1212 Final Part 2

Questions and Answers

What is the primary purpose of the ping command?

To discover the MAC address of a device

To verify network connectivity between hosts (correct)

To send data packets to multiple devices

To configure IP addresses on a network

If a workstation cannot ping any hosts on a remote network, what should be the next step?

Check the MAC address of the workstation

Change the IP address of the workstation

Ping another host on the same subnet

Use the tracert command to verify the path (correct)

What do you verify when you ping the local address 127.0.0.1?

Correct installation and configuration of TCP/IP (correct)

DHCP server configuration

Access control list permissions

Physical connectivity to the network

Which part of an IPv6 address identifies the specific interface of a device?

Interface ID

Which of the following is an example of a unicast address?

An address assigned to a single interface for one-to-one communication

What does the DHCP scope define in a network?

The configuration information applied to devices receiving IP addresses.

What is the purpose of exclusion addresses in DHCP?

To maintain static IP configurations for critical devices.

What acronym is helpful to remember the four steps in the DHCP process?

DORA

How does a DHCP client respond to multiple offers from different servers?

It accepts the first offer and ignores the others.

What happens to an IP address when a client's lease expires and the device is off the network for a long time?

The IP address is released back into the pool for reassignment.

What does the subnet mask identify in an IP address?

The network and host portions of the IP address

How can you detect a rogue DHCP server on a network?

By observing multiple IP address lease offers

What is the function of the /release switch in ipconfig?

To release the current IP address from the DHCP lease

What is the main purpose of the Dynamic Host Configuration Protocol (DHCP)?

To assign unique IP addresses across devices

What does Automatic Private IP Addressing (APIPA) signify?

The device could not obtain an IP address from a DHCP server

What is the primary function of a captive portal?

To force user agreement to terms or a fee before network access.

Which wireless authentication method uses a passphrase for user validation?

Pre-shared key (PSK)

Which frequency range typically has longer transmission distances but lower data rates?

2.4 GHz

What technology helps increase bandwidth by using multiple antennas for both the transmitter and receiver?

MIMO

What is a potential consequence of increasing the power of a wireless access point?

Increased transmission distance with potential instability

Which protocol is used by L2TP for encryption?

IPsec

What is a primary feature of a site-to-site VPN?

Encryption of data from hosts within a site

What type of device is typically used as a VPN concentrator?

Dedicated server

What distinguishes the Authentication Header (AH) from the Encapsulating Security Payload (ESP) in IPsec?

AH is used for authentication, while ESP provides data encryption

Which port does PPTP typically use for its connections?

TCP port 1723

What does WPA2-PSK use to encrypt data in a wireless network?

Advanced Encryption Standard-Counter Mode with Cipher Block Chaining Message Authentication Code

Which of the following describes the role of a supplicant in an 802.1x setup?

It is the device communicating with the authenticator.

What is the primary function of RADIUS in a wireless network?

To provide centralized user authentication and authorization

What makes WPA3 more secure than WPA2?

It employs the Simultaneous Authentication of Equals standard.

What is a potential limitation of MAC address filtering?

It does not secure the network from SSID broadcast detection.

Study Notes

IP Configuration Issues

• Incorrect Subnet Mask: Can cause IP communication problems if devices on the same subnet have different subnet masks. This prevents correct network address identification.
• Missing Default Gateway: Prevents communication with hosts outside the local subnet.
• Rogue DHCP Server: An unauthorized DHCP server on the network can cause IP address conflicts and network instability.
• DHCP Server Issues: Problems like insufficient IP address space, incorrect scope configuration, or server malfunctions can prevent a DHCP server from assigning addresses.
• IP Address Conflicts: Duplicate IP addresses on a subnet prevent communication between devices.
• Incorrect or Invalid IP Addresses: Using reserved addresses, or ones not within the subnet's range can result in issues.
• Leased IP Address: If this is being used the address cannot be reassigned, even if the device disconnects.
• Incorrect Hostname: Will cause issues with name resolution if not using DNS.

