How can the basic working of
the functionality of an application on a server checked from a remote location.
Network applications works on
port numbers. When an application is installed on a system, the appropriate
port would be open. If the application is not running, the port would be in
closed state. A port scanner like nmap can be used for checking the appropriate
port is in open or closed state.
Name two reasons as to why
ping response is not received from the destination
The ping can fail if the
destination is shutdown or it can also be a firewall on the destination
blocking the packet.
How can a FTP server
residing on a LAN network accessed from a PC on the internet. Assume that the
LAN network has an internet connection using a router.
forwarding feature can be used to achieve the functionality. Port forwarding
feature can be configured on the router to forward all requests to TCP port 20
and 21 which are used by FTP servers to the appropriate LAN IP address of the
FTP server. Users can then FTP into the public IP address of the router which
is connected to the internet. When the router receives the request, it forwards
to the internal FTP server IP address.
How can the desktop of a
Linux system viewed from Windows.
VNC protocol can be used for
the purpose. The Linux system can be setup as a VNC server and Window as the
VNC client. The IP address of the Linux system can be configured in the VNC
client, following which connectivity can be achieved.
Explain a technique by which
web access can be blocked on a network with a firewall.
An ACL can be configured which
would block DNS packets originating from the network. DNS is used for resolving
URL into IP address. If DNS is blocked, web communication would fail.
How can web access be
blocked for a specific group of users on a network with a firewall.
Create two networks to
segregate users. Map 1 network with users which are allowed and the 2nd network with
users which are not allowed. Create an ACL which would deny access to DNS for
the 2nd network. As DNS is blocked, web access would not be allowed for the
Which feature on a router can be used to block access to known
URL filtering is a feature
which is available on routers where the URL name of the websites can be
provided and access to the same can be blocked.
Does HTTPS use TLS/SSL
protocol at the transport layer
HTTPS uses TCP at the transport
layer. TCP port 443 is used. TLS/SSL is used by HTTPS for encrypting the data
Why should mac-filtering not
be used as a security defense mechanism on wireless networks.
Mac-filtering is a feature
which would allow the mac-address of wireless units on a network to be
configured for allowing or denying access to the network. Wireless
communication is a shared medium. Anyone with a protocol analyzer can view the
mac-addresses on a network. The valid mac-addresses can then be used by hackers
to gain connectivity to the network, by using spoofing techniques. This makes
mac-filtering vulnerable, due to which it is not
How can a DHCP starvation
attack be mitigated on a switch.
DHCP starvation attack occurs
when an attacker sends multiple requests to the DHCP server impersonating
different clients. To mitigate this, port-security can be Copyright 2015 @
which can be used for limiting the allowed number of mac-addresses on a switch
Explain two access control
techniques by which a router on a LAN can be configured for access only for the
Appropriate username and
password can be used for the admin. An ACL can be configured which would allow
only the IP address of the admin PC for access.
What will a router do if it
receives an IP packet with TTL value 2.
The router would decrement the
value by 1 and forward the packet to the next hop.
Which protocol is not used
by IPv6 compared with IPv4 for identifying the mac-address of a peer.
The ARP protocol is used by IP
v4 to detect the mac-address for a specific IP address. IP v6 does not use ARP.
How can an admin configure
only SSH protocol for remote access on a Cisco router.
The admin can configure an ACL
which would allow only TCP port 22 for SSH and deny all other access.
Can two vlans be assigned
with two subnets from the same major network.
Vlans are used for segregating
networks. So two subnets irrespective of whether they are from the same of
different major networks can be used with two vlans.
Question 108 Copyright 2015 @
Give a practical instance where static NAT is configured on a router.
Static NAT is used in a
scenario where a server which is residing on a LAN network needs to be accessed
from users on the internet. In this case, the server would have a public IP
address which would be mapped with the private IP address using static NAT.
Which port number would you
open on a firewall to allow access to a Windows remote desktop server on the
Windows remote desktop servers
work on TCP port 3389, which should be opened on the firewall for access.
How can packet drops on a
network tested by using ping.
100 ping packets can be issued
to a system on the network. On a Windows system this can be achieved by the use
of command ping – n 100 192.168.2.1, where 100 suggests the number of packets
and 192.168.2.1 is the system which is being pinged. The output can be analyzed
to see how many ping responses have been lost, which would correspond to the
Will a router forward DHCP
DHCP Discover is a broadcast
packet. Routers do not forward broadcast packets.
A user configures the
internet firewall to block incoming IP packets originating from the subnet
192.168.1.0/24. What type of filtering is being performed.
An ACL configured to block
inbound packets is termed as ingress filtering. Egress filtering is used for
A user has an http proxy configured on the browser. He attempts to open
the website www.tcpipguru.com on the browser. The IP address of the proxy
server is 192.168.1.1/24 and the port configured is 80. How will the TCP
connection from the user established with the website.
When the user initiates the
connection to the website, a TCP 3 way connection is initially established with
the proxy server which is 192.168.1.1. The proxy server would then, on behalf
of the user, would initiate a TCP 3 way handshake with the website server. This
process is transparent and the user is not aware of the same.
Three switches sw1, sw2 and
sw3 transmit STP BPDU packets with the following info in the Bridge ID. Which
switch will be elected as the root bridge
sw1 : Bridge priority 3456,
Mac-address : 00:1b:78:ab:9f:91. sw2 : Bridge priority 1234, Mac-address :
00:1b:78:ab:9f:92. sw3 : Bridge priority 2345, Mac-address: 00:1b:78:ab:9f:93.
STP protocol elects the switch
with the lowest priority as the root bridge. Sw2 would be elected as the root
bridge as it has the lowest priority.
A switch port operating in
full duplex mode is connected to a PC operating in half duplex. What would be
the effective duplex settings for the communication
The effective duplex setting
would be half duplex as a full duplex system cannot communicate as full duplex
when the peer is operating in half duplex.