Chapter 2

1. List 5 end devices, 6 intermediate devices, and 3 forms of networking media.

 End devices: desktop computer, laptop computer, server, PDA, cellar mobile phone,
printer, security camera, IP phone, electronic point of sale device, automatic teller
machine
 Intermediate device: repeater, hub, wireless access point, switch, router, modem, and
firewall
 Networking media: copper cable, fiber cable, radio(wireless)
2. Compare and contrast the following terms: network, LAN, WAN, internetwork,
and the Internet.
 Network – a group of interconnected devices capable of carrying many different types
of communications, including traditional computer data, interactive voice, video, and
entertainment products.
 LAN – a local network or group of interconnected local networks that are under the
same administrative control. In the past, LANs were thought of only as small networks
that existed in a single physical location. While LANs can be as small as a single local
network installed in a home or small office, LANs now include interconnected local
networks consisting of many hundreds of hosts, installed in multiple buildings and
locations. All of the local networks within a LAN are under one administrative control
group that governs the security and access control policies that are in force on the
network
 WAN – Telecommunications service providers (TSP) operate large regional networks
spanning long distances. Individual organizations usually lease connections through a
telecommunications service provider network. These networks that connect LANs in
geographically separated locations are Wide Area Networks (WANs). Although the
organization maintains all of the policies and administration of the LANs at both ends of
the connection, the policies within the communications service provider network are
controlled by the TSP. WANs use specifically designed network devices to make the
interconnections between LANs.
 Internetwork - Al mesh of interconnected networks is used. Some of these
interconnected networks are owned by large public and private organizations, such as
government agencies or industrial enterprises, and are reserved for their exclusive use.
The most well-known and widely used publicly accessible internetwork is the Internet.
 Internet - The most well-known and widely used publicly accessible internetwork. The
Internet is created by the interconnection of networks belonging to Internet Service
Providers (ISPs). These ISP networks connect to each other to provide access for users
all over the world. Ensuring effective communication across this diverse infrastructure
requires the application of consistent and commonly recognized technologies and
protocols as well as the cooperation of many network administration agencies.
3. Compare and contrast the layers of the OSI model with the TCP/IP protocol
stack.
There are two basic types of networking models: protocol models and reference models.
A protocol model closely matches the structure of a particular protocol suite. The hierarchical
set of related protocols in a suite t represents all the functionality required to interface the
human network with the data network. The 4-layer TCP/IP model is a protocol model
because it describes the functions that occur at each layer of protocols within the TCP/IP
suite.

A reference model provides a common reference for maintaining consistency within all types
of network protocols and services. A reference model is not intended to be an
implementation specification or to provide a sufficient level of detail to define precisely the
services of the network architecture. The primary purpose of a reference model is to aid in
clearer understanding of the functions and process involved. The 7-layer Open Systems
Interconnection (OSI) model is the most widely known internetwork reference model. It is
used for data network design, operation specifications, and troubleshooting.

The protocols that make up the TCP/IP protocol suite can be described in terms of the OSI
reference model. In the OSI model, the Network Access layer and the Application layer of the
TCP/IP model are further divided to describe discreet functions that need to occur at these
layers.

At the Network Access Layer, the TCP/IP protocol suite does not specify which protocols to
use when transmitting over a physical medium; it only describes the handoff from the
Internet Layer to the physical network protocols. The OSI Layers 1 and 2 discuss the
necessary procedures to access the media and the physical means to send data over a
network.

The key parallels between the two network models occur at the OSI model Layers 3 and 4.
OSI Model Layer 3, the Network layer, almost universally is used to discuss and document the
range of processes that occur in all data networks to address and route messages through an
internetwork. The Internet Protocol (IP) is the TCP/IP suite protocol that includes the
functionality described at Layer 3.

Layer 4, the Transport layer of the OSI model, is often used to describe general services or
functions that manage individual conversations between source and destination hosts. These
functions include acknowledgement, error recovery, and sequencing. At this layer, the TCP/IP
protocols Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) provide the
necessary functionality.

The TCP/IP Application layer includes a number of protocols that provide specific
functionality to a variety of end user applications. The OSI model Layers 5, 6 and 7 are used
as references for application software developers and vendors to produce products that need
to access networks for communications.
4. Explain why networking models are used.
Although the TCP/IP and OSI models are the primary models used when discussing network
functionality, designers of network protocols, services, or devices can create their own
models to represent their products. Ultimately, designers are required to communicate to
the industry by relating their product or service to either the OSI model or the TCP/IP model,
or to both.

As a reference model, the OSI model provides an extensive list of functions and services that
can occur at each layer. It also describes the interaction of each layer with the layers directly
above and below it. Whereas TCP/IP model layers are referred to by name, the seven OSI
model layers are usually referred to by number.

There are benefits to using a layered model to describe network protocols and operations:
 Assists in protocol design, because protocols that operate at a specific layer have
defined information that they act upon and a defined interface to the layers above and
below
 Fosters competition because products from different vendors can work together
 Prevents technology or capability changes in one layer from affecting other layers above
and below
 Provides a common language to describe networking functions and capabilities
5. Elaborate on the following terms: protocols, PDUs, and encapsulation.
Protocol:
All communication, whether face-to-face or over a network, is governed by predetermined
rules called protocols. These protocols are specific to the characteristics of the conversation.
In our day-to-day personal communication, the rules we use to communicate over one
medium, like a telephone call, are not necessarily the same as the protocols for using
another medium, such as a sending a letter.
Successful communication between hosts on a network requires the interaction of many
different protocols. A group of interrelated protocols that are necessary to perform a
communication function is called a protocol suite. These protocols are implemented in
software and hardware that is on each host and network device.
PDU & Encapsulation:
As application data is passed down the protocol stack on its way to be transmitted across the
network media, various protocols add information to it at each level. This is commonly
known as the encapsulation process.
The form that a piece of data takes at any layer is called a Protocol Data Unit (PDU). During
encapsulation, each succeeding layer encapsulates the PDU that it receives from the layer
above in accordance with the protocol being used. At each stage of the process, a PDU has a
different name to reflect its new appearance. PDUs within the protocols of the TCP/IP suite
are:
 Data – The general term for the PDU used at the Application layer
 Segment – Transport Layer PDU
 Packet – Internetwork Layer PDU
 Frame – Network Access Layer PDU
6. Explain the postal metaphor for encapsulation.
Individual pages of a letter are written and numbered sequentially. Each page is sealed in a
separate envelope that is then addressed to the recipient. The letters are posted and put in a
mailbag (labeled with the destination) with many other envelops each containing a page of
different letters and addressed to recipients. Many mailbags are loaded into a van and
transported towards the destination. Along the way the mailbags may be transferred to
other vans or different modes of transport – trucks, trains, aircraft, ships. At the destination
the mailbags are unloaded and emptied. The envelopes are delivered to the destination
addresses. At one address all the envelopes received are opened, the page removed from
each one, and the pages re-assembled into the letter.

The envelope, and then the mailbag and the vans/trucks/aircraft, each do not care what is in
the "container" that they carry. The letter itself is not used to provide information to assist in
its delivery. The address on the envelope, the label on the mailbag or the delivery
instructions to the van driver is what directs the letter towards its destination.

Data encapsulation follows the same principle – it is the addresses used in each layer of
encapsulation that direct the data towards its destination not the data itself.
7. What are the unique roles of Layer 2, Layer 3, and Layer 4 addresses?
 Layer 4 address (ports) identify the individual applications sending or receiving data
 Layer 3 (logical) addresses identify devices and their networks.
 Layer 2 (physical) addresses identify devices on a local network.
Chapter 3
1. List the 7 step process for converting human communication to data
 The user inputs data using a hardware interface
 Software and hardware convert data to a digital format
 Application services initiate the data transfer
 OSI layers encapsulate data down the stack
 Encapsulated data travels across the media to the destination
 OSI layers at the destination decapsulate the data up the stack
 Data is ready to be processed by the end device
2. Describe the 2 forms of Application layer software and the purpose of each
Application software has two forms: applications and services.
Applications are designed to interact with us. Application is software for the user. If the
device is a computer, the application is typically initiated by the user. Although there may be
many layers of support underneath, application software provides an interface between humans
and the hardware. The application will initiate the data transfer process when the user presses
the Send button, or a similar action.
Services are background programs that perform a particular function in the data network.
Services are invoked by a device connecting to the network or by an application. For example, a
network service can provide functions that transmit data or provide conversion of data in a
network. In general, services are not directly accessible or seen by the end user. They provide the
connection between an application and the network.
3. Elaborate on the meaning of terms Server and Client in the context of data
network
The source end of data communication is referred to as the “server” and the receiving end is
called the “client.” The client and server processes are application layer services provide the
foundation for data network connectivity.
In some cases the "servers" and "clients" are devices that perform that role specifically and
exclusively. For example:
A central file server may contain an organization's business data files that employees access
using their client only workstations
Internet based examples include web servers and mail servers where many users access a
centrally provided service.
In other situations, such as file sharing over a home network, individual devices may perform
both server and client roles at different times.
Servers are both a repository and a source of information such as, text files, databases,
pictures, video, or audio files that have been previously recorded.
The role of the server may be to manage communications as it occurs. This is referred to as
"real-time" communication. Examples include a college student enrolment server where many
users may be accessing the same database at the same time but everyone requires the same up
to date information; or, a communications server setting up an IP telephone call where device
network addresses have to be matched with the dialed telephone number.
The server process maybe called the "server daemon" and typically run in the background
rather than under the direct control of an end user. These server processes make the data of the
communication available to the data network. Server processes are said to be "listening" for a
request from a client. When a server "hears" a request from a client, it exchanges appropriate
messages with client as required by the protocol being used and then sends the requested data.
Client processes at the other end of the communication across the data network allow the
user to make requests to obtain the data from a server. The client software typically uses a
program initiated by a user. The client in initiates communication data flow from the server by
sending requests for the data to the server. The server responds by starting to send one or more
streams of data to the client. In addition to the actual data transfer, this exchange may include
user authentication and identification of the data file to be transferred.
Although the data is typically considered as flowing from the server to the client, there is
always some flow from the client to the server. A data transfer from a client to a server is referred
to as upload and the data from a server is downloading.
Examples of common client/server services include:
DNS Domain Name Service)
FTP (File Transfer Service)
HTTP (Hypertext transport Protocol)
Telnet (Teletype Network Service)
It is through the application layer client services most users experience the data network,
hence the importance of understanding this area of networking.
4. Compare and contrast client/server with p2p data transfer over network
Client/server data transfer specifically refers to the centralized source end of data
communication as the server and the receiving end as the client.
With peer-to-peer data transfer both client and server services are used within the
same conversation. Either end of the communication can initiate the exchange or both
devices are considered equal in the communication process. The devices on either end of the
communication are called peers.
In contrast to a client/server model, where a server is typically a centralized repository
and responds to requests from many clients; peer-to-peer networking has distributed data.
Further once the communication is established the peers communicated directly - the data is
not processed at the Application layer by a third device on the network.
5. List 5 general function that Application layer protocols specify
Functions specified by Application layer protocols include:
 The processes that are to occur at either end of the communication: This includes
what has to happen to the data and how the Protocol Data Unit is to be structured.
The application layer PDU used in this course is called "data".
 The types of messages: these can include requests, acknowledgements, data
messages, status messages and error messages.
 The syntax of the message: this gives the expected order of information (fields) in a
message.
 The meaning of the fields within specific message types has to constant so the
services can correctly act in accordance with the information.
 The message dialogs: this determines which messages elicit which responses so the
correct services are invoked so the data transfer occurs.
6. Give the specific purposes of the DNS, HTTP, SMB, and SMTP/POP Application
layer protocols
All these protocols use a client/server process.
Domain Name System (DNS) provides users with an automated service that matches or resolves
resource names and email domains with the required numeric device network address. This
service is available to any user connected to the Internet and running an application layer
application such as a web browser or email client program.
Hypertext Transfer Protocol (HTTP) was originally developed to publish and retrieve Hypertext
Markup Language (HTML) pages and is now used for distributed, collaborative, hypermedia
information systems. HTTP is used by the World Wide Web (WWW) to transfer data from web
servers to web clients.
Server Message Block (SMB) describes the structure of sharing network resources, such as
directories, files, printers, and serial ports between computers.
Simple Mail Transport Protocol (SMTP) transfers outbound e-mails from the e-mail client to the
e-mail server and transports e-mail between e-mail servers and so enables-mail to be exchanged
over the Internet.
POP, or POP3 (Post Office Protocol version 3), delivers e-mail from the e-mail server to the
client.
7. Compare and contrast the messages that Application layer protocols such as
DNS, HTTP, SMB, and SMTP/POP exchange between devices to enable data
transfer to occur.
DNS includes standard queries, responses, and data formats. DNS protocol communications
are carried in a single format called a message. This message format is used for all types of
client queries and server responses, error messages and for the transfer of resource record
information between servers.
HTTP is a request/response protocol:
 A client application layer application, typically a web browser, sends a request
message to the server.
 The server responds with the appropriate message.
The protocol also includes messages to upload data to the server, as when completing
an online form.
SMB messages use a common format to:
 start, authenticate, and terminate sessions
 control file and printer access
 allow an application to send or receive messages to or from another device
SMTP specifies commands and replies that relate to session initiation, mail transaction,
forwarding mail, verifying mailbox names, expanding mailing lists and the opening and
closing exchanges.
POP is a typical client/server protocol with the server listening for client connections and the
