2101 Ch09:  ARP Basics and Functionality
25 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What must occur again after an entry has been removed from the ARP table?

  • Send an ARP reply
  • Initiate a TCP handshake
  • Send an ARP request (correct)
  • Establish a UDP connection
  • What is a potential security risk associated with the ARP process?

  • UDP flooding
  • IP hijacking
  • ARP spoofing (correct)
  • DNS poisoning
  • Which ICMPv6 message is used for address resolution in the Neighbor Discovery protocol?

  • Router Advertisement
  • Router Solicitation
  • Redirect Message
  • Neighbor Advertisement (correct)
  • What mechanism does enterprise-grade switches use to mitigate ARP attacks?

    <p>Dynamic ARP inspection (DAI)</p> Signup and view all the answers

    Which message is NOT part of the five ICMPv6 messages used in Neighbor Discovery?

    <p>ARP Request</p> Signup and view all the answers

    What service does the redirect message in ICMPv6 Neighbor Discovery provide?

    <p>Better next-hop selection</p> Signup and view all the answers

    What could occur if many devices are powered up simultaneously on a network?

    <p>Reduced performance temporarily</p> Signup and view all the answers

    What happens after a device sends an ARP request?

    <p>Only the device with the matching IPv4 address replies.</p> Signup and view all the answers

    What is a characteristic of the ARP reply?

    <p>Only the originating device receives the ARP reply.</p> Signup and view all the answers

    What is ARP spoofing primarily used for?

    <p>Performing ARP poisoning attacks.</p> Signup and view all the answers

    Which ICMPv6 message is NOT used by Neighbor Discovery?

    <p>Fake advertisement</p> Signup and view all the answers

    Which of the following services does the Neighbor Discovery protocol provide for IPv6?

    <p>Address resolution</p> Signup and view all the answers

    Which factor determines the removal of ARP table entries?

    <p>An ARP cache timer.</p> Signup and view all the answers

    What do IPv6 devices use to resolve MAC addresses instead of ARP?

    <p>Neighbor Discovery protocol</p> Signup and view all the answers

    What is a consequence of broadcasting an ARP request on a local network?

    <p>The network may slow down.</p> Signup and view all the answers

    Which ICMPv6 message is responsible for soliciting router information?

    <p>Router solicitation</p> Signup and view all the answers

    What is the purpose of the ARP type field set to 0x806?

    <p>It informs the NIC to pass data to the ARP process.</p> Signup and view all the answers

    What happens to packets if no device responds to an ARP request?

    <p>The packets are dropped as a frame cannot be created.</p> Signup and view all the answers

    What is a characteristic of static ARP entries?

    <p>They are manually entered and do not expire.</p> Signup and view all the answers

    Which message types does ICMPv6 Neighbor Discovery rely on?

    <p>Neighbor solicitation and neighbor advertisement messages.</p> Signup and view all the answers

    When a source device needs to send a frame to an IPv4 address on another network, what is used?

    <p>The MAC address of the default gateway.</p> Signup and view all the answers

    What is one of the main risks associated with ARP spoofing?

    <p>Incorrect routing of packets in the network.</p> Signup and view all the answers

    Why is dynamic ARP inspection recommended in networks?

    <p>It prevents unauthorized MAC address changes.</p> Signup and view all the answers

    How frequently does the ARP cache timer remove inactive entries in a device?

    <p>Between 15 and 45 seconds for newer Windows OS.</p> Signup and view all the answers

    What initial step does a host take when creating a packet for a destination IP address?

    <p>It compares the destination IP with its own IP.</p> Signup and view all the answers

    Study Notes

    ARP

    • ARP is essential for mapping IPv4 addresses to MAC addresses
    • Devices use ARP tables to store mappings of IPv4 addresses and corresponding MAC addresses.
    • An ARP table entry has a timestamp and is removed if no traffic is received from the device before the timestamp expires.
    • When a device needs to send a packet, it checks its ARP table for the destination IPv4 address and corresponding MAC address.
    • If the address is in the ARP table, it uses the MAC address to create a frame.
    • Otherwise, the sending device sends an ARP request, a broadcast frame, to find the MAC address associated with the destination IPv4 address.
    • Devices that have the same target IPv4 address will respond with the matching MAC address.
    • The reply is sent as a unicast frame to the device that sent the request.
    • The device adds the mapping to its ARP table and can now send a frame to the destination.
    • If no device responds to the ARP request, the packet is dropped.
    • An ARP request is sent when the sender wants to determine the MAC address associated with an IPv4 address but doesn't have this mapping in its ARP table.
    • Both ARP requests and replies are encapsulated in Ethernet frames—no IPv4 headers are used.

    ARP Poisoning Attacks

    • ARP poisoning attacks target the ARP table.
    • An attacker can send a forged ARP reply that contains its MAC address rather than the legitimate device's MAC address, causing the receiving device to map the target IPv4 address to the attacker's MAC address.

    IPv6 Neighbor Discovery Protocol

    • IPv6 uses the Neighbor Discovery protocol (ND) to resolve IPv6 addresses to MAC addresses.
    • ND is similar to ARP but uses ICMPv6 messages.
    • It provides services like address resolution, router discovery, and redirection.
    • ND uses five types of ICMPv6 messages: Neighbor Solicitation, Neighbor Advertisement, Router Solicitation, Router Advertisement, and Redirect.
    • Neighbor Solicitation and Neighbor Advertisement messages are used for device-to-device communication.
    • Router Solicitation and Router Advertisement messages are used for device-to-router communication.
    • The Redirect message is used for route optimization.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Related Documents

    2101-Ch09.docx

    Description

    This quiz covers the essential functions of Address Resolution Protocol (ARP) in mapping IPv4 addresses to MAC addresses. You will learn how devices utilize ARP tables and the process involved in sending ARP requests and receiving responses. Test your understanding of ARP and its significance in network communication.

    More Like This

    Use Quizgecko on...
    Browser
    Browser