Incorrect Subnet Mask and IP Communication Issues

• An incorrect subnet mask on a device prevents it from correctly identifying the network address and host address portion of an IP address.
• This prevents communication with devices on the same subnet.
• Two devices must have the same network ID portion of the IP address to be on the same subnet.

DHCP Server Issues Preventing Proper IP Address Assignment

• Insufficient IP address space: The DHCP server runs out of available IP addresses.
• Incorrect scope configuration: The DHCP server's configuration settings are incorrect.
• DHCP server malfunctions: The DHCP server is not functioning correctly.

ipconfig /release Switch Function

• The /release switch with ipconfig releases the currently assigned IP address from the DHCP server.

Detecting a Rogue DHCP Server

• Monitor network traffic for unusual DHCP activities.
• Analyze DHCP logs for unexpected entries or conflicts.

Identifying APIPA Use

• A device using APIPA will have an address in the 169.254.x.x range.

Ping and Tracert Differences

• ping checks if a host is reachable, and if a network connection exists.
• tracert traces the route a packet takes to a destination.

Failed Ping Test Significance

• A failed ping test indicates that a connection between two hosts is not established or the host is unreachable.

When to Use Tracert

• Use tracert (Windows) or traceroute (Mac) when you need to pinpoint the location of a network problem by identifying points at which packets are not being forwarded correctly.

tcpdump Function

• tcpdump is a command-line tool for capturing and analyzing network traffic.

Difference Between Static and Dynamic IPs

• Static IP addresses are manually configured and do not change.
• Dynamic IP addresses are automatically assigned by protocols such as DHCP.

IPv6 Need

• IPv6 is needed to address the exhaustion of IPv4 addresses.

IPv6 Address Format

• An IPv6 address is a 128-bit address written as eight groups of four hexadecimal digits, separated by colons. Example: 2001:0db8:85a3:0000:0000:8a2e:0370:7334.

Simplifying IPv6 Addresses

• Leading zeros in groups of four hexadecimal digits can be omitted.
• Consecutive zeros can be replaced with two colons. Example: 2001:0db8:85a3::8a2e:0370:7334

Two Parts of an IPv6 Address

• Prefix ID: First 64 bits, identifying network/subnet information.
• Interface ID: Last 64 bits, uniquely identifying the device.

IPv6 Communication over IPv4

• Tunneling. IPv6 packets are encapsulated within IPv4 packets to traverse IPv4 networks.

Stateful vs. Stateless Autoconfiguration

• Stateful autoconfiguration relies on a DHCPv6 server for IP address assignment.
• Stateless autoconfiguration uses a mechanism to automatically generate IP addresses.

Wireless Network Standard

• IEEE 802.11 standard defines how wireless networks operate.

Wireless Channels (2.4 GHz, 5 GHz)

• 2.4 GHz has 3 non-overlapping channels.
• 5 GHz has 24 non-overlapping channels.

WPA2 Encryption Algorithm

• Advanced Encryption Standard (AES) - Counter Mode with Cipher Block Chaining Message Authentication Code (CCMP).

Wireless Access Method (Button)

• Wi-Fi Protected Setup (WPS) allows a device to connect to a wireless network by pressing a button.

Remote Access VPN vs. Host-to-Host VPN

• Remote access VPN uses a VPN concentrator to allow multiple hosts to connect to a network. Host-to-host establishes a secure connection between two specific host computers.

Site-to-Site VPN Devices

• Routers on the edge of the networks are configured to establish the VPN tunnel.

VPN Protocols and Encryption

• PPTP: Uses standard authentication protocols (like CHAP, PAP) and TCP port 1723. Encryption method(s) not explicitly specified.
• L2TP: Uses IPsec for encryption and TCP port 1701 and UDP port 500.

IPsec Protocols (AH, ESP) Difference

• Authentication Header (AH): Authenticates the IP packet.
• Encapsulating Security Payload (ESP): Encrypts the IP packet's data.