client initiating the connection to the server. The server can then transfer the e-mail.
All above protocols use server/client request/response messages. Whereas users see the
applications that use HTTP (a web browser), SMB (file manager) and SMTP/POP (email client),
DNS operation underlies these applications and is truly transparent to the user.
Chapter 4
1. Where to Transport Layer processes occur?
Transport Layer processes occur between the Application Layer and Internet Layer of the
TCP/IP model and between the Session Layer and Network Layer of the OSI model.
2. What are the Transport Layer responsibilities?
 Keeping track of the individual conversation taking place between applications on the
source and destination hosts.
 Segmenting data and adding a header to identify and manage each segment.
 Using the header information to reassemble the segment back into application data.
 Passing the assembled data to the correct application.
3. What does segmentation provide to communications?
Segmentation of the data, in accordance with Transport Layer protocols, provides the means
to both send and receive data when running multiple applications concurrently on a
computer.
4. What are the primary functions specified by all Transport Layer protocols?
 Conversation Multiplexing-There may be many applications or services running on each
host in the network. Each of these applications or services is assigned an address known
as a port so that the Transport Layer can determine with which application or service
the data is identified.
 Segmentation and Reassembly-Most networks have a limitation on the amount of data
that can be included in a single PDU. The Transport Layer divides application data into
blocks of data that are an appropriate size. At the destination, the Transport Layer
reassembles the data before sending it to the destination application or service.
 Error Checking-Basic error checking can be performed on the data in the segment to
determine if the data was changed during transmission.
5. In network terms what is reliability?
Reliability means ensuring that each segment that the source sends arrive at the destination.
6. List 3 applications that use TCP.
 Web Browsing
 E-mail
 File Transfers
7. List 3 applications that use UCP
 Domain Name Resolution
 Video Streaming
 Voice over IP (VoIP)
8. What are the different types of port numbers?
Well Known Ports (Numbers 0 to 1023)—these numbers are reserved for services and
applications. They are commonly used for applications such as HTTP (web server)
POP3/SMTP (e-mail server) and Telnet. By defining these well-known ports for server
applications, client applications can be programmed to request a connection to that specific
port and its associated service.
Registered Ports (Numbers 1024 to 49151)—these port numbers are assigned to user
 processes or applications. These are primarily individual applications that a user has chosen
to install rather than common, universal applications that would receive a Well Known Port.
Dynamic or Private Ports (Numbers 49152 to 65535)—Also known as Ephemeral Ports,
these are usually assigned dynamically to client applications when initiating a connection. It
is not very common for a client to connect to a service using a Dynamic or Private Port
(although some peer-to-peer file sharing programs do).
9. What is contained in the header of each segment of datagram?
The source and destination port number.
10. What is the purpose of a sequence number?
Allows the Transport Layer functions on the destination host to reassemble segments in the
order in which they were transmitted.
11. What is one way to improve security on a server?
Restrict server access to only those ports associated with the services and applications that
should be accessible to authorize requestors.
12. Describe the TCP three way handshakes.
 Establish that destination device is present on the network.
 Verifies that the destination device has an active service and is accepting requests on
the destination port number the initiating client intends to use for the session.
 Inform the destination device that the source client intends to establish a
communication session on that port number.
13. What are TCP sequence numbers used for?
For the original message to be understood by the recipient, the data in these segments is
reassembled into the original order.
14. Explain an expectation acknowledgement.
TCP uses the acknowledgement number in segments sent back to the source to indicate the
next byte in this session that the receiver expects to receive.
15. After a predetermined amount of time what does TCP do when it hasn’t
received an acknowledgement?
It will go back to the last acknowledgement number that it received and retransmit data from
that point forward.
16. The amount of data that can be transmitted before a TCP acknowledgement
must be received is referred to as:
The window size.
17. List key Application Layer protocols that use UDP.
 Domain Name System (DNS)
 Simple Network Management Protocol (SNMP)
 Dynamic Host Configuration Protocol (DHCP)
 Routing Information Protocol (RIP)
 Trivial File Transfer Protocol (TFTP)
 Online games
Chapter 5
1. What does the Network layer to do a Transport layer PDU so that it can be
communicated from host to another?
The Network layer protocol encapsulates, or packages, the Transport layer segment or
datagram so that the network can deliver it to the destination host. The IPv4 encapsulation
remains in place from the time the packet leaves the Network layer of the originating host
until it arrives at the Network layer of the destination host. The routing performed by
intermediary devices only considers the contents of the packet header that encapsulates the
segment. In all cases, the data portion of the packet--that is, the encapsulated Transport
layer PDU--remains unchanged during the Network layer processes.
2. State the purpose of the Time-to-Live field in the IPv4 packet header.
The Time-to-Live (TTL) field is an 8-bit binary value that indicates the remaining “life” of the
packet. The TTL value is decreased by at least one each time the packet is processed by a
router (that is, each hop). When the value becomes zero, the router discards or drops the
packet and it is removed from the network data flow. This mechanism prevents packets that
cannot reach destination from being forwarded indefinitely between routers in a routing
loop. If routing loops were permitted to continue, the network would become congested
with data packets that will never reach their destination. Decrementing the TTL value at each
hop ensures that it eventually becomes zero and that the packet with the expired TTL field
will be dropped.
3. List three reasons for dividing network into smaller groups of hosts.
 Geographic location
 Purpose
 Ownership
4. What are three basic characteristics of IPv4?
 Connectionless – No connection is established before sending data packets.
 Best Effort (unreliable) – No overhead is used to guarantee packet delivery.
 Media independent – Operates independently of the medium carrying the data.
5. Describe the packet header field used by the router to determine where to
forward a packet.
The IPv4 Destination Address field contains the Layer 3 address of the destination host. The
router uses the network portion of this address to determine where to forward the packet.
6. What is the purpose of configuring a host with the address of the default
gateway?
The gateway, also known as the default gateway, is needed to send a packet out of the local
network. If the network portion of the destination address of the packet is different from the
network of the originating host, the packet has to be routed outside the original network. To
do this, the packet is sent to the gateway. This gateway is a router interface connected to the
local network. The gateway interface has a Network layer address that matches the network
address of the hosts. The hosts are configured to recognize that address as the gateway.
7. What two types of networks are shown in the routing table?
 Directly connected networks
 Remote networks
The routing table stores information about connected and remote networks. Connected
networks are directly attached to one of the router interfaces. These interfaces are the
gateways for the hosts on different local networks. Remote networks are networks that are
not directly connected to the router. Routes to these networks canbe manually configured on
the router by the network administrator or learned automatically using dynamic routing
protocols.
8. Describe the three features of a route listed in a routing table.
 Destination network
 Next–hop
 Metric
The router matches the destination address in the packet header with the destination
network of a route in the routing table and forwards the packet to the next–hop router
specified by that route. If there are two or more possible routes to the same destination, the
metric is used to decide the next hop.
9. If the destination network for a packet is not on the router’s routing table, what
are the two possible outcomes?
The packet is dropped or the packet may be forwarded to the default route if one is
configured.
10. List the three possible actions a router can perform to a packet.
Packet forwarding or routing is done packet–by–packet and hop–ye–hop. Each packet is
treated independently in each router along the path. At each hop, the router examines the
destination IP address for each packet and then checks the routing table for forwarding
information.

The router will do one of three things with the packet:

 Forward it to the next–hop router
 Forward it to the destination host
 Drop it
Chapter 6
1. What defines a network in terms of an IPv4 address?
For each IPv4 address, some portion of the high-order its represents the network address. At
Layer 3, we define a network as a group of hosts that have identical bit patterns in the
network address portion of their addresses.
2. Name and state the purpose of the three types of the IPv4 addresses.
 Network address—The address by which we refer to the network
 Broadcast address—A special address used to send data to all hosts In the network
 Host addresses—The addresses assigned to the end devices in the network
3. What distinguishes each of the three types of IPv4 addresses?
Within the IPv4 address range of a network, the lowest address is reserved for the network
address. This address has a 0 for each host bit in the host portion of the address. Host
address—host bits are a unique mix of ones and zeroes within a network. The broadcast
address uses the highest address in the network range. This is the address in which the bits in
the host portion are all 1s. For the network 10.0.0.0 with 24 network bits, the broadcast
address would be 10.0.0.255. This address is also referred to as the directed broadcast.
4. List the three forms of IPv4 communication
 Unicast—the process of sending a packet from one host to an individual host
 Broadcast—the process of sending a packet from one host to all hosts in the network
 Multicast—the process of sending a packet from one host to a selected group of hosts
5. List the purpose of having specified ranges of IPv4 addresses for public and
private use.
Specified private addresses allows network administrators to all allocate addresses to those
hosts they know never need to access the public internet.
6. Where are reserved and special IPv4 addresses used?
Multicast Addresses – reserved for special purposes is the IPv4 multicast address range
224.0.0.0 to 239.255.255.255.
The private address blocks are:
10.0.0.0 to 10.255.255.255 (10.0.0.0 /8)
172.16.0.0 to 172.31.255.255 (172.16.0.0 /12)
192.168.0.0 to 192.168.255.255 (192.168.0.0 /16)
Private space address blocks, as shown in the figure, are set aside for use in private networks.
The use of these addresses need not be unique among outside networks. Hosts that do not
require access to the Internet at large may make unrestricted use of private addresses. Many
hosts in different networks may use the same private space addresses. Packets using these
addresses as the source or destination should not appear on the public Internet. The router
or firewall device at the perimeter of these private networks must block or translate these
addresses.
Default Route:
The IPv4 default route as 0.0.0.0.The use of this address also reserves all addresses in the
0.0.0.0 – 0.255.255.255 (0.0.0.0 /8) address block.
Loopback:
 One reserved address is the IPv4 loopback address 127.0.0.1 - addresses 127.0.0.0 to
127.255.255.255 are reserved for loopback where hosts direct traffic to themselves.
Link-Local Link Addresses:
IPv4 addresses in the address block 169.254.0.0 to 169.254.255.255 (169.254.0.0 /16) are
designated as link-local addresses. These addresses can be automatically assigned to the
local host by the operating system in environments where no IP configuration is available.
These might be used in a small peer-to-peer network or for a host that could not
automatically obtain an address from a Dynamic Host Configuration Protocol (DHCP) server.
TEST-NET Addresses:
The address block 192.0.2.0 to 192.0.2.255 (192.0.2.0 /24) is set aside for teaching and
learning purposes. These addresses can be used in documentation and network examples.
Unlike the experimental addresses, network devices will accept these addresses in their
configurations.
7. List three reasons for planning and documenting Ipv4 addresses.
 Preventing duplication of addresses
 Providing and controlling access
 Monitoring security and performance
8. Give examples where network administrators statically and dynamically
assigned IPv4 addresses.
Static assigned addresses—servers, printers, LAN gateway address on routers, management
addresses on network devices such as switches and wireless access points.
Dynamically assigned addresses—large numbers of general purpose computers and end
devices such as IP phones.
9. List the features of IPv6 that distinguish it from IPv4.
IPv6 has these features compared to IPv4:
 Improved packet handling
 Increased scalability and longevity
 QOS mechanisms
 Integrated security
To provide these features, IPv6 offers:
 128-bit hierarchical addressing–to expand addressing capabilities
 Header format simplification–to improve packet handling
 Improved support for extensions and options–for increased scalability/longevity and
improved packet handling
 Flow labeling capability–as QOS mechanisms
 Authentication and privacy capabilities–to integrate security
10. State the purpose of the subnet mask in IPv4 addressing.
Network devices use the subnet mask to determine the network or subnet address of an IP
address the device is processing.
11. List factors that should be considered when planning an IPv4 addressing
scheme.
 Grouping based on common geographic location
 Grouping hosts used for specific purposes
 Grouping based on ownership
12. State three possible levels at which to use the ping utility to test and verify a
host’s network connectivity.
 Ping 127.0.0.1 Loop back test
 Ping the host’s gateway address or another host on the same network
 Ping a host on a remote network
13. When would using a trace route utility be more useful than ping?
When a remote address cannot be accessed and ping fails. Using trace route would show
how many hops towards the destination that the source host could successfully reach. This
may then help in determining where the network is failing or where security restrictions are.
14. List the reasons why ICMPv4 is an important protocol to have operating with
IPv4.
IPv4 is an unreliable best-effort protocol. ICMPv4 provides a means for network problems
such as dropped packets or congestion to be reported back to the source network or host.
Messages include:
 Host conformation
 Unreachable Destination or Service
 Time exceeded
 Route redirection
 Source quench
Note: ICMP does not make IP reliable.
Chapter 7
1. How does the Data Link layer prepare packets for transmission?
The Data Link layer prepares a packet for transport across the local media by encapsulating it
with a header and a trailer to create a frame.
2. Describe four general Data Link layer media access methods. Suggest data
communications environments in which these access methods may be
appropriately implemented.
MAC methods for shared media:
 Controlled — Each node has its own time to use the medium-a ring topology
 Contention-based — All nodes compete for the use of the medium – a bus topology
MAC methods for point-to-point connections:
 Half-duplex — a node can only transmit or receive at one time-long distance
 Full-duplex — a node can both transmit and receive at the same time-long distance
high bandwidth link
3. Compare and contrast the logical point-to-point and logical multi-access
topologies.
A logical point-to-point topology connects two nodes directly together. In data networks with
point-to-point topologies, the media access control protocol can be very simple. All frames
on the media can only travel to or from the two nodes. The frames are placed on the media
by the node at one end and taken off the media by the node at the other end. In
point-to-point networks, if data can only flow in one direction at a time, it is operating as a
half-duplex link. If data can successfully flow across the link from each node simultaneously,
it is a full-duplex service.
A logical multi-access topology enables a number of nodes to communicate by using the
same shared media. Data from only one node can be placed on the medium at any one time.
Every node sees all the frames that are on the medium, but only the node to which the frame
is addressed processes the contents of the frame. Having many nodes share access to the
medium requires a Data Link media access control method to regulate the transmission of
data and thereby reduce collisions between different signals.
4. Describe the features of a logical ring topology.
In a logical ring topology, each node in turn receives a frame. If the frame is not addressed to
a node, the node passes the frame to the next node. This allows a ring to use a controlled
media access control technique called token passing.
The media usually carries only one frame at a time. If there is no data being transmitted, a
signal (known as a token) may be placed on the media and a node can only place a data
frame on the media when it has the token.
5. Name five Layer 2 protocols.
 Point-to-Point protocol (PPP)
 Ethernet
 High-Level Data Link Control (HDLC)
 Frame Relay
 Asynchronous Transfer Mode (ATM)
6. How do Data Link layer addresses differ from Network layer addresses?
Unlike Layer 3 logical addresses that are hierarchical, physical addresses do not indicate on
what network the device is located. If the device is moved to another network or subnet, it
will still function with the same Layer 2 physical address.
Because the frame is only used to transport data between nodes across the local media, the
Data Link layer address is only used for local delivery. Addresses at this layer have no
meaning beyond the local network. Compare this to Layer 3, where addresses in the packet
header are carried from source host to destination host regardless of the number of network
hops along the route.
7. What are the possible header field types in Data Link frames?
 Start Frame field—Indicates the beginning of the frame
 Source and Destination address fields—Indicates the source and destination nodes on
the media.
 Priority/Quality of Service field—Indicates a particular type of communication service
for processing.
 Type field—Indicates the upper layer service contained in the frame
 Logical connection control field—Used to establish a logical connection between nodes
 Physical link control field—Used to establish the media link
 Flow control field—Used to start and stop traffic over the media
 Congestion control field—Indicates congestion in the media
8. Give the purpose of the Frame Check Sequence field in a Data Link frame trailer.
The media is a potentially unsafe environment for data. The signals on the media could be
subject to interference, distortion, or loss would substantially change the bit values that
those signals represent. To ensure that the content of the received frame at the destination
matches that of the frame that left the source node, a transmitting node creates a logical
summary of the contents of the frame. This is known as the Frame Check Sequence (FCS) and
is placed in the trailer to represent the contents of the frame. When the frame arrives at the
destination node, the receiving node compares the two FCS values. If the two values are the
same, the frame is considered to have arrived as transmitted. If the FCS values differ, the
frame is discarded. There is always the small possibility that a frame with a good FCS result is
actually corrupt. Errors in bits may cancel each other out when the FCS is calculated. Upper
layer protocols would then be required to detect and correct this data loss.

Chapter 8
1. Name two ways in which bits are encodes as voltages. How do they differ?
 NRZ (Non-Return to Zero) encoding, a “0” may be represented by one voltage level on
the media during the bit time and a “1” might be represented by a different voltage on
the media during the bit time.
 Manchester Encoding uses transitions, or the absence of transitions, to indicate a logic
level. For example, a “0” is indicated by a high to low transition in the middle of the bit
time. For a “1” there is a low to high transition in the middle of the bit time.
2. Why may bits be encoded as symbols before transmission?
One encoding technique is the use of symbols. The Physical layer may use a set of encoded
symbols to represent encoded data or control information called code groups. A code-group
is a consecutive sequence of code-bits interpreted and mapped as data bit patterns. For
example, code bits 10101 may represent the data bits 0011.

While code groups introduce overhead in the form of extra bits to transmit, they improve the
robustness of a communications link. This is particularly true for higher speed data
transmission.

By transmitting symbols, the error detection capabilities and timing synchronization between
transmitting and receiving devices are enhanced. These are important considerations in
supporting high-speed transmission over the media.

Some of these advantages are:

 Reduced bit level error
 Limiting the effective energy transmitted into the media
 Help distinguish data bits from control bits
 Better media error detection
3. What safety issues must be considered when using copper cabling?
Electrical hazards
Copper wires may conduct electricity in undesirable ways. This may subject personnel and
equipment to a range of electrical hazards. A defective network device may conduct currents
to the chassis of other network device. Additionally, network cabling could present
undesirable voltage levels when used to connect devices that have power sources with
different ground potentials. Also copper cabling may conduct voltages caused by lightning
strikes to network devices. The result of undesirable voltages and currents can include
damage to network devices and connected computers, or injury to personnel.

Fire hazards
Cable insulation and sheaths may be flammable or produce toxic fumes when heated or
burned. Building authorities or organizations may also stipulate related safety standards for
cabling and hardware installations.
4. In what situations is fiber optic cabling preferred over copper cabling?
Given that the glass fibers used in fiber optic media are not electrical conductors, the media
is immune to electromagnetic interference and will not conduct unwanted electrical currents
due to grounding issues. Because optical fibers are thin and have relatively low signal loss,
they can be operated at much greater lengths than copper media, without the need for
signal regeneration.
5. Name several copper and fiber optic connector types.
Copper: RJ-45, RJ-11
Fiber: Straight-Tip (ST), Subscriber Connector (SC), Lucent Connector (LC)
Chapter 9
1. Name the two Data Link sub layers and list their purposes.
Logical Link Control (LLC)
Handles the communication between the upper layers and the lower layers, typically
hardware. Implemented in software and is independent of the physical equipment; can be
considered as the NIC driver software in a PC. Provides sub addressing to identify the
network protocol that uses the link layer service. Destination Service Access Point (DSAP) and
the Source Service Access Point (SSAP): identifies a protocol, or set of protocols, in the next
higher OSI layer, the Network layer.
Media Access Control (MAC)
Ethernet MAC sub layer has the following responsibilities: Data Encapsulation: Fame
assembly before transmission, and frame parsing/error detection during and after reception.
Media Access Control: Controls frames on and off the media, including initiation of frame
transmission and recovery from transmission failure. Addressing: Provides physical address
(MAC address) that enables frames to be delivered to destination hosts. Media Access
Control is implemented by hardware, typically in the host NIC or equivalent.
2. Describe some of the limiting features of Legacy Ethernet technologies.
 Low bandwidth
 Half-duplex
 Coaxial cable, especially Thicknet—Difficult to install; required large radius corners
 Physical bus—termination issues
 Bayonnet/vampire type connectors—difficult to install and were a source of problems
3. List the field and purposes of the fields of an Ethernet frame.
Preamble and Start Frame Delimiter:
The Preamble and SFD are used for synchronization.
Destination MAC Address:
The Destination MAC Address (6 bytes in length) is the identifier for the intended recipient.
Source MAC Address:
The Source MAC Address (6 bytes in length) identifies the frame originating NIC or interface.
Length/Type:
The Length (2 bytes in length) field defines the exact length of the frame's data field. The
Type field describes which protocol is listed inside the frame.
Data and Pad:
The Data and Pad (46 – 1500 bytes in length) field contains the data from a higher layer,
which is a generic L3PDU or more usually an IP packet if using TCP/IP. The Pad is required to
pad out the frame to the minimum size if a very small packet is encapsulated.
Frame Check Sequence (FCS):
The FCS (4 bytes in length) field is used to detect errors in a frame. It uses a cyclic
redundancy check (CRC), which begins with the sending station, and includes the results of
that CRC in the FCS field. The receiving station receives the frame and runs the exact same
CRC to check for errors. If the calculations match, then there was no error; otherwise the
frame is dropped.
4. Describe the structure of an Ethernet MAC address.
Ethernet MAC address is a 48-bit binary value expressed as 12 hexadecimal digits. The first
24 bits (3 bytes) are the Organizationally Unique Identifier (OUI). The second 24 bits (3 bytes)
identify the device and must unique for a particular OUI value.
5. Why are Layer 2 MAC addresses necessary?
Ethernet MAC address is used to transport the frame across the local media. A particular
MAC address has no meaning or use outside the local segment. It is unique; it is
non-hierarchal and associated with a particular device regardless of its location or to which
network it is connected. In contrast, Layer 3 addresses are used end-to end across network.
6. Describe how Ethernet implements unicast, multicast, and broadcast
communications.
Unicast:
A unicast MAC address is the unique address used when a message is sent from one
transmitting device to one destination device. All hosts examine the frame, but if it is not
addressed to them, the frame is dropped. Only the host whose MAC address matches the
frame destination address accepts the frame and processes the message through the upper
layers.
Multicast:
Multicast MAC addresses are a group of common MAC addresses that all devices have, to
enable delivery of frames carrying multicast packets, such as streaming audio or video. For IP
multicasting, the Ethernet multicast MAC addresses begin with 0100.5E or 0100.5F. Frames
with a destination address in this range will be delivered to those devices on the LAN whose
upper layers have established a multicast session.
Broadcast:
The Ethernet broadcast MAC address is FFFF.FFFF.FFFF. Frames with this destination address
are delivered to and processed by all of the devices on that LAN subnet.
7. Use examples to describe the CSMA/CD process.
Carrier Sense
All network devices that have messages to send must listen before transmitting. If a signal
from another device is detected, the device sits back and waits a random amount of time
before trying again. When no traffic is detected, the device transmits its message.
Multiple Accesses
If the latency of one device's signals means that they are not detected by a second device,
the second device may then start to transmit, too. The two messages will propagate across
the media until they encounter each other. The jumble of remaining signals continues to
propagate across the media.
Collision Detection
All devices detect the increase in the amplitude of the signal above the normal level that a
collision produces. Once detected, every device transmitting will continue to transmit to
ensure that all devices on the network detect the collision.
Jam Signal
Further, once the collision is detected, all devices send out a jamming signal.
Random Backoff
This jamming signal invokes the backoff algorithm, which causes all devices to then stop
 transmitting for a random amount of time. This allows for the collision signals to subside
from the medium. After the delay has expired, all devices go back into the listen before
transmit mode. The random back offtime means that a third device may transmit before
either of the two involved in the original collision.
8. Describe an Ethernet collision domain.
The group of connected devices that can cause collisions to occur with each other is known
as a collision domain. Collision domains occur at Layer 1 of the networking reference model.

Hubs and repeaters are intermediary devices at Layer 1 that extend the distance that
Ethernet cables can reach. Hubs (also known as multi-port repeaters) enable more devices to
connect to the shared media. Both types of devices have the effect of increasing the size of
the collision domain. Providing network access for more users with hubs reduces the
performance for each because the fixed capacity of the media has to be shared among more
and more devices.
9. Compare the specifications of early Ethernet technologies to current versions.
Bandwidth:
10 Mbps to 100Mbps compared to 1000Mbps to 10,000Mbps
Distance:
 Copper media—500 meters to 200 meters to 100 meters (Lower cost and higher
bandwidth outweighed shorter distance)
 Fiber media—400 meters to 10 kilometers
Media:
 Coaxial cable to Unshielded Twisted-Pair to Optic Fiber
 Multiple-hosts per segment (shared media) to single hosts per segment
 Half-duplex to Full-duplex
Cost:Cost per Mbps per meter has fallen
10. State the benefits of moving from a hub-based to a switched local network.
Scalability:
 Hubs share limited bandwidth among users.
 Switches provide the full available bandwidth to each host.
Latency:
 Latency is the amount of time that a packet takes to get to the destination.
 More nodes on a segment increase latency as each waits to transmit.
 Hubs regenerate frames, which also add delay.
 Switches also buffer frames, but with only one host on each segment, there is no delay
when each host wants to transmit.
Network Failure:
 Incompatible speeds, e.g., 100 Mbps device connected to a 10 Mbps hub.
 Switches can be configured to manage different segment speeds.
Collisions:
 Hubs increase the size of the collision domain. Using hubs (Layer 1 devices) to increase
the number of nodes on the same segment can increase the number of collisions.
 Switches divide collision domains at Layer 2, reducing, if not eliminating, collisions to
each segment.
11. List and describe the stages of operation of an Ethernet switch.
Learning
When a frame of data is received from a node, the switch reads the source MAC address and
saves the address to the lookup table against the incoming interface. The switch now knows
out which interface to forward frames with this address.
Flooding
When the switch does not have a destination MAC address in its lookup table, it sends
(floods) the frame out all interfaces except the one on which the frame arrived.
Forwarding
When the switch has the destination MAC address in its lookup table and the interface
mapped to the MAC address is not the interface it received the frame on, it sends (forwards)
the frame out that interface.
Filtering
When the switch has the destination MAC address in its lookup table and the interface
mapped to the MAC address is the interface it received the frame on, it drops the frame.
(Other interfaces/segments are spared unnecessary and potentially collision-causing traffic.)
Aging
Each MAC-IP address entry on a lookup table has a timestamp that is reset each time the
entry is referred to. If the timer expires, the entry is purged from the table. This reduces the
number of entries to look up and frees up memory.
12. Describe the forwarding of a frame through a switch.
Ethernet switches selectively forward individual frames from a receiving port to the port
where the destination node is connected. A switch will buffer an incoming frame and then
forward it to the proper port when that port is idle.

This process is referred to as store and forward. With store and forward switching, the switch
receives the entire frame, checks the FSC for errors, and forwards the frame to the
appropriate port for the destination node. Because the nodes do not have to wait for the
media to be idle. The nodes can send and receive at full media speed without losses due to
collisions or the overhead associated with managing collisions.
13. When and why does a network host need to broadcast an ARP request?
When a host has a packet to send to a known IP address but does not know the destination
MAC address to use the frame, it sends an ARP broadcast to all hosts on the network
requesting that the host with the known IP address reply with its MAC address. This enables
the originating host to store and use the IP and MAC address pair.
14. What is the purpose of Proxy ARP process?
To enable the requesting host to map the IP address of a destination in a non-local network
with the MAC address of the gateway (local network router interface). This enables the frame
to be sent to the router, which will forward on the packet.
15. Explain why entries in a network host’s ARP cache are cleared if not used for a
period of time.
Unlimited ARP cache hold times could cause errors when devices leave the network or
change Layer 3 address, and over time could fill the available cache memory.
Chapter 10
1. List the five factors to consider when selecting the type of physical media to
deploy in LAN.
 Cable length—Does the cable need to span across a room o from building to building?
 Cost—Does the budget allow for using a more expensive media type?
 Bandwidth—Does the technology used with the media provide adequate bandwidth?
 Ease of installation—Does the implementation team have the ability to install the cable
or is a vendor required?
 Susceptible to EMI/RFI—is the environment we are installing the cable going to
interfere with the signal?
2. List where a straight-through UTP cable would be used in connecting network
devices.
 Switch to router
 PC to Switch
 PC to Hub
3. List where a crossover UTP cable would be used in connecting network devices.
 Switch to switch
 Switch to hub
 Hub to hub
 Router to router
 PC to PC
 PC to router
4. Describe the purposes of and differences between DCE and DTE WAN serial
cables.
Data Communication Equipment(DCE) —a device that supplies the clocking to another
device. Typically a device at the WAN access provider end of the link.

Data Terminal Equipment(DTE) —A device that receives clocking from another device and
adjusts accordingly. Typically this device is at the WAN customer or user end of the link.

In a lab environment, generally connect two routers with a serial cable providing a
point-to-point WAN link. In this case, decide which router is going to be the one in control of
the clocking. Cisco routers are DTE devices by default but can be configured to act as DCE
devices.
5. List criteria that should be considered when selecting a switch for a LAN.
 Cost
 Cable/Wireless
 Speed
 Ports
 Expandability
 Manageability
 Features
6. Give examples of the different types of hosts and network devices that require
IP addresses.
End devices requiring IP addresses include:
 User Computers
 Administrator Computers
 Servers
 Other end devices such as printers, IP phones, and IP cameras
Network devices requiring IP addresses include:
 Router LAN gateway interfaces
 Router WAN (serial) interfaces
Network devices requiring IP addresses for management:
 Switches
 Wireless Access Points
7. List three reasons for sub netting a network.
Manage Broadcast Traffic
Broadcasts are controlled because one large broadcast domain is divided into a number of
smaller domains. This means that every host in the system does not receive every broadcast.
Similar Network Requirements
If different groups of users require specific network and computing facilities or features, it is
easier to manage these requirements if those users are all together on one subnet.
Security
Network security features can be implemented based on network addresses. This enables
control and management of access to different network and data services.
8. Describe five attributes of an effective network addressing scheme.
 Scalability—Supports growth as more devices are attached to the network
 Reliability—Handles messages across short or long distances.
 Flexibility—Allows for future technologies.
 Dynamic—Adjusts to changes on the network
 Availability—Provides communications anytime and anywhere.
9. List four types of interfaces found on Cisco routers and switches, and give the
function of each.
Ethernet Interfaces— This interface is used for connection of the LAN devices, which include
computers and switches. This interface can also be used to connect routers together.
Serial Interfaces—This interface is used for connection of the WAN devices to the CSU/DSU.
Clock rate and addressing are assigned to these interfaces.
Console Interface—This is the primary interface for gaining initial access to and configuration
of a Cisco router or switch and is the primary means of troubleshooting. It is important to
note that through physical access to the router's console interface, an unauthorized person
can interrupt or compromise network traffic. Physical security is extremely important!
Auxiliary (AUX) Interface—This interface is used for remote, out-of-band management of the
router. Typically a modem is connected to the AUX interface for dial-in access. From a
security standpoint, having the ability to remotely dial in to a network device also requires
vigilant management.
Chapter 11
1. List the network services provided by the Cisco IOS.
 Basic routing and switching functions.
 Reliable and secure access to networked resources
 Network scalability
2. Describe three methods of accessing a Cisco device for CLI management and
configuration.
 Console
 Telnet or SSH
 AUX port
3. Compare the function and use of the running-configuration and
startup-configuration files.
 The running configuration—used during the current operation of the device
 The startup configuration—stored in NVRAV and loaded to provide the device
configuration when the device is started or restarted
4. Distinguish the features of the Cisco IOS user EXEC mode and privileged EXEC
mode.
User Executive Mode
 The user executive mode, or user EXEC for short, has limited capabilities but is useful for
some basic operations. The user EXEC mode is at the top of the modal hierarchical
structure. This mode is the first entrance into the CLI of an IOS router.
 The user EXEC mode allows only a limited number of basic monitoring commands. This
is often referred to as view-only mode. The user EXEC level does not allow the execution
of any commands that might change the configuration of the device.
 The user EXEC mode can be identified by the prompt ending with the > symbol.
 Switch>
Privileged EXEC Mode
 The execution of configuration and management commands requires that the network
administrator use the privileged EXEC mode or a specific mode further down the
hierarchy.
 The privileged EXEC mode can be identified by the prompt ending with the # symbol.
 Switch#
5. Give the difference between entering a “?” and “?” directly after a partial
command at the appropriate prompt. For example. “cl?” and “clock ?”
When using the ? without a space, as with “cl?”, a display of all available commands that
begin with the characters “cl” will be listed

When using the “?” with a space, as with “clock ?” a display of all available sub-commands
that begin with the characters will be listed.
6. What mode does a prompt of Router# denote? How is this mode invoked?
The prompt displayed shows privileged EXEC mode. It is invoked from the user EXEC mode
by using the enable command.
7. State the purpose and difference of the configuration commands service
password-encryption and enable secret class.
The service password-encryption command applies weak encryption to all uncrypted
passwords. This encryption does not apply to passwords as they are sent over media. The
purpose of this command is to keep unauthorized individuals from viewing passwords in the
configuration file.
The enable secret command provides security to privileged EXEC mode by encrypting the
password.
8. Why are delimiting characters required when setting a message of the day
banner?
The banner motd command requires use of delimiters to identify the content of the banner
massage.
9. What information should be in a message of the day log in banner on a Cisco
device?
The exact content or wording of a banner depends on the local laws and corporate polices.
 “Use of the device is specifically for authorized personnel”
 “Activity may be monitored”
 “Legal action will be pursued for any unauthorized use”
10. Give three methods of saving or backing up the active configuration of a Cisco
device.
Configuration files can be stored on a Trivial File Transfer Protocol (TFTP) server, a CD, a USB
memory stick, or floppy disk stored in a safe place. A configuration file should also be
included in the network documentation.
11. What is the purpose of the no shutdown command when configuring interfaces
on a router?
By default, interfaces are disabled. To enable an interface, enter the no shutdown command
from the interface configuration mode.
12. What information should be included in an interface description on a Cisco
router?
As the hostname helps to identify the device on a network, an interface description indicates
the purpose of the interface. A description of what an interface does or where it is connected
should be part of the configuration of each interface. This description can be useful for
troubleshooting.
13. List the steps to follow to verify that a host can successfully connect to and
access a network.
 Test the stack
 Test the NIC
 Test another local host
 Test the gateway
 Test access to a remote host
14. What is the purpose of capturing the results of network tests such as ping, trace
and ARP?
It is used to create a record of network traffic for troubleshooting and network performance
analysis.