CHAPTER 1

1. Define Mac address?

● Mac address is media access control address
● It's unique address
● Length is 6 bytes and represented in hexadecimal format

2. Define IP address ?
● IP is Internet protocol address
● Length is 4 bytes and represented in dot decimal format
● Types are IPV4 & IPV6
● Classes of Ip address are class A, class B , class C, class D and class E

3. IP address range
● Class A ip address range is from 1 to 126
● Class B is 128 to 191
● Class c is 192 to 223
● Class D is 224 to 239
● Class E is 240 to 255

4. Private IP address
● Private ip address doesn't routed via internet
● Class A private IP is 10.0.0.0
● Class B private IP is 172.16.0.0 to 172.31.0.0
● and Class C private IP is 192.168.0.0

5. Auto configuration IP
● 169.254.0.0 is auto configuration Ip
● If the host is unable to get ip from DHCP server then the host assigns the ip from the
range of 169.254.0.0 6.

6.Define a subnet mask ?

● The subnet mask is used by the sending device to determine that the destination
device is present in the same network or different network .
● To find the subnet mask we have to put 1 for network bits and we have to put 0 for
host bits.
● To find this sending device will do AND operation.
● The default subnet mask value for
● Class A is 255.0.0.0 , the class B is 255.255.0.0 , the class C is 255.255.255.0.

7. What is the default gateway ?

● The default gateway is the exit and entry point of the network .
● Without default gateway the device from one network cannot communicate with
another network
8. Define port numbers ?
● The port numbers is used to identify the services
● The port number range is 1 to 65,535
● Port number of FTP is 20& 21
● SSH port number is 22
● Telnet port number is 23
● SMTP Port number is 25
● DNS port number is 53
● DHCP port number is 68&67
● Http port number is 80
● Https port number is 443
● SNMP port number is 161 & 162

FTP
● Ftp is file transfer protocol
● Ftp used to send and receive the files
● Ftp is TCP based application
● Ftp port number is 20&21

SSH
● SSH is secure shell
● SSH used for remote login
● SSH port number is 22
● SSH is TCP based application
● In SSH credentials sent in encrypted format

TELNET
● Telnet used for remote login
● Telnet uses the port number 23
● Telnet is TCP based application

DNS
● DNS is domain name service
● DNS converts domain name into ip address
● DNS port number is 53
● DNS uses both TCP and UDP protocol.

DHCP
● Dynamic host configuration protocol
● It automatically assigns the ip details and DNS details to the computer
● DHCP is UDP based application
● DHCP uses port number 68 & 67

TFTP
 ● TFTP is trivial file transfer protocol
● TFTP used to send and receive the files
● TFTP is UDP based application
● TFTP uses port number 69

9. Define PING?
● Ping is Packet Internet Grober .
● It's used to test the connectivity of the network
● The continuous ping is used to check the packet drops

10. What is trace route?

The trace route command is used to identify the path taken by the packet to reach the
destination.

11.TCP
● Transmission control protocol
● TCP is a connection oriented protocol.
● It's a reliable protocol .
● TCP protocol number is 6 .
● Some of the TCP based applications are HTTP, TELNET , FTP

12. UDP
● UDP is user datagram protocol
● UDP is a connectionless oriented protocol.
● It's not a reliable protocol
● UDP protocol number is 17
● Some of the UDP based applications are DHCP , TFTP

13. ICMP
● ICMP is internet control message protocol
● ICMP is used for error reporting
● It belongs to network layer
● ICMP protocol number is 1

14. TCP 3 way handshake

● Let us consider host A communicates with host b
● Host A will send the sync message to host b, for that host b will send the Ack+ sync
message to host A .
● Then host A will send the ack message.
● This is called 3 way handshake

15. Why is TCP a connection oriented protocol ?

TCP will do 3 way handshake before the data transfer so it is called connection oriented
protocol.

16. Why is TCP called a reliable protocol ?

TCP will do acknowledgement for each and every data transfer so it is called as reliable
protocol

17. Why is UDP called a connection less oriented protocol ?

UDP will not do 3 way handshake before data transfer so it's called as connection less
oriented protocol

18. Define protocol numbers ?

Used to identify the protocols

19. In which layer protocol number works ?

Works in Network layer
an example ICMP – 1, TCP – 6, UDP -17

20. OSI layer model

● Open system interconnect model
● It's a reference model
● It's a vertical model approach.
● It contains 7 layers:
● Physical layer,
● Data link layer,
● Network layer,
● Transport layer,
● Session layer,
● Presentation layer and
● Application layer

21. TCP IP model

● Developed by the US department of defence.
● It's a horizontal model approach.
● Practically we are using this model
● TCP IP model contains 5 layers:
● Physical layer
● Data link layer
● Network layer
● Transport layer and
● Application layer

22. Application layer

Application layer acts as user interface It invokes the application layer protocols

23. Presentation layer functions

Presentation layer functions are data translation, data encryption and decryption , data
compression and decompression

24. Session layer

● Session layer function is creation, maintenance and termination of session 28.
Transport layer functions
 ● Transport layer functions are segmentation, sequencing and reassembly then flow
control, congestion control, multiplexing, error correction , port number determination.

25. Network layer functions

Network layer functions are routing, fragmentation and ip address determination

26. Data link layer functions

● Data link layer functions are error detection , Mac address determination.
● Describes about technologies used for communication

27. Physical layer functions

● Physical layer describes physical connectivity of the network
● It converts the frames into binary bits

28. What is DORA?

● DORA includes DHCP discover, offer, request and acknowledgment.
● Through DORA process only DHCP client gets Ip and DNS details from DHCP server
● Once the pc boots up it sends the DHCP discover message
● The DHCP server will refer to the pool and assign the freely available IP details
through the DHCP offer message.
● The client will send the DHCP request to get permission to use those assigned ip
details. Now the DHCP server will grant permission using DHCP ack message

29. What is ARP?

● ARP is an address resolution protocol.
● It resolves the IP address into an MAC address.
● ARP works between Layer 2 and Layer 3.
● ARP types are General ARP, Reverse ARP, Inverse ARP, Gratuitous ARP and Proxy
ARP
● General ARP – resolves the IP address into MAC address
● Reverse ARP – resolves the MAC address into an IP address
● Proxy ARP – used to make a communication between one network to another
network without default gateway
● Gratuitous ARP – used to detect the IP address conflicts
● Inverse ARP – resolves the MAC address into DