A variety of TCP/IP protocols work below the Application layer of the OSI model to provide support to the many applications we use on a TCP/IP network.

True / False Questions
 

34. (p. 225) A variety of TCP/IP protocols work below the Application layer of the OSI model to provide support to the many applications we use on a TCP/IP network. 
TRUE

35. (p. 226) Using TCP, if a receiving computer detects a missing packet, it just asks for a resend of the packet.
TRUE

36. (p. 226) Most TCP/IP applications use TCP as the Transport layer protocol because it is a connectionless protocol designed to check for errors.
FALSE

37. (p. 230) At any given time, your computer can only have one communication session open.
FALSE

38. (p. 227) ICMP is a Transport layer protocol used for applications that are always connectionless and never need more than a single packet.
FALSE

39. (p. 228) A port number is an 8-bit value between 0 and 65535.
FALSE

40. (p. 232) An application actively providing a service to a network client has an open port.
TRUE

41. (p. 237) Browsers request HTML pages from mail servers.
FALSE

42. (p. 239) Apache HTTP Server is Microsoft's Web server.
FALSE

43. (p. 243) SSH is a replacement for Telnet.
TRUE

Fill in the Blank Questions
 

44. (p. 225) A(n) ______________ protocol sends out packets without first confirming that the receiving station is ready to accept the packets.
connectionless

45. (p. 228) TCP/IP applications have their own distinct _________ numbers.
port

46. (p. 228) Web browsers use port number _______________ by default.
80

47. (p. 228) Used by specific TCPIP applications, port numbers 0 to 1023 are called _______________.
well-known ports

48. (p. 225) If a protocol sends out packets without first sending an acknowledgement to the destination station (nor a closing at the end of the communication), it is a(n) _______________ session.
connectionless

49. (p. 246) What type of application would you be using for packets received on ports 110 and 25?
e-mail

50. (p. 230) The _______________ command will show all open connections on a computer, along with the status of each.
netstat -an

51. (p. 228) To help distinguish good communications from bad communications, a network administrator should memorize many of the _______________ for common TCP/IP applications.
ports

52. (p. 238) Because of the weaknesses of _______________, the underlying protocol of the World Wide Web, Web designers often use other technologies with it to create more interactive pages.
Hypertext Transfer Protocol (HTTP)

53. (p. 238) To publish Web pages, begin with a(n) _______________ document that you wish to share over the Internet.
HTML

54. (p. 240) While there are hundreds of Web server programs, the top ones used in the United States are _______________ and _______________.
Apache HTTP Server; Internet Information Server (IIS)

55. (p. 241-242) Both the _______________ protocol and the newer, more secure _______________ protocol have been used to make HTTPS connections secure.
Secure Sockets Layer (SSL); Transport Layer Security (TLS)

56. (p. 243) Telnet is rarely used on the Internet, having been replaced by _______________, which looks just like Telnet, but encrypts data.
SecureShell (SSH)

57. (p. 243) Because Windows does not have a built-in _______________, we use third-party server programs, like freeSSHd.
secure shell server

58. (p. 245) Three pieces of information required when you configure a Telnet client are the _______________, your _______________, and your _______________.
host name; user login name; password

59. (p. 245) _______________ allows you to send single commands to a remote server, but unlike a similar command, this command does not depend on being used interactively and can be used in a script.
RSH (Remote Shell)

60. (p. 245) _______________ uses port 514 to copy files to and from a remote server without the need for FTP or NFS.
RCP

61. (p. 235) _______________ is an old UNIX program that uses port 513, works similarly to Telnet, but offers the extra benefit of allowing you to configure it to log in automatically.
Rlogin

62. (p. 246) _______________ is a major part of the Internet revolution, and is usually offered as a service by ISPs to their Internet customers.
e-mail

63. (p. 246) Two protocols that receive e-mail from SMTP servers are _______________ and _______________
POP3; IMAP4

64. (p. 246) _______________ is used to send e-mail messages via TCP port 25.
SMTP

65. (p. 247) Google's Gmail is a(n) _______________-based e-mail service that is an alternative to using a service based on SMTP and POP3 or IMAP4.
Web

66. (p. 248) A mail server maintains _______________, separate holding areas for each user's messages.
mailboxes

67. (p. 249) When you configure an e-mail client, you must provide the _______________ of your mail service's SMTP server, and that of the POP3 or IMAP4 server.
IP address

68. (p. 249) Part of configuring an e-mail client is to enter your mailbox's _______________ and _______________ so that the e-mail client can log on to the mail server.
user name; password.

69. (p. 249) While HTTP can be used to transfer files, _______________ is faster, more reliable, and more secure.
FTP

70. (p. 251) Incoming active FTP packets cannot pass through a(n) _______________.
NAT router

71. (p. 250) In order to access an FTP site, you need a(n) _______________.
FTP client

72. (p. 251) The two ways in which FTP transfers data are _______________ and _______________ FTP.
passive; active

Essay Questions
 

73. (p. 225-228) Write a definition of TCP/IP. 

The term TCP/IP, or TCP over IP, is a simplification of a set of basic protocols, along with the many dependent protocols and services. TCP, or Transport Control Protocol, is the main Transport layer protocol of the TCP/IP suite. Other protocols that work at this level include UDP, ICMP, and IGMP. IP, or Internet Protocol, is the main Network layer protocol. A variety of other protocols and services run at the Application layer, such as HTTP, DHCP, POP, SMTP, and more. They are supported by the Layer 2 and Layer 3 protocols. Note: Some experts place ICMP and IGMP at the Transport layer.

74. (p. 226) Describe a connection-oriented session, using a Web browser and Web server as the example. 

A user actually initiates a browsing session by opening a browser and pointing it at a site. The client sends a single SYN packet to the Web server. On receiving the packet, the server sends a single SYN, ACK to acknowledge the beginning of the session. The client responds with a single ACK packet, and requests a Web page. The server completes sending the Web page, sends an FIN packet, and the Client responds with an RST, ACK, which ends the session.

75. (p. 226) Describe a connectionless session between a DHCP client and a DHCP server. 

When a DHCP client sends out a request for an IP address, it does not at first know where and if there is a DHCP server. Therefore, it sends out a special broadcast over the subnet, using the UDP protocol. When a DHCP server sees the broadcast, it responds, the client accepts, and the server responds with the IP address and other IP configuration information.

76. (p. 227) Describe the types of programs that use ICMP. 

Programs that use ICMP only need to send a single packet, therefore used for such mundane purposes as disconnect messages, which we see as a "host unreachable" message. The ping program uses ICMP, sending a single ICMP packet, called an echo request, to the IP address specified as a parameter of the command. The target machine responds with an echo reply via ICMP.

77. (p. 229) Describe why and how a Web client uses ephemeral ports. 

A Web client uses ephemeral ports to help keep information from multiple sessions separate. For instance, if a client has multiple Web pages open, the use of ephemeral ports identifies which session the returning data belongs to. For instance, a request sent to a Web page used the destination port number 80, and the source port number was an automatically generated value between 49152 and 65535 (also known as dynamic or private ports). When the server responds, it uses the ephemeral port as the destination port, and the Web client knows which session to send it to.

78. (p. 230) Describe how the computers on each side of a session keep track of the status of the connection. 

Each computer on each side of a session stores information about the session in RAM. This information is called a socket or endpoint. We call the two ends of the same communication a socket pair or endpoints.

79. (p. 230) Describe how you would view the information concerning open sessions stored in RAM on a Windows computer. 

To view the session information on a Windows computer, I would first open a command prompt. Then I would enter the command netstat-n. This shows raw port numbers and IP addresses. The-a switch shows all used ports. If I wanted to also see the process IDs, I would use the command netstat-no.

80. (p. 238) Discuss a weakness of HTTP, and several technologies designed to compensate for its weakness 

HTTP is limited in its handling of Web pages in that it relays commands from a user without referencing previous commands from the same user. Technologies that compensate for this weakness include JavaScript/AJAX, server-side scripting, Adobe Flash, and cookies.

81. (p. 234) Describe the difference between a port with a status of TIME_WAIT and one with the status of CLOSE_WAIT. 

A port status of TIME_WAIT means that a connection to the other side has been lost, and the process is waiting a predefined amount of time before closing the connection. A port state of CLOSE_WAIT means that both sides of the connection see the session closing normally.

82. (p. 225-227) Compare TCP, UDP, and ICMP communications. 

TCP communications are connection-oriented, while UDP and ICMP connections are connectionless. While TCP connection-oriented sessions check for errors, neither UDP nor ICMP communications are designed to do any error-checking on their own. UDP and ICMP differ in that UDP communications can contain multiple packets, while an ICMP message is limited to a single packet.

83. (p. 252) Compare TFTP with FTP. 

TFTP and FTP are both file transfer protocols. FTP uses TCP as its transport protocol and includes some security, while TFTP uses UDP as its Transport layer protocol and has no form of data protection. Therefore, TFTP has never been appropriate for use over the Internet. Even FTP has been replaced by a more secure file transfer protocol.

84. (p. 227-228) Explain multicast communication, including the IP address range involved, as well as the protocol that makes this possible. 

Multicast communication involves one computer sending a packet to a group of computers that have been predefined using the IGMP protocol to determine group membership. The addresses used for multicast are Class D addresses with the network ID of 224/8.

85. (p. 230) Define registered ports, including the range of values, and how these ports are registered. 

Registered ports have values between 1024 and 49151. People or organizations wanting port numbers for TCP/IP applications can register their ports with the Internet Assigned Numbers Association (IANA).

86. (p. 234) What would you do if you ran the netstat command on your desktop computer and discovered port 80 was in use, but you did not have a Web server running on that computer? Why should you be concerned? 

An open port 80 on a computer indicates that a Web server is running. If I saw this, I would run the netstat command with the-ano switch to determine what process is using port 80. Then I would determine what program name is associated with that process (one way to do this is with Windows Task Manager), and then I would take steps to remove this program. I would be concerned about this because obviously a malicious program is running as a Web server on my computer, probably serving up my personal data to someone on the Internet.

87. (p. 246) What two port numbers does e-mail use, and why does e-mail need two separate port numbers? 

E-mail uses port 25 for outgoing mail and port 110 for incoming mail.

88. (p. 237) Briefly describe the difference between HTML and XML. 

HTML, or Hypertext Markup Language, is the basic formatting language for Web pages. XML, or eXtensible Markup Language, is also a markup language, but provides more flexibility in describing data, while being much stricter in its syntax.

89. (p. 238) HTML is commonly carried over which protocol? 

HTML is carried over HTTP, the protocol of the World Wide Web (WWW).

90. (p. 238) Define HTTP. 

HTTP, or Hypertext Transfer Protocol, is the underlying protocol of the Web. By default it runs on TCP port 80.

91. (p. 238) What is a possible downside of a "free" Web-hosting service? 

Nothing is truly free. Most free Web-hosting services make their money on ads that they add to your Web pages. The better ones have simple, honest ads, while some use annoying pop-up ads all over your Web pages.

92. (p. 239) When you set up a Web server, how can you protect your network against an overwhelming number of requests due to a particularly popular page, or resulting from a malicious attack? 

One way to protect your Web server from an overwhelming number of requests is to set a maximum connection limit on the Web server, something most Web server programs will include in their configuration options.

93. (p. 227) Is ping a connectionless or a connection-oriented program, and which layer and protocol does it use? 

Ping communications are connectionless, using the ICMP Internet layer protocol.

94. (p. 238-239) Briefly compare IIS and Apache web servers. 

Internet Information Services (IIS) is a Web server that only runs on the Microsoft Windows Server operating system platform, while Apache HTTP Server is a Web server that runs on many operating systems. Originally developed for the UNIX/Linux platform, Apache HTTP Server is also available for Windows Server. Over 50 percent of the Web servers on the Internet use Apache HTTP Server.

95. (p. 241) What three features must be part of a protocol that will make HTTP more secure? 

To provide secure communications appropriate for transferring sensitive data, a protocol must provide for authentication, encryption, and nonrepudiation.

96. (p. 241-242) What protocols are combined with HTTP to provide the security of HTTPS? Which protocol is the newer and more secure protocol? 

Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are the protocols that are added to HTTP to provide the more secure HTTPS. The newer and more secure TLS is replacing SSL.

97. (p. 242-243) Define Telnet, and explain why it was replaced and what replaced it. 

Telnet is a protocol that allows a computer to connect to another computer running Telnet server software. The user can then enter text commands as if the user were sitting at the remote computer. While Telnet requires a user name and password to access the Telnet server, it does not use any form of encryption, which makes it risky to use over a public network, so it is rarely used over the Internet; Secure Shell (SSH) has replaced Telnet for that purpose.

98. (p. 243) Describe a SSH server program for Windows systems. 

The SSH server program freeSSHd runs on Windows systems, and has a GUI interface.

99. (p. 245) What is required to configure an SSH client? 

Before you configure an SSH client, you must have permission to access the server, and you must know the host name or IP address, the user login name, and the password for accessing the server. Enter this information into the configuration for the SSH client.

100. (p. 246) Explain the differences between POP3 and IMAP4. 

Both POP3 and IMAP4 are protocols that receive e-mail from SMTP servers. While POP3 uses TCP port 110, IMAP4 uses TCP port 143. POP3 is more widely used by e-mail clients, but IMAP offers more features, such as the ability to search through messages while they are stored on the mail server, and the ability to select just which message you want to download onto your machine from a mail server. Further, IMAP4 supports the use of user-created folders on the IMAP4 server for organizing your e-mail.

101. (p. 247) Define the basic functions of an e-mail server. 

An e-mail server accepts incoming mail and sorts it out into individual storage areas called mailboxes—one for each e-mail user's messages.

102. (p. 251-252) Describe the difference between passive and active FTP. 

Passive and active are the two ways in which FTP can transfer data. FTP originally used the active process in which a client FTP request used port 21, and an FTP server response used port 20. This mode was a problem for clients behind a NAT router. Therefore they created a different mode, called passive FTP, which works well with NAT routers and is supported by all good FTP clients. With passive mode, the server sends packets back using the ephemeral source port used by the client as the destination port. The server uses another ephemeral port for the source port. You must configure the client for passive mode.