HDD vs. SSD

• HDD: Physical, mechanical drive storing data on spinning disks.
• SSD: Flash memory based, no moving parts.

Windows Drive Partitions

• Master Boot Record (MBR): Older, limited to 2 TB.
• GUID Partition Table (GPT): Modern, supports larger volumes.

MBR Disk Limitations

• Maximum drive size is 2 TB.

Windows Disk Management Utility

• Used to manage and configure storage devices in a Windows system.

Storage Spaces and Storage Pools

• Storage Spaces: Windows feature for combining drives into an aggregated logical drive space for users.
• Storage Pools: A collection of physical storage devices used by Windows Storage Spaces technology and act as one large source.

Storage Pool Configurations

• Simple: Increases data throughput, no redundancy.
• Mirror: Increases performance and protects against drive failure by replicating data.
• Parity: Provides data redundancy and protects against single drive failure.
• Dual Parity Provides redundancy and protects against two simultaneous drive failures.

OneDrive Overview

• Cloud storage service integrated with Windows.
• Users get free initial storage space (5 GB). Additional storage is available for purchase.

OneDrive Configuration

• Requires a Microsoft account for access.
• Files/folders can be synced to the cloud automatically.

OneDrive Data Access

• Files can be accessed via File Explorer, web browser, or mobile app.
• Deleted files can be recovered from the Recycle Bin (within 3-93 days depending on account tier).

Local Storage Management

• Upgrade Disk Drives: Consider using SSDs or NVMe drives for faster performance.
• Upgrade Disk Interface: Upgrade to faster interfaces (like PCIe, for example).
• Disk Cleanup: Removes temporary files to free up space.
• Optimize Drives: Defragment files to improve access time. (Not necessary for SSDs)
• Check Disk: Verifies file system integrity & fixes errors (chkdsk).

File Attributes

• Metadata associated with files that provide specific details about the file.
• Common attributes include Archive, Compressed, Directory, Encrypted, Hidden, Read-Only, System, Temporary, Offline, and Not Content Indexed.

Sharing Files and Folders

• Share permissions: Limit network access to files and folders.
• NTFS permissions: Offer granular control over local and networked folders/files.
• Share permissions take precedence over NTFS permissions when accessed over the network.
• Best practice: Use the principle of least privilege and groups to manage access.

Basic Input/Output System (BIOS) Boot

• Power On Self-Test (POST): Verifies hardware components' integrity and initializes devices.
• Boot Loader: Loads the OS kernel from the active partition.
• Operating System (OS) Startup: Loads device drivers and services, configures environment.

Unified Extensible Firmware Interface (UEFI) Boot

• More advanced boot specification than BIOS.
• Contains several phases: Security, Pre-EFI, Driver Execution Environment, Boot Device Selection, Transient System Loader, and Run Time.

Startup Error Facts

• Several error causes (hardware, software, etc) often involve a corrupted MBR or boot sector, potentially fixable with command prompt utilities.
• Boot logs can be useful in diagnosing startup problems.

System Recovery Procedures

• Repair tools, including Startup Repair, System Restore, System Image Recovery, and Reset this PC, are frequently implemented in WinRE.
• Choose a recovery method depending on the nature of the error and what the user wishes to preserve (or not preserve).
• Use an official Microsoft support tool to repair a corrupted MBR or boot sector.

Boot Configuration Data (BCD)

• A database that records bootable operating systems.
• BCDEdit is a command-line tool to manage BCD for various systems.

System Recovery Procedures/Recommendations

• Revert Windows updates, reset the PC, use system restore points, or restore from an image backup, depending on the specific issues(s) discovered.

Description

This quiz covers key concepts related to IP configuration issues, including subnet masks, default gateways, and DHCP server challenges. Test your understanding of how incorrect settings can lead to network communication problems and conflicts. Perfect for networking students and professionals.