link?
* Presentation
* Network
* Application
* Physical
* Transport
* Data-Link
Correct answer: D
Layer 1 the Physical layer performs this function.
203.Identify 2 characteristics of PPP?
* Uses LLC to establish the link
* Default serial encapsulation
* Support multiple layer 3 protocols
* Offers two types of authentication; PAP and CHAP
Correct answer: C D
PPP is not the default encapsulation and uses LCP not LLC to establish the link. It support multiple layer 3
protocols and supports authentication.
204.
Identify 3 characteristics of a connection oriented protocol?
* Path determination
* Flow control
* Acknowledgements
* Uses hop count as metric
* 3 step handshake
Correct answer: B C E
Connection oriented protocols must first establish the connection (3 step handshake), employ methods to
acknowledge the receipt of data (acknowledgements) and slow down the flow of data if required (flow
control).
205. What is the maximum hop count for IP RIP?
* Infinity
* 16
* 15
* 1
Correct answer: C
206. is the maximum hop count, underscoring the size limitation of RIP.
207. What is Cisco¶s default encapsulation method on serial interfaces?
* ANSI
* Cisco
* Q933a
* HDLC
Correct answer: D
Cisco¶s implementation of HDLC is only compatible with Cisco routers. It is the default encapsulation type
for serial interfaces.
208.
Which of the following is a characteristic of a switch, but not of a repeater?
* Switches forward packets based on the IPX or IP address in the frame
* Switches forward packets based on the IP address in the frame
* Switches forward packets based on the MAC address in the frame
* Switches forward packets based only on the IP address in the packet
Correct answer: C
A repeater regenerates the signal it receives, a switch makes decisions based upon MAC addresses to
determine whether a frame should be forwarded. Repeaters forward all packets.
209.
Ping uses which Internet layer protocol?
* RARP
* ICMP
* ARP
* FTP
Correct answer: B
Internet Control Message Protocol - ICMP is a management protocol and messaging service provider for
IP. Its messages are carried as IP datagrams.
ICMP is used in the following events:
Destination Unreachable - If a router cannot send an IP packet any further, it uses an ICMP echo to send a
message back to the sender notifying it that the remote node is unreachable.
Buffer Full - If a routers memory buffer is full ICMP will send out a message to the originator.
Hops - Each IP datagram is assigned a path. This consists of hops. If it goes through the maximum number
of hops, the packet is discarded and the discarding router sends an ICMP echo to the host.
Ping - Ping use ICMP echo message to check connectivity.
210. Which is true regarding store-and-forward switching method?
* Latency varies depending on frame-length
* Latency is constant
* It is default for all Cisco switches
* It only reads the destination hardware address before forwarding the frame
Correct answer: A
Store-and-Forward switching copies the entire frame into its buffer and computes the CRC. If a CRC error
is detected, the frame is discarded, or if the frame is a runt (less than 64 bytes including the CRC) or a
giant (more than 1518 bytes including the CRC). The LAN switch then looks up the destination address in
its switching table and determines the outgoing interface. The frame is then forwarded to the outgoing
interface. Cisco Catalyst 5000 switches uses the Store-and-Forward method. The problem with Store-and-
Forward switching is latency is increased. Latency also varies with the size of the frame. The larger the
frame, the more latency associated. This of course is due to the fact that the entire frame is copied into its
buffer before being forwarded.
211. Which three of the following are true statements about connection-oriented sessions?
* The segments delivered are acknowledged back to the sender upon their reception
* Any segments not acknowledged the are retransmitted by the receiver
* A manageable data flow is maintained in order to avoid congestion, overloading and loss of any data
* Segments are sequenced back into their proper order upon arrival at their destination
Correct answer: A C D
Connection-oriented services are useful for transmitting data from applications that are intolerant of
delays and packet re-sequencing. FTP and Telnet applications are based on connection-oriented services as
well as some voice and video programs. Any segment that is not acknowledged by the received is
retransmitted by the sender.
212. What does a metric of 16 hops represent when using RIP?
* Number of hops to the destination
* Destination unreachable
* Number of routers
* Bandwidth
Correct answer: B
Routing Information Protocol (RIP) is a distance vector routing protocol that used hop count as its metric.
The maximum hop count is 15, 16 hops is considered unreachable. RIP updates are broadcast every 30
seconds by default. RIP has an administrative distance of 120.
213. You need to come up with a TCP/IP addressing scheme for your company. Which two factors must you
consider when you define the subnet mask for the network?
* The location of DHCP servers
* The volume of traffic on each subnet
* The number of subnets on the network
* The location of the default gateway
* The number of host IDs on each subnet
Correct answer: C E
When determining which subnet mask to use, you must determine how many hosts and how many subnets
are required.
214. What is the difference between TCP and UDP?
* TCP is connection-oriented; UDP uses acknowledgements only
* TCP is connection-oriented; UDP is connectionless
* Both TCP and UDP are connection-oriented, but only TCP uses windowing
* TCP and UDP both have sequencing, but UDP is connectionless
The correct answer(s): B
TCP provides guaranteed connection oriented delivery of packets, UDP does not.
215. What does the µS¶ mean when looking at the routing table?
* Statically connected
* Directly connected
* Dynamically attached
* Shutdown route
Correct answer: A
Statically connected routes are those that an administrator has manually entered into the routing table.
216. Why would you use static routing instead of dynamic routing?
* When you want automatic updates of the routing tables
* All the time
* When you have very few routes and want to conserve bandwidth
* When you have a gateway of last resort
Correct answer: C
Static routes are typically used when there are very few routes and you want to conserve bandwidth. Since
routing protocols are constantly sending their updates across the wire, it can cause a great deal of
congestion.
217. On Cisco catalyst 5000 how would you set the second port on the controller in the first slot to full duplex?
* Set port duplex 1/1 full
* Set port duplex 1/2 full
* Set port duplex 0/1 full
* Set port duplex 0/2 full
Correct answer: B
The syntax is: set type duplex slot/port
218. What does the acronym ARP stand for?
* Address Resolution Phase
* ARP Resolution Protocol
* Address Resolution Protocol
* Address Recall Protocol
Correct answer: C
The Address Resolution Protocol (ARP) resolved IP addresses to MAC addresses.
219. What is the default encapsulation of Netware 3.12?
* Ethernet_II
* 802.5
* 802.2
* 802.3
Correct answer: C
The 802.2 Frame Type is the default frame-type for Netware 3.12.
220.
Regarding frame relay, which of the following statements are true?
* You must use ANSI encapsulation if connecting to non-Cisco equipment
* You must use IETF encapsulation if connecting to non-Cisco equipment
* You must use Q.933a encapsulation if connecting to non-Cisco equipment
* You must use Cisco encapsulation if connecting to non-Cisco equipment
Correct answer: B
Cisco¶s encapsulation for Frame relay is proprietary. To communicate with non-Cisco equipment when
using frame-relay encapsulation, the IETF method must be used.
221. What is required to support full-duplex Ethernet?
* Multiple paths between multiple stations on a link
* Automatic sensing operation by all connected stations
* Loopback and collision detection disabled
* Full-duplex NIC cards
Correct answer: C D
Full duplex ethernet requires that the NIC supports full-duplex, and loopback and collision detection are
disabled.
222. Which layer is responsible for determining if sufficient resources for the intended communication exists?
* Application
* Network
* Session
* Presentation
* Transport
Correct answer: A
The Application layer is responsible for determining if sufficient resources for the intended communication
exists.
223. What are the 2 functions of the Data Link Mac layer?
* Handles access to shared media
* Manages protocol access to the physical network medium
* Provides SAPs for higher level protocols
* Allows multiple devices to uniquely identify one another on the data link layer
Correct answer: B D
Media Access Control (MAC) -The MAC sublayer manages protocol access to the physical network
medium. The IEEE MAC specification defines MAC addresses, which allow multiple devices to uniquely
identify one another at the data link layer.
224. Describe End to End network services: (Choose all that apply)
* Best Route selection
* Accomplished Segment by Segment, each segment is autonomous
* Flow Control & Data Integrity
* Best efforts packet delivery
Correct answer: A B C D
All of the above End to End network services.
225. Which of the following provide correct information about a protocol at the transport layer of the OSI
model?
* UDP - Provides Connectionless datagrams service
* TCP - Provides Connection Oriented Services
* SMTP - Provides Mail Exchange
* IP - Route determination
* TCP - Provides Flow Control and Error Checking
* FTP - Transfers of Files
Correct answer: A B E
Only TCP and UDP work at the Transport layer of the above choices. IP is a Network layer protocol. SMTP
and FTP are application layer protocols.
226. Which protocol works at the Internet layer and is responsible for making routing decisions?
* UDP
* IP
* TCP
* ARP
Correct answer: B
Internet Protocol - IP provides routing and a single interface to the upper layers. No upper layer protocol
and now lower layer protocol have any functions relating to routing. IP receives segments from the
transport layer and fragments them into packets including the hosts IP address.
227. Which layer is responsible for providing mechanisms for multiplexing upper-layer application, session
establishment, and tear down of virtual circuits?
* Session
* Network
* Physical
* Transport
* Application
* Presentation
Correct answer: D
The Transport layer does the following: Responsible for end-to-end integrity of data transmission. Handles
multiplexing upper-layer application, session establishment and tear down of virtual circuits. Hides details
of network dependent info from the higher layers by providing transparent data transfer. The µwindows¶
works at this level to control how much information is transferred before an acknowledgement is required.
228. Which of the following are logged when IP access list logging is enabled?
* source address
* protocol
* source port
* destination address
* access list number
* destination port
Correct answer: A B C D E F
All of the above are logged when IP access list logging is enabled.
229. What¶s the default CDP holdtime in seconds for Cisco routers?
* 30 seconds
* 180 seconds
* 90 seconds
* 60 seconds
Correct answer: B
Cisco Discovery Protocol is a proprietary protocol to allow you to access configuration information on
other routers and switches with a single command. It uses SNAP at the Data-Link Layer. By default CDP
sends out a broadcast every 60 seconds and it holds this information for 180 seconds. CDP is enabled by
default.
230.Which two of the following protocols are used at the Transport layer?
* ARP
* UDP
* ICMP
* RARP
* TCP
* BootP
Correct answer: B E
TCP and UDP operate at the Transport layer.
231. LAN stands for which of the following?
* Local Area Network
* Local Arena Network
* Local Area News
* Logical Area Network
Correct answer: A
LAN stands for Local Area Network
232. Choose three reasons why the networking industry uses a layered model:
* It facilitates systematic troubleshooting
* It allows changes in one layer to occur without changing other layers
* It allows changes to occur in all layers when changing one protocol
* It clarifies how to do it rather than what general function to be done
* It clarifies what general function is to be done rather than how to do it
Correct answer: A B E
Why do we have a Layered Model?
1) It reduces complexity
2) Allows for a standardized interface
3) Facilitates modular engineering
4) Ensures interoperable technology
5) Accelerates evolution
6) Simplifies teaching and learning
233. Which layer is responsible for identifying and establishing the availability of the intended communication
partner?
* Application
* Presentation
* Transport
* Session
* Network
Correct answer: A
The Application layer performs the following: Synchronizing sending and receiving applications. Program-
to program communication. Identify and establish the availability of the intended communication partner,
and determine if sufficient resources exist for the communication. Popular application protocols include
WWW, SMTP, EDI, FTP, Telnet, and SNMP
===========================================================================================
Q u e s - :1. What is Operating System?
Ans :- Operating System works as an interpreter between computer
hardware and application. Operating System works as a user
interface.
Q u e s - :2. Types of Operating System?
Ans :- There are two types of Operating System—
1. S OS – Simple Operating System as for example – Windows 95, 98,
ME
2. N OS – Network Operating System as for example – Windows NT,
2000, 2003
Q u e s - :3. What is Server?
Ans :- Servers are computer that provides the services. As for Example –
.1 DNS Server
.2 WINS Server
.3 DHCP Server
.4 RAS Server
.5 VPN Server
Q u e s - :4. What is RAS Server?
Ans :- RAS stands for Remote Access Server. It is basically use for
mobile user in the network. This Server provides the remote
access connectivity for mobile user. In this way all of the mobile
users are connected to server through telephone line. This Server
also provides the connectivity between two or more Offices in the
Network.
Q u e s - :5. What is VPN Server?
Ans :- VPN stands for Virtual Private Network. It is basically use for
mobile user in the network. This Server provides the remote
access connectivity for mobile user. In this way all of the mobile
users are connected to server through internet. This Server also
provides the connectivity between two or more Offices in the
Network. VPN is Cost Effective (No costly).
Q u e s - :6. What is IAS Server?
Ans :- IAS stands for Internet Authentication Services. IAS Server is also
known as RADIUS Server. IAS Server Provides the centralized
management of multiple RAS & VPN Servers in the Network. On
this Server Remote Access Policy and Remote Access Logging
Options are available.
Q u e s - :7. FAT/NTFS?
Ans :- There is major differences are available between FAT and NTFS
File System such as
FAT
· Fat stands for File Allocation Table
· There are two categories in Fat File System
o Fat 16
o Fat 32
· In Fat Up To Folder Level Security is available
· Compression Option is not available
· Encryption Option is not available
· Disk Quota Option is not Available
· FAT Supported By All Of The Microsoft Based Operating System
NTFS
· NTFS stands for New Technology File System
· There are three categories in NTFS file System
o NTFS 4.0 – NT O/S
o NTFS 5.0 – 2000 O/S
o NTFS 6.0 – 2003O/S
· In NTFS Up-to File Level Security is available
· Compression Option is available
· Encryption Option is available
· Disk Quota Option is Available
· NTFS Supported By only Limited Microsoft Based Operating System
Q u e s - :8. What is the difference between Windows NT/2000/2003?
Ans :- There are many differences are available between Windows NT,
2000 and 2003 O/S, Such As--
NT
There is no active directory
There is no tree/forest hierarchical structure are available
There is no Site Relationship
There is no parent domain and child domain concepts are
available in the network.
NT support NTFS 4.0 File system
NT Support NTLM Version 2 Lan Authentication Protocol
In NT by default no Trust Relationship are configured
In NT we will use System Policy
In NT specific Client Site Operating System is available i.e. NT
Workstation 4.0 Edition
In NT we will use Exchange 5.5 Server
In NT We Can Create Only One Way Trust Relationship inside
The Network.
2000
There is Active Directory
Tree/Forest Hierarchal Structure are available
There is Site Relationship is available
There is parent domain and child domain concept are available
2000 support NTFS 5.0 File system
2000 Support Kerberos Version 5 Authentication Protocol
In 2000 by default Two-Way Trust Relationship are configured
In 2000 we will use Group Policy
2000 support maximum 32 Processor and 64 GB RAM
In 2000 specific Client Site Operating System is available i.e. 2000
Professional
In 2000 we will use Exchange 2000 Server
In 2000 no Stub Zone is available in DNS
In 2000 Resultant Setup Policy is not available
In 2000 GPMC is not available
In 2000 Conditional Forwarding option is not available
In 2000 Effective Permission option is not available
In 2000 Only some Administrative Command Line Tools are
available
Active Directory Saved Query Option is not available
Shadow Copy Option is not available in Windows 2000 O/S
ASR Option is not available in Windows 2000 O/S
In Windows 2000 We Can Create Maximum 1 DFS Root On A Single
DFS Server in The Network.
In 2000 We Can Create Two Way Trust Relationship inside The
Network.
2003
There is Active Directory
Tree Forest Hierarchal Structure are available
There is Site Relationship is available
There is parent domain and child domain concept are available
2003 support NTFS 6.0 File system
2003 Support Kerberos Version 5 Authentication Protocol
In 2003 by default Two-Way Trust Relationship are configured
In 2003 we will use Group Policy
2003 support maximum 64 Processor and 512 GB RAM
In 2003 no specific Client Site Operating System is available you can
use either win 2k Professional either Win XP Professional in the
Network.
In 2003 we will use Exchange 2003 Server
In 2003 Stub Zone is available in DNS
In 2003 Resultant Setup Policy is available
In 2003 GPMC is available
In 2003 Conditional Forwarding option is available
In 2003 Effective Permission option is available
In 2003 more Administrative Command Line Tools are available
Active Directory Saved Query Option is available
Shadow Copy Option is available in Windows 2003 O/S
ASR Option is available in Windows 2003 O/S
In Windows 2003 We Can Create More Than 1 DFS Root On A
Single DFS Server in The Network.
In 2003 We Can Create Two Way Trust Relationship inside The
Network.
Q u e s - :9. What is Active Directory?
Ans :- Active Directory is the main concept of Windows 2000/2003
Network. It stores all of the information about the whole network
such as users, printers, computers etc.
Q u e s - :10. What is Tree?
Ans :- A group of domain is called tree and sharing a contiguous Name
space.
Q u e s - :11. What is Forest?
Ans :- A group of tree is called forest and does not sharing a contiguous
name space but sharing a common configuration (Schema).
Q u e s - :12. Difference between D.C. and A.D.C.?
Ans :- D.C. stands for Domain Controller and A.D.C. stands for
Additional Domain Controller. A.D.C. is a back up copy of D.C.
Only one different is available Between D.C. and A.D.C. i.e. -
Operation Master Role. On D.C all of the three Operation Master
Roles are available—
1. RID Master
2. PDC Emulator
3. Infrastructure Operation Master Role
But on A.D.C no any operation master roles are available
Q u e s - :13. What is the benefit of Child Domain?
Ans :- There are many benefits of Child Domain Such As—
00 Security Boundary
00 Administrative Overhead Low
00 Network Traffic Low
Q u e s - :14. What is Group?
Ans :- Group is a collection of user account. It provides the simplified
administration in the network.
Q u e s - :15. What is OU?
Ans :- OU stands for Organizational Unit. On OU we define group
policy in the network. Group policy is basically assigned on active
directory container i.e. Site, domain, OU. When ever we want
some users in the network do not use shut down the system, do not
use run command, do not use control panel, then we put that user
in the OU and assign the appropriate Group Policy on that OU.
Q u e s - :16. What is Group Policy?
Ans :- Group policy provides the stream line access to all of the users in
the network. Group policy is basically assigned on active directory
container i.e. Site, domain, OU. When ever we want some users
in the network do not use shut down the system, do not use run
command, do not use control panel, then we put that user in the
OU and assign the appropriate Group Policy on That OU.
Q u e s - :17. Difference between Permission, Right and Policy?
Ans :- P ermission – Permission are basically assigned on network
resources as for example – File, Folder, Share Folder, Printer
Right – Right is basically assign to users and groups.
Policy – Policy are basically assigned on active directory container
i.e. - Site, Domain, OU.
Q u e s - :18. What is ISA Server?
Ans :- ISA stands for Internet Security Acceleration. ISA Server
Provides the Internet connectivity for all of the users in network
ISA server also works as a Proxy Server in the network. With the
help of ISA Server Administrator can Filtering a Client request
For a Specific Web site in the Network.
Q u e s - :19. What is Default Gateway?
Ans :- Default Gateway is the IP Address of Router in the network.
When ever any clients want to go to another network that query
will forward to Default Gateway.
Q u e s - :20. What is Site?
Ans :- A Site is a geographical area where all of the domains are
available. Site manages the Replication Traffic between Two or
More Different Sites in the Network.
Q u e s - :21. What is Operation Master Role?
Ans :- Operation Master Role is available on Domain controller in the
Network. There are Five types of Operation Master Role –
00 Schema Master
00 Domain Naming Master
00 RID Master
00 PDC Emulator
00 Infrastructure Operation Master Role
Q u e s - :22. Difference between Mixed Mode and Native Mode?
Ans :- There are three types of domain mode—
1. Mi xed Mode – In this mode NT, win 2k and win 2k3 D.C are
available.
2. Wi n 2k Native Modes – In this mode Win 2k And win 2k3 D.C are
available.
3. Wi n 2k3 Native Mode – In this mode only win 2k3 D.C are
available.
Q u e s - :23. What is SCSI?
Ans :- SCSI stands for Small Computer System Interface. In SCSI the
rate of data transmission is fast. SCSI Hard Disk Speed—R.P.M is
fast In SCSI Data Transmission Speed Is 320 MBPS in the
Network. In SCSI Controller We Can connect Maximum 15
physical Devices in the System.
Q u e s - :24. What are A-Host Record and PTR Record?
Ans :- A record is also called host record. This record is basically created
in forward lookup Zone.
PTR record is also called pointer record. This record is basically
created in reverse lookup Zone.
Q u e s - :25. What is Reservation?
Ans :- Reservation Is Basically used In DHCP Server. When Ever we
want This Computer Is Always received This IP address From
DHCP Server in The network, in That Case we create a
Reservation in DHCP Server Of that particular Computer in The
Network.
Q u e s - :26. IP Address Range/Classes?
Ans :- There are two types of IP address—
1. Class Full IP Address
2. Class Less IP Address
Class Full IP Address – There are five classes –
1. Class A – 0 – 126 (127 is reserved for Loop back)
2. Class B – 128 – 191
3. Class C – 192 – 223
4. Class D – 224 – 239
5. Class E – 240 – 255
Q u e s - :27. Difference between Hardware Router and Software
Router?
Ans :- H ardware Router – Hardware Router is a dedicated Router. It’s
having a lot of features such as security, dedicated routing in the
network. As for example Cisco Router.
Software Router – Software Router is not a dedicated Router. It
provides the different services also, such as DNS server, DHCP
Server. i.e.—Windows Based Router.
Q u e s - :28. Difference between Hardware Firewall and Software
Firewall?
Ans :- H ardware Firewall – It is a dedicated Firewall. A lots of security
features are available on hardware based firewall. As for example
— Cisco pix Firewall.
Software Firewall – It is not a dedicated Firewall. Its provides the
normal security in the network—check point
Q u e s - :29. What is Domain Controller?
Ans :- D.C stands for domain controller. It provides the centralized
management of entire domain in the network. When ever we will
install active directory database on a server side operating system,
then after that system becomes a D.C. Domain Controller
manages all security related Interaction between users and
Computers in The Network.
Q u e s - :30. What is B Router?
Ans :- B Router stands for Bridge Router. We can say this is a layer three
bridge that provides the communication between two or more
different network ID.
Q u e s - :31. What is Bridge?
Ans :- Bridge is a layer 2 network device that provides the
communication within the same network id. In Bridge Maximum
16 ports are available.
Q u e s - :32. Difference between Gateway and Router?
Ans :- Router works on same network architecture but Gateway works
on different network architecture.
Q u e s - :33. What is POP Server/SMTP Server?
Ans :- POP stands for Post Office Protocol. It is basically use for mail
receiving purpose in the network.
SMTP stands for Simple Mail Transfer Protocol. It is basically use for
sending a mail as well as receiving a mail in the network.
Q u e s - :34. What is Active Directory Partitions?
Ans :- Active directory Partition Is a Logical Partition Of active
directory. This Partition Is Basically Use for replication from D.C
To A.D.C & D.C to G.C.S (Global Catalog server) in the
Network. There are three Types Of active Directory partition—
00 Schema partition
00 Configuration Partition
00 Domain Partition
Q u e s - :35. Types of Active Directory Partitions?
Ans :- There are three types of Active Directory partition –
1. Schema Partition
2. Configuration Partition
3. Domain Partition
Q u e s - :36. What is the Function of Ping Command?
Ans :- Ping provides to check the Physical/IP Connectivity between two
or more devices in the network. Ping sends an ICMP request from
source computer to destination computer and destination computer
sends an ICMP reply.
Q u e s - :37. What are Broadcasting, Multicasting and unicasting?
Ans :- Broadcasting – One to All
Multicasting – One to many not all
Unicasting – One to One
Q u e s - :38. What is Group Nesting?
Ans :- When we add two or more Groups within a Single Group, it is
called Group Nesting.
Q u e s - :39. What is FIXMBR?
Ans :- FIXMBR Repair the Master boot Record of the Partition Boot
Sector.
Q u e s - :40. What is FIXBOOT?
Ans :- FIXBOOT write a new Partition Boot Sector on to the system
Partition.
Q u e s - :41. What is SID?
Ans :- SID stands for Security Identifier. Every Object has a unique ID,
it is called SID.
Q u e s - :42. What is RADIUS Server?
Ans :- RADIUS Stands for Remote Authentication Dial-in User Service.
RADIUS Server Provides the Centralized management of
Multiple RAS & VPN Server in the Network. On this Server
Remote Access Policy and Remote Access Logging Options are
available.
Q u e s - :43. What is Trusting Domain?
Ans :- In Trusting Domain Resources are available.
Q u e s - :44. What is Trusted Domain?
Ans :- In Trusted Domain User Account’s are available.
Q u e s - :45. What is Microsoft Exchange Server?
Ans :- Microsoft Exchange Server is Software that provides the services
such as sending & receiving the Mail.
Q u e s - :46. What is Printer?
Ans :- Printer is a Software that Governing the Print Device. There are
two types of Printer—
1. Local Printer
2. Network Printer.
Q u e s - :47. What is Chatting?
Ans :- Chatting is a Real Time Conversion between Two or More
peoples in the Network.
Q u e s - :48. What Is Directory Services restore Mode?
Ans :- When our Active Directory Database is Not Working Properly,
Then We Restart the Domain Controller and Press f8 Key Then
after Selecting the Directory Services Restore Mode and Then
after Restoring the Active directory Database from the Last
Backup.
Q u e s - :49. What is normal backup?
Ans :- Just like a normal backup. By default backup.
Q u e s - :50. What is incremental backup?
Ans :- In incremental Backup only incremental parts are backup not full
backup.
Q u e s - :51. What is Differential backup?
Ans :- In differential backup, we take full backup after the normal
backup.
Q u e s - :52. What is packet?
Ans :- A packet is a logical grouping of information that includes a
header which contains location information and user data.
Q u e s - :53. What is forwarder?
Ans :- It is basically use in DNS Server. When client query to the DNS
Server, In that case if the DNS is having a best result then DNS
Server give the best result To The Client Computer In The
Network otherwise DNS Server forward the client query to the
root DNS server on own behalf and give the complete result To
The client computers in The Network
Q u e s - :54. What is encryption?
Ans :- There are four types of encryption—
1. No Encryption – no
2. Basic – MPPE – 40 bits – des
3. Strong – 56 bits – des – MPPE/IPSec
4. Strongest – 128 bit data encryption – MPPE/IPSec
Q u e s - :55. What is RIP v.1, RIP v.2, IGMP, OSPF?
Ans :-
1. RIP v.1 – Broadcast – Small Network Use
2. RIP v.2 – Multicast
3. IGMP – Multicast
4. OSPF – Multicast – For Larger Network
Q u e s - :56. What is the requirement Of VPN Server?
Ans :- VPN require IP connectivity between the client and the server.
VPN does not require a dial up connection Between the Client and
server in The Network.
Q u e s - :57. What is Inbound Connection?
Ans :- Inbound connection is Created On server Side.
Q u e s - :58. What is Outbound Connection?
Ans :- Outbound connection is created on client Side.
Q u e s - :59. What is The Function of jetpack command In DHCP
Server?
Ans :- Check the database consistency of DHCP Server in the Network
Q u e s - :60. What is Remote Access Policy?
Ans :- In Remote Access Policy there are three options are available—
1. Condition – 8 a.m. to 5 p.m., Marketing Group
2. Permission – Yes/No
3. Profile – Connectivity time, IPSec Policy
Q u e s - :61. What is TRACERT?
Ans :- TRACERT display Complete route Information from source
computer to destination computer in the Network.
Q u e s - :62. What is the function of jetpack command in WINS
server?
Ans :- For Compacting the WINS database, we use jetpack command.
Jetpack wins.mdb kk.mdb
Q u e s - :63. What is tunneling form?
Ans :- The sending and receiving of data through a secure way in the
network, it is called tunneling form.
Q u e s - :64. What is trust relationship?
Ans :- Trust relationship is an important part in the client server network.
There are two types of trust relationship—
1. N on Transitive Trust – Non Transitive Trust is a one way trust
relationship in the network. As for example—in NT network
2. T ransitive Trust – Transitive Trust is two way trust relationship in
the network. As for example—in 2000/2003 network.
Q u e s - :65. What is DACL?
Ans :- DACL stand for Discretionary Access Control List. In DACL
basically permission entry is available of any user in the network
Q u e s - :66. What is SACL?
Ans :- SACL stand for System Access Control List. In SACL basically
auditing entry is available of any user in the network.
Q u e s - :67. What is MSI?
Ans :- This file is basically use for deploying or installation of any
application in the network.
Q u e s - :68. What is MST?
Ans :- This file is basically using for repairing of any application in the
network.
Q u e s - :69. What is zap file?
Ans :- It is basically use for that application, which do not have the MSI
file. We create a text file with zap extension for deploying or
installation purpose of any application in the network.
Q u e s - :70. What is ace?
Ans :- Ace stand for access control entry.
Q u e s - :71. What is operation master role?
Ans :- Operation master role is available on domain controller in the
network.
There are five types of operation master role inside the active
directory
1. S chema Master – Schema Master Is responsible for changes of
schema, updating of schema in the Network.
2. D omain Naming Master – Domain Naming Master Is Responsible
For adding or removing a domain inside the forest.
3. R ID Master – RID Master provides RID no. of each D.C in the
Network. Every D.C is having a one id no, it is called RID NO.
domain—rid, object—S.I.D.
4. P DC Emulator – It is basically use For Previous version Of
Windows 2000 Clients in The Network. PDC Emulator Work as an
emulator for previous version of Windows 2000 Clients in the
network.
PDC – Primary Domain Controller
BDC – Backup Domain Controller
5. I nfrastructure Operation Master – Infrastructure Operation Master
Role provides uniqueness of any object inside the forest.
Infrastructure operation master role. Updates references to objects and
group membership from other domain In the Network.
Q u e s - :72. What is dedicated server?
Ans :- A dedicated server functions as a server only not as a client. As
For Example—Domain Controller.
Q u e s - :73. What is bridgehead server?
Ans :- A bridgehead server is a central point in the site that is responsible
for replication from another site.
Q u e s - :74. What is the booting file Of Windows 2000/2003/xp O/s?
Ans :-
1. NTLDR
2. NTDETECT.COM
3. BOOT.INI
4. NTBOOTDD.SYS
5. NTOSKRNL.EXE
Q u e s - :75. What is clustering?
Ans :- Suppose, I create a web site—www.yahoo.com. This same web
page is available On All Of The ten computers. I configured
clustering on all of the ten computers. Let Say at a same time one
thousand people access this web site. If this web services are
provided by only one computer, then it may be a very busy. But in
this time workload is sharing among ten computers. This is called
clustering and If One Server Will Be down Another Server Are
providing The Services in The Network. There are Two Benefits
of Clustering—
1. Fault Tolerance
2. Load Balancing
Q u e s - :76. What is authoritative restore?
Ans :- In this process the one lacks version no high of each object in
active directory database and this parts is overrides on other D.C
in the network. We will use This Method in Following Options
Such As--- Some Deletions, Some rename
Q u e s - :77. What is migration?
Ans :- It is basically use for converting NT, 2000 network to 2003
network. There are two types of migration—
1. U pgrading – In upgrading Process maintains current domain
model. As for Example—Before Migration three domains are
available and after Migration again three domains are
Available.
2. R estructuring – In restructuring Process no maintain current
domain models. As for example- Before Migration three
domains are available and after Migration May Be one
domain will be Available.
Q u e s - :78. What Is Schema?
Ans :- Schema basically reads The Attributes and defines The Classes.
Such As User class, Printer Class, Computer Class.
Q u e s - :79. What is Stub Zone?
Ans :- STUB Zone is a pointer Record of Sub Child domain in the
network. STUB Zone provides the directly communication
Between Parent domain and Sub child domain. If any case middle
level DNS Will Down in That case Parent and Sub Child Domain
are still communicating with each other in the network
Q u e s - :80. What Is Shadow Copy?
Ans :- Shadow Copy provides the automatic Backup Of any particular
shared Folder in The Network. Shadow copy provides the No. of
previous version Backup of Any particular Shared folder in the
Network. In any time we can View and restore Of Any Previous
Version Backup Of that particular Folder. This Is the New
features of windows 2003 Operating System.
Q u e s - :81. What Is RSOP?
Ans :- RSOP stands for Resultant Set of Policy. It is basically use for,
when ever we Want, What ever the effective policy Is apply On a
particular User and particular computer in The Network
Q u e s - :82. What Is Group Policy Modeling?
Ans :- In Group policy Modeling, We Can find out what Ever the
effective policy Is Apply On a particular User and particular
computer in The Network
Q u e s - :83. What Is Group Policy Resulting?
Ans :- In Group policy resulting, we can find Out What ever the effective
policy Is Apply On a particular User and particular computer in
The Network
Q u e s - :84. What Is SUS Server?
Ans :- SUS stands for software Update server. This server provides the
Automatic Updating from Microsoft Update Server to All of The
Clients and servers in the network
Q u e s - :85. What Is Windows update?
Ans :- Windows Update Services Provides the automatic updating From
Microsoft Windows update Server to all of the Clients & servers
in The Network
Q u e s - :86. What Is GPMC?
Ans :- GPMC stands For Group policy Management Console. With The
Help Of this Tools We Manage the Group policy Object Of entire
Forest from single Location in The Network. With The Help of
This Too we also take The Backup and restoring Of Group policy
object.
Q u e s - :87. What Is Conditional Forwarding?
Ans :- Conditional Forwarding Is Basically use in DNS server. In DNS
Server, We define The Condition, If Any DNS Query Is Related
to That Particular Domain, In That Case That Query Will Directly
Forward to That Domain and If That DNS Query Is Not Related to
That Particular Domain In That Case That Query Will Forward to
ISP DNS server In the Network. With The Help of Conditional
Forwarding, we can say the rate Of Data Transmission Rate Is
Fast in The Network This Is the New Features in Windows 2003
Operating System.
Q u e s - :88. What Is Effective Permission?
Ans :- Effective Permission display that is what ever the effective
permission is available of any User in Any particular resources in
the Network.
Q u e s - :89. What Is the Booting file Of 98 Operating system?
Ans :-
00 MSDOS.SYS
00 IO.SYS
00 COMMAND.COM
Q u e s - :90. What Is ASR?
Ans :- ASR stands for automatic system recovery. ASR provides the
complete backup of any Computers in The Network.
Q u e s - :91. What Is the Difference Between system policy And
Group policies?
Ans :- System Policy are Used in NT environment But Group policy Are
Used in Windows 2000 And Windows 2003 Environment.
Q u e s - :92. What is Connection Oriented protocol?
Ans :- Before the Data is Sending from Source Computer to destination
Computer in the Network first of All connection is establish
between source to destination Computer. It Is Called connection
Oriented Protocol. As For Example—TCP.
Q u e s - :93. What Is IDE?
Ans :- IDE Stands For Integrated device electronics. In IDE We Can
Connect Maximum 4 physical devices in The System. In IDE the
Rate of Data transmission is slow. In IDE Maximum Speed is –80
MBPS in the Network.
Q u e s - :94. Why we Create a Site?
Ans :- There are many benefits for creating a Site inside the Network
Such as:
00 Manage Replication Traffic inside the Network
00 For Group policy Purpose
00 Administrative Burden will be Low
00 Network Traffic will be Low
00 Network Performance will be Good
00 Logon Traffic
00 Reduce The No. Of request For Global Catalog
Server
Q u e s - :95. Difference between IP V-4 and IP V-6?
Ans :- There is major difference between IP V.4 and IP V.6 such as –
00 In IP V.4 is a 32 bits IP Address but IP v.6 128 bits IP
Address.
00 IP v.4 is a Decimal Format, but IP V.6 is Hexa-Decimal
Number.
00 IP V.4 has 4 Octets, but IP V.6 has 16 Octets.
00 IP V.4 is supported by Operating System, but IP V.6 is
supported by only some Operating System.
00 In IP V.4 only limited number of IP Address are
available, but in IP V.6 a number of IP Addresses are available.
Q u e s - :96. What Is the Function of Schema partition?
Ans :- Schema Partition is responsible for Replication to all of the
Domains inside the Forest.
Q u e s - :97. What Is The Function of Configuration Partition?
Ans :- Configuration Partition is responsible for Replication to all of the
Domains inside the Forest.
Q u e s - :98. What is the function of Domain Partition?
Ans :- Domain Partition is responsible for Replication to all of the
Additional Domain Controller inside the own Domain.
Q u e s - :99. What is Active Directory Database Location?
Ans :- Systemroot\NTDS Folder\NTDS.DIT
Network:-A group of computers that is connected by cable or other
devices to share their data, information and devices with each other is called
Network. There are two types of Network:
1. P eer-to-Peer :-Peer-to-Peer network is also called Workgroup. In
Workgroup there is no dedicated server. All Computers are equal,
Every Computers Works Both as a Client and a Server. In Workgroup
all users account such as user name and password Are Available in the
SAM database. SAM Stands for Security Account Management
Database.
2. C lient Server :-Client Server network is also called Domain. In
Domain there is one dedicated server; That Server Is Called D.C. D.C
Stands for Domain Controller. In Client Server Network All users
account such as user name and password are Available in the Active
Directory database. Domain is a security boundary in the Network.
there Are Many Benefits of Domain, Such As—
A. Single logon
B. Single User Account
C. Centralized Management
There are three scopes of Network:
1. L AN :-LAN stands for Local Area Network. In a fixed area all of the
computers are connected to each other, it is called LAN. In LAN we
do not use any third party Service Provider Network such as
Telephone Line, Internet and Satellite.
2. WA N :-WAN stands for Wide Area Network. Across the world all of
the computers are connected to each other, it is called WAN. In WAN
we use Third Party Service Provider Network such as Telephone Line,
Internet and Satellite.
3. MA N :-Man stands for Metropolitan Area Network. MAN is a child of
WAN because in a metropolitan city all of the computers are
connected to each other, it is called MAN. In MAN we use Third
Party Service provider Network such as Telephone Line, Internet and
Satellite.
(Example:-Suppose I have a company that name is ABC Pvt. Ltd.
held in Delhi which has four branch offices First is South Delhi,
Second is East Delhi, Third is North Delhi and Fourth is West Delhi.
All the branch offices are connected to the main office with the help
of Third Party Service Provider Network such as Telephone Line,
Internet and Satellite, it is called MAN.)
NIC:-NIC stands for Network Interface Card...
PXE:-PXE stands for Pre Execution Boot Environment. It is generally use
in RIS.
PXE and Non-PXE:-Boot roam is available on PXE Card. Boot roam is not
available in Non-PXE Card.
Cable:-Cable is a medium that creates a Network and carry the signals
between computers in the Network. There are two types of cable:
2. T wisted Pair Cable :-Twisted Pair Cable is also called 10Base T.
There are four pair in this cable White - Green, White - Blue, White -
Brown, White - Orange. There are two types of Twisted Pair Cable:
A. U TP :-UTP stands for Unshielded Twister Pair. There are no
mass shielded on the wire.
B. S TP :-STP stands for Shielded Twisted Pair. There are a
mass shielded on wires.
3. C oaxial Cable :-Coaxial Cable just like as a normal TV cable. In
coaxial cable one is copper wire that is located in the central location
of the cable then after a plastic coating then after shielded with mass
and then after upper coating (Black Coating). There are two types of
coaxial cable.
A. T hin Net Coaxial Cable :-Thin Net Coaxial Cable is also
called as 10Base 2. 10 stand for 10 MBPS and 2 stands for
up to 200 meters.
B. T hick Net Coaxial Cable :-Thick Net Coaxial Cable is also
called as 10Base 5. 10 stand for 10MBPS and 5 stands for
up to 500 meters.
4. F iber Optic Cable :-In Fiber Optic Cable the data are sending in
digital form not in analog form. The rate of data transmission is fast
by using this cable.
There are two types of device in the network—
1. DTE Device--- D.T.E Stands for Data Terminal Equipment. As
for example—P.C, ROUTER
2. DCE Device---D.C.E Stands For Data Communication
Equipment. As for Example—HUB, SWITCH, MODEM
Straight Cable:-When we connect Two Different Devices, Such as DTE to
DCE Device in that cases we will use straight cable as for example
Computer to Hub, Computer to Switch.
Cross Cable:-When we connect two similar devices, Such as DTE to DTE,
DCE to DCE in that case we will use cross cable as for example Computer
to Computer, Hub to Hub.
Topology:-Topology is the way of connecting the computers.
Topology requires two or more computers. There are five types of
Topology.
1. B us-Topology :-In this Topology all of the computers are connected
to a single Wire Such As--coaxial cable. In Bus-Topology if the cable
is break from any where then the all network is down. In BusTopology
the network speed is divided among the computers. In this
topology we use BNC connector. BNC stand For Barrel Net
Connector.
2. S tar Topology :-In this Topology all of the computers are connected
to a central device such as Hub, or Switch. In star Topology if one
computer Will failed in that case my network will be still working
properly. In this topology we normally use UTP cable and RJ-45
connecter. RJ stands for registered jack.
3. R ing Topology :-In this Topology all of the computers are connected
to own next computer and the last computer is connected to first
computer. In this topology if one computer will fails then my whole
network are down. (Cable Used-? Speed - ?).
4. Mes h Topology :-In this Topology all of the computers are connected
to each other computer in the network by a separate cable and
Separate NIC card. It is also called complete Topology.
5. H ybrid Topology :-When we will connect two or more same
Topology To a single different Topology, it is called Hybrid
Topology. There are two types of Hybrid Topology:
A. S tar wired Bus
B. S tar wired Ring
Technology:-The rate of data transmission depends on your Network
Technologies. There are many types of Network Technologies Are
Available in the World---
00
E thernet :-Ethernet is a popular LAN Technology that uses
CSMA/CD.
00
A TM :-ATM stands for Asynchronous Transfer Mode. ATM is
a packet switching network that sends fixed length packets over LAN
or WAN. The packet size is 53 bytes in which 48 bites data and 5
bytes for address.
00
F rame Relay :-Frame Relay is a packet switching networks that
sends variable length packets over LAN or WAN.
00
F DDI :-FDDI stands for Fiber Distributed Data Interface. The
rate of data transmission is fast in this Technology. There are two
types of Ring in this Technology. First is Primary Ring and second is
Secondary Ring. Normally the data is sending from source computer
to destination computer through the Primary Ring if Primary Ring
Will Be fails then the data Will Be sending through the Secondary
Ring.
Hub:-Hub is a central device in the network that is used in star topology.
Hub does the broadcasting. The rate of data transmission is slow in the
network by using Hub.
Switch:-Switch is a central device in the network that is used in star
topology. Switch does the conditional broadcasting. The rate of data
transmission is fast in the network by using Switch.
Router:-Router is a device that provides the connectivity between two or
more different network id.
Gateway:-Gateway is a device that provides the connectivity between two
or more different network id. Gateway works on different network
architecture.
Repeater:-Repeater receives the signals and retransmits it to original
strength in the network.
IP Address:-IP Address is a unique identifier in the network from one
computer to anther computers. IP Address Is A Combination Of Network Id
+ Host Id.
MAC Address:-Each network adaptor are having a unique address, it is
called Physical Address or MAC Address. MAC stands for media access
control.
Subnets:-Network segments that connected to a router are called Subnets.
Subnet Mask:-The Subnet Mask is a screen that differentiates from
Network ID to Host ID in a IP Address.
Network ID:-The first part of the IP Address that defines the network is
called Network ID.
Host ID:-The second or last part of The IP Address that defines the Host
number is called Host ID.
Sub Netting:-A Big Network Is further divided Into Smaller-smaller
Network that is called sub netting. In sub netting we increase the Network
ID and decrease the Host ID by making some changes in subnet mask.
Super Netting:-Combining of Smaller-Smaller Network into big Network
That Is Called Super netting. In Super netting we increase the Host ID and
Decrease the Network ID by making some changes in subnet mask.
Proxy Server:-Proxy Server is a firewall component that enables us to
connect multiple computers in a network to the Internet by using a single
Public IP Address. By Proxy Server we can filter the client request for a
specific Web Site.
NAT:-The NAT is a device or service that translates Private IP Address to
Public IP Address in the Network NAT Provides the internet connectivity
for all Of the Internal User in the Network through Single Public IP address
And Single Line. There are three Types of NAT—
1. Static Nat
2. Dynamic Nat
3. Overloading Nat—PAT(Port address Translation)
Firewall:-A Firewall is the combination of hardware and software that
prevents unauthorized access to an internal network from outside.
Microsoft Proxy Server:-Microsoft Proxy Server provides both features
Such As Proxy Server and a Firewall.
Protocol:-Protocol is the set of rules and regulations that provides the
communication Between Two or More devices in the Network.
Packet Switching:-In Packet Switching all of the data are sending from
source computer to destination computer through may be a different way.
Circuit Switching:-In Circuit Switching all of the data are sending from
source computer to destination computer through a single way.
Disk Quota:-When we want some users in the network do not use more disk
space of the Hard Disk then we put a appropriate Disk Quota entry on those
users.
Compression:-By compression we add free of space in our Hard Disk.
Terminator:-Terminator absorbed the electric signal and stops the
reflection.
Socket:-A Socket is a combination of IP Address and TCP/UDP Port.
Port:-A Port is recognized by the service as for example FTP uses Port 21.
OSI:-OSI stands for Open System Interconnection model. It is a standard
model in the world. When ever One Computer Wants to communicate with
another Computer, A Major Task Is Performed inside the Computer and that
major Task are divided into Seven Parts and That Seven Parts Is Called
seven Layers.
1. A pplication Layer : - Application Layer Identify the which types Of
Application Are Using By The Client In The Network. As For
example—HTTP, FTP, SMTP, Telnet
2. P resentation Layer : - The format Of Data depends on the
presentation Layer. There Are Two Major Function Of Presentation
Layer—
A. Converting High Level Coding to Low Level Coding
B. Converting Low level Coding to high Level Coding
Generally there are Two Types Are Coding In this Layer—
1. ASCII-American Standard Code For Information Interchange code
2. EBCDIC—Extended Binary Coded For decimal interchange Code
Some additional Functions are presentation Layers is—
1. Compression
2. Decompression
3. Encryption
4. Decryption
3. S ession Layer : - Session Layer Provides the which types Of Session
Are Establish between Sources to Destination Computer in the
Network. There Are three Types Of Data Transmission in the
Network—
A. Simplex Transmission:-Simplex Transmission is only one way
transmission as for example RADIO, T.V
B. Half-Duplex:-Half-Duplex is an only one way transmission at a
time. As for example—hub, walky talky
C. Full-Duplex:-Full-Duplex is a two way transmission at a same
time. As for example—switch, telephone, and wireless
Session Layer Provide Some Additional Function in the Network,
That Is—
00 Pause the Session
00 Terminate The Session
00 Restart The session
4. T ransport Layer :-Transport Layer provides The End to End
Connectivity in The Network. Transport Layer is responsible to carry
the data from source to destination computer In the Network.
Transport Layer provides The Two types Of Connectivity in The
network—
Reliable Connectivity
Unreliable connectivity
Generally There Are Two types Of Protocol in Transport Layer
1. TCP-Transmission Control Protocol
2. UDP—User Datagram Protocol
TCP provides the reliable connectivity in the Network. & UDP
Provides the Unreliable connectivity in the network.
5. N etwork Layer :-Network Layer Provides the Source IP address and
destination IP address in the Network. There are Two Major Function
of network Layer—
1. Provides the Logical addressing—IP Addressing.
2. Provides the Routing
Router Is a Layer 3 device in the network
6. D ata Link Layer :-Data Link Layer provides the Source Mac address
And destination Mac address in the Network. All of the Wan
Technology Is a Layer 2 technology. Switch and Bridge Is a Layer
2device in The Network.
7. P hysical Layer :-Physical Layer Is Responsible For Put The Data on
the Cable. Hub, Repeater, Cable, NIC these are Layer -1 Device in
The Network.
TCP:-
1. TCP Stands for Transmission Control protocol
2. TCP is a Connection Oriented protocol
3. It Is a unicasting protocol
4. The Rate of Data transmission Is Slow in TCP
5. In TCP The Guarantee Of Data Delivery
6. In TCP Acknowledgement is must.
UDP:-
1. UDP Stands for User Datagram protocol.
2. It Is a Connection Less protocol
3. It Is a Broadcasting protocol
4. The Rate Of Data transmission is Fast
5. In UDP No Guarantee of Data Delivery
6. In UDP No Acknowledgement
Data transmission Types:-There are three types of data transmission in the
network--
1. S implex Transmission :-Simplex Transmission is only one way
transmission as for example RADIO, T.V
2. H alf-Duplex :-Half-Duplex is a one way transmission at a time. as for
example—hub, walky-talky
3. F ull-Duplex :-Full-Duplex is a two way transmission at a same time.
as for example—switch, telephone, wireless
ARP:-ARP stands for Address Resolution Protocol. It is basically use for
resolving IP Address to MAC Address in the network.
DOD model:-
DOD Model Stands For department of defense model. This Model is also
known As TCP/IP Model. There are four Layers in DOD Model---
1. Application Layer—3 layer of OSI Model
2. Transport layer—transport layer of OSI Model
3. Internet layer—Network layer Of OSI Model
4. Network Interface Layer Or physical Layer—Data link & Physical
Layer of OSI Model.
1.Application Layer:-There are many types of protocols in Application
Layer:
A. H TTP :-HTTP stands for Hyper Text Transfer Protocol. It is
basically use for caring the web page. HTTP uses Port 80.
B. F TP :-FTP stands for File Transfer Protocol. It is basically
use for transferring the file. FTP uses Port 21.
2. T ransport Layer :-There are two types of protocol in this layer:
A. T CP :- TCP stands for Transmission Control Protocol. It is a
connection oriented protocol. The rate of data transmission
is slow in this protocol. By this protocol the
acknowledgement is must.
B. U DP :- UDP stands for User Datagram Protocol. It is a
connection less protocol. The rate of data transmission is
fast by this protocol. The acknowledgement is not required.
3. I nternet Layer :-There are normally four protocols on this layer:
A. I P :-IP stands for Internet Protocol. It is responsible for
assigning the IP Address.
B. I CMP :-ICMP stands for Internet Control Manage Protocol.
On the unsuccessful delivery it shows the error massage to
resend the data.
C. I GMP :-IGMP stands for Internet Group Management
Protocol. It is responsible for control Multicasting and
Broadcasting.
D. A RP :-ARP stands for Address Resolution Protocol. It is
basically used for resolving IP Address to MAC Address in
the network.
Dual Booting:-A Dual Boot configuration allows us to choose between two
or more operating system each time when we start the computer. In Dual
Booting one operating system is belongs to NOS family and another
operating system must be belongs to simple O/S family and the system
partition must be formatted with either Fat or Fat 32.
File System:-A logical division of the Hard Disk is called File System such
as sector or Tracks.
Partition:-A logical division of Hard Disk is called Partition.
User Profile:-A user profile contents the information about a specific user’s
log on setting Such As Desktop Setting. There are three types of user profile.
1. L ocal User Profile :-A local user profile is automatically created on
each computer to which the user log on.
2. R oaming User Profile :-The same profile can be used from anywhere
in the network from which the user log on. In This Profile User Can
Change His Own profile and that profile Will Be saved In Central
Location.
3. Man datory User Profile :-A permanent profile will be used of any
user in the network from which the user log on. In this profile user can
change his own profile but that profile will not be saved in central
location. That change is only for temporary purpose.
Offline:-By offline user evenly access to a network share folder when he
disconnected from the network. There Are Three Types Of offline setting—
1. Manually Caching For document—by Default
2. automatic caching for document
3. automatic caching for program
Recovery Console:-When my system’s registry is damage and my operating
system is not starting properly in that case we will use Recovery Console. In
Recovery Console we use some command line tools such as enable, disable,
fixmbr, fixboot etc.
Active Directory:-Active Directory is the main concept of Windows 2000
& Windows 2003 Network. It stores the complete information about the
whole network such as users, printers, computers etc. Active Directory
provides The Centralized Management in the Network.
Objects:-Everything in Active Directory is called Object such as users,
Printers, computers etc.
Attributes:-Every object has some qualities that are called Attributes. On
the basis of these attributes we identify the object such as user, printer,
computer etc.
Terminal Services:-By Terminal Services we can manage our server from
anywhere in the network. There are two modes in Terminal Services:
1. R emote Administration Mode :-In this mode at a same time By
Default maximum two administrators can connect remotely to the
server and manage it.
2. A pplication Server Mode :-By this mode user allow to run remotely
one or more applications on the Server.
Leased Line:-Leased Line is a point to point connection. When we connect
24 hours a day to the Internet then we have a best option to choose the Lease
Line because it is cost effective(no Costly)
ISDN Line:-ISDN Line is not a point to point connection. ISDN networks
extend from the local telephone exchange to the remote user in the network.
By ISDN Line the rate of data transmission is fast. The data are sending in
digital form not in analog form. In ISDN scenario both side (client side and
server side) ISDN Modem is necessary.
USB:-USB stands for Universal Serial Bus. It is basically use for physically
connecting many devices At a Same Time that supports the USB such as
printer, mouse, scanner, web camera etc. It is compatible with near about
127 devices at the same time.
Security Template:-Security Template is a readymade designed by
Microsoft for implementing a security configuration in the network. There
are four types of Security Template Basic (By Default), Compatible (LowLevel
Security), Secure and High.
Service Pack:-Service Pack updates the DLL files and adds some additional
features in operating system.
DLL:-DLL stands for Dynamic Link Library. It is the important files of any
application, which helps to run any application.
CRC:-CRC stands for Cyclic Redundancy Check. CRC is a number
provided by a mathematically calculation on the packet at its source.
Driver:-Driver is software which helps to perform the Hardware properly.
Multilink:-Multilink connection uses multiple modems to create a single
connection to the Internet or other computers in the network.
CSMA/CD:-CSMA/CD stands for Carrier Sense Multiple Access/Collision
Detect. At a same time when two computers are sending data to each other
in a single way then collision happens. In that case CSMA/CD stops the
collision and retransmits the data after sometime in the network.
CAL:-CAL stands for Client Access License. Any client computer who
accesses the server in a network must require a license. There are two types
of license Per Server and Per Seat. We convert Per Server to Per Seat at one
time but we cannot convert from Per Seat to Per Server.
Adminpack.msi:-For Installing/Uninstalling of Administrative tools we use
Adminpack.msi.
Safe Mode:-In this mode load only basic devices and drivers that are require
to start the computer. not loading the following drivers such as VGA card,
soundcard, network card etc. Only load the Basic driver Such as keyboard,
mouse, and storage device.
V GA MO DE :-Load the basic VGA driver. This mode is useful if a video
driver is preventing windows operating system from starting properly, basic
resolution 480 x 640 pixels setting are applies.
DNS SERVER:-DNS stands for domain name system. It is a basically use
for name resolution purpose of Windows 2000/2003 clients in the network
on working purpose. There are two types of zones:
1. F orward Lookup Zone :-It is basically used for resolving Host name
to IP Address in the network.
2. R everse Lookup Zone :-It is basically used for resolving IP Address
to Host name in the network.
Related Domain: - Related to Domain There are three types of zone:
1. A ctive Directory Integrated Zone :-Active Directory Integrated Zone
is integrated with Active Directory. For creating this zone Active
Directory and DNS is necessary on a particular computer in the
network.
2. S tandard Primary Zone :-Standard Primary Zone is not integrated
with Active Directory. For creating this zone only DNS is necessary
not Active Directory is required.
3. S tandard Secondary Zone :-Standard Secondary Zone is clone copy
of master DNS Server such as Active Directory Integrated Zone or
Standard Primary Zone.
Zone:-Zone is the database in the DNS where all computers A Record (Host
Record) and PTR Record (Pointer Record) are Available in the network.
Virtual Memory:-Virtual Memory is some space in the Hard Disk that is
used whenever RAM is full in computer.
Unattended Installation:-In this process we create an answer file. By this
process we can run the automatically installation of Windows 2000/2003
Operating System.
DFS:-DFS stands for Distributed File System. It is a central location of any
user in the network and that is linked with all of the share folder in the
network. By DFS user will be only access the DFS server and further access
any share folder in the network.
Hardware Profile:-For battery saving purpose or electricity saving purpose
we can use the Hardware Profile. It is basically use for mobile user in the
network. There are two main important parts in the Hardware Profile for
examination point of view first is Dock and second Undock station. Dock
station—inside the office, undock station—outside the office.
Internet:-The worldwide collection of all Networks and Gateways that is
uses TCP/IP protocol is called Internet. It is a example of WAN/it is also
known as WAN. Internet uses the high speed data communication lines
between the major nodes and the host computer. Internet is a public Net and
everybody can access it without user name and password.
Intranet:-A private network within an organization that is uses for distribute
the information within the organization is called Intranet. It is a example of
LAN/it is also known as LAN. In Intranet only the organization people can
access and use the Intranet.
Extranet:-A private network that is working within a organization and
outside the organization but not for public/everybody is called Extranet. In
Extranet the company employees, distributors, suppliers, customer etc. can
access the network.
DHCP:-DHCP stands for Dynamic Host Configuration Protocol. DHCP
Server provides the automatically TCP/IP configuration of all of the clients
in the network.
APIPA:-APIPA stands for Automatic Private IP Addressing. When I
configure a computer in TCP/IP setting to obtain IP Address automatically
and my DHCP Server is not available or not responding to DHCP client in
that case the computer receive a IP Address from APIPA in the range of
169.254.0.0.APIPA RANGE—169.254.0.1 to 169.254.255.254
DHCP Scope: - A DHCP scope is a range of IP Addresses in the DHCP
Server Who leases the IP address to DHCP Client in the network. There are
three types of Scopes:
1. N ormal Scope :-
2. Mu lticast Scope :-
3. S uper Scope :-
DHCP Relay Agent:-Suppose I have two subnets that is Subnet A and
Subnet B and both subnets are connected to a Router. I have a DHCP Server
in Subnet A. I configure two scopes in DHCP Server i.e. Scope A for
Subnet A and Scope B for Subnet B. I want to configure that all the
computers in Subnet B receive the IP Addresses from DHCP Server That Is
Located in Subnet A. But my Router is not RFC 1542 (Request for
Comment) compatible in that case I will install a DHCP relay Agent in
Subnet B.
Scope Option:-Scope Option provides the additional TCP/IP configuration
of any DHCP client in the network such as the IP Address of DNS Server,
WINS Server, Router etc. There are four types of scope option:
1. S erver Level :-
2. S cope Level :-
3. C lass Level :-
4. R eserved Client Level :-
Remote Access Connectivity:-There are two types of Remote Access
Connectivity in The Network.
1. D ial-up Remote Access :-For Dial-up Remote Access at least
telephone line and modem are necessary on both side Client side and
Server side. A RAS Server is must be configured at Server side. In
this process Remote Access Client dial the telephone number of RAS
Server and then after giving user name and password. After verifying
user name and password the Remote Access Client connect to the
RAS Server and further connect to the Internal Network.
2. V PN :-VPN Stands for Virtual Private Network. In this process
Remote Access Client connect to the VPN Server via Internet. By this
process the communication is very secure and the data are sending
and receiving in tunneling form.
DNS:-There are two types of DNS Query:
1. I terative Query :-When a client Query to the DNS Server and if my
DNS Server is having the best result then it will give the best result to
client in the network otherwise it will send a message not found, it is
called Iterative Query.
2. R ecursive Query :-When a client Query to the DNS Server and if my
DNS Server is having the best result then it will give the best result to
client computer otherwise it forward the client Query on own behalf
to the Root DNS Server and it will give the complete result to the
client Computer in the network, it is called Recursive Query.
CA:-CA stands for Certification Authority. CA provides the secure
communication between two or more computers in the network. There are
four types of CA:
1. E nterprise Root CA :-
2. E nterprise Subordinate CA :-
3. S tand Alone Root CA :-
4. S tand Alone Subordinate CA :-
Enterprise Root CA and Enterprise Subordinate CA required the Active
Directory but Stand Alone Root CA and Stand Alone Subordinate CA do not
require Active Directory.
IP Sec Policy:-IP Sec Policy provides the secure communication between
two or more computers in the network. There are three types of IP Sec
Policy in the network:
1. C lient Respond Only :-
2. S ecure Server Required Security :-
3. S ecure Server Request Security :-
ICS:-ICS stands for Internet Connection Sharing. It is basically used in
workgroup to share the Internet connection.
NS Lookup:-NS Lookup check that my DNS Server is working properly or
not in the network.
Scavenging:-Scavenging is use to clear the stale records in the DNS Server.
WINS:-WINS stands for Windows Internet Naming System. It is basically
use for Name Resolution purpose for previous version of Windows 2000
Clients in the network. It is resolving NetBIOS Name to IP address in The
Network There is three types of Replication partner in the WINS Server:
1. P ush Partner :-
2. P ull Partner :-
3. P ush-Pull Partner :-(By Default)
There are four Types Of nodes in WINS Server:
B – Node (Broadcasting)
P – Node (Search Server)
M – Node (B + P)
H – Node (P + B)
RIS:-RIS Stands for Remote Installation Service. In this process the
computers are connected to a server running Remote Installation Service and
then after RIS Server install the Windows 2000 Professional on those
computers. In this process the client computers uses the PXE Card.
Home Folder:-Home Folder is a central location of any user in the network
where he can save file and folder. Home Folder shows as a drive in the
computer when a user login the network from anywhere.
Tracert:- Tracert display Complete Routes Information from source
computer to destination computer in the network.
Telnet:-Telnet provides the remotely logon the computer and working on
that computer.
Global Catalog Server: - A Global Catalog Server is a forest root domain
that creates a relationship between two computers within the Single Forest
By default first root domain controller is the global catalog server in the
network. It stores the information about universal group in the network.
Global Catalog Server Maintain The Read Only Copy To All Of The
Domain Inside The Forest.
User Right:-User Rights authorized a user to who logon to the network or
computer to perform certain action on the system. There are some common
User Rights:
A. Log on Locally
B. Change the System Time
C. Shut Down the System
D. Access the Computer from Network
Power User:-A user that Are having the special authority to maintain the
user accounts such as add a user account, delete a user account, modify a
user account, change the password of a user etc. is called Power User.
Backup Operator:-A user that is having the power of Backup and Restore
the file of a computer it is called Backup Operator.
Wireless Communication:-In Wireless Communication we have not need
to attach a device to the computer by the help of wire. Wireless
Communication device works on the basis of receive and transmit the analog
or digital signals in The Network. There are two types of Wireless
Communication:
1. I nfrared Transmission :-In Infrared Transmission an infrared light
beam is used to carry the data between transmit and receiving device.
There must be a clear line between transmit and receiving device for
communication. TV and Remote is the example of Infrared
Transmission.
2. N arrowband Radio Transmission :-In Narrowband Radio
Transmission user tunes both the transmitter and the receiver to a
certain frequency. Narrowband Radio Transmission does not require a
clear line between both devices. Radio and FM is the example of
Narrowband Radio Transmission.
PPTP:-PPTP stands for Point to Point Tunneling Protocol. It is used in RAS
connectivity. PPTP enable the secure transfer of encapsulate data between a
PPTP Client and a PPTP Server across the Internet. PPTP uses MPPE
(Microsoft Point-to-Point Encryption) to encrypt the data.
L2TP:-L2TP stands for Layer Two Tunneling Protocol. It is used in RAS
and more secure then PPTP. L2TP enables the secure transfer of encapsulate
data between L2TP Client and L2TP Server across the Internet. L2TP uses
IP Sec (Internet Protocol Security) for Encrypt the data.
Three Way Hand Shake:-TCP is a reliable Protocol. When two computers
communicate that using TCP, firstly establish a connection before the
exchange of data, it is called session. Two computers establish a session by a
process that is called Three Way Hand Shake. There are three steps in Three
Way Hand Shake process:
A. The source computer initiates the connection by transmitting
the session information.
B. The destination computer responds with its session
information.
C. The source computer receives the information and sends an
acknowledgement.
Host Name:-A Host Name is a user friendly name that is given by us to a
computer to identify him. The Host Name is a 15 byte or up to 255 character
length name.
NetBios Name:-A NetBIOS Name is a 15+1 byte name in that 15 byte is
host name that is given by us and 1 byte is generated by computer
automatically.1 Byte Depends on That Computer Are Providing Which
Kinds Of services In the Network.
Web Server:-A server computer that provides the services related to web
site/Internet is called Web Server.
Class-full IP Address:-All the IP Addresses are divided into five classes
class A, B, C, D and E. All the classes having a default subnet mask
according to its class. So the IP Address that is given with its default subnet
mask is called Class-full IP Address.
Class-less IP Address:-All the IP Addresses are divided into Five Classes
class A, B, C, D and E. All the classes having its default subnet mask. When
we change the default subnet mask of an IP Address by the help of sub
netting and super netting, it is called Class-less IP Address.
Driver Signing:-Sometimes when we install a new driver/software on the
computer then its installation process is overwrite some system files and
damage or creating some problem with our operating system. To stop this
thing windows 2000 have a feature i.e. Driver Signing. Driver Signing
check the driver/software is signed by Microsoft or not. There are three
Options in Driver Signing:
1. I gnore :-In Ignore Windows do not check the signed or unsigned
driver and install the driver normally.
2. Warn :-In Warn Windows check the driver is signed or unsigned and
give a warning massage during installation for unsigned driver.
3. B lock :-In Block Windows never install the unsigned driver.
Permission Inheritance:-All the permissions is assigned to a folder is
automatic apply on its subfolder or files, it is called Permission Inheritance.
Take Ownership:-If the administrator has no rights or permissions on an
object then the administrator can be the owner of that object by the using the
power i.e. Take ownership and forcibly get the permission on that object.
Recovery Agent:-Recovery Agent has the power of Decrypt the file of any
user.
Decryption:-Change an Encrypted file to a simple file is called Decryption.
Or
Remove the Encryption from a file or Folder is called Decryption.
Hidden Share:-When we share a object with the $ sign, it is called Hidden
Share. Hidden Share object is not shown as like normal share objects.
Print Device:-Print Device is a hardware that is physically prints a
document.
Spool Folder:-Spool Folder shows the entire documents that are waiting for
print in print queue.
Default Printer:-Which printer I want to give priority to print document
that is known as Default Printer.
Printer Pooling:-By the Printer Pooling we can connect one Printer Driver
with two or more print device for load balancing Purpose In The Network..
In printer Polling We Can say
One Master and More than one servant are Available in the Network. In
printer pooling it is necessary that print device is same manufacturer and
same model no.
Printer Priority:-By Printer Priority we can connect two or more printers
with one print device and set the priority of each printer that whose
document is print firstly In the Network. In printer priority We Can say one
servant and more than one master are Available in the Network. In that case
which work will be first? We Can configure the priority on the printer, such
as—manger—99, user—1
Internet Printing:-By the Internet printing we can print a document
remotely in the Network. In Internet Printing we can print the document on
the print device that is located in other city.
Scope of Group:-There are three types of Group scopes In the Network:-
1. D omain Local Group :-In Domain Local Group –user Belongs to
Any Domain and Access resources My Domain.
2. G lobal Group :-In Global Group –User Belongs To My Domain and
Access Resources Any Domain.
3. U niversal Group ;-In Universal Group user –User Belongs to Any
Domain and Access Resources Any Domain.
There are two types of Groups:
1. S ecurity Group :-Security Group is basically used for give the
permission to the user on a Particular resource of the network.
Security Group is having all the features of Distribution Group.
2. D istribution Group :-Distribution Group is basically created for
sending E-Mails in The Network. On Distribution Group we can not
assign the permission For Any Objects in The network. Distribution
Group Can Not Work As A Security Group.
Disaster:-An event that becomes a cause to unable to start Windows
properly such as corruption of boot sector, deleting or missing system file
etc. is called disaster.
Disaster Recovery:-When a computer disaster occurs after that the process
of restoring the computer to its original state that is prior of disaster is called
Disaster Recovery.
ERD:-ERD stands for Emergency Repair Disk. ERD having a backup copy
of system state data such as registry, system files, partition boot sector,
startup environment etc. It is most important tool to recover your system
registry.
Disk Duplication:-When we need to install Windows 2000/2003 on a large
number of computers. We have create a disk image of Windows 2000/2003
installation and then copy the image to the multiple computers that process
is called Disk Duplication.
Networking Important Questions And Answers ~ System Admin Share >>>>> Download Now
ReplyDelete>>>>> Download Full
Networking Important Questions And Answers ~ System Admin Share >>>>> Download LINK
>>>>> Download Now
Networking Important Questions And Answers ~ System Admin Share >>>>> Download Full
>>>>> Download LINK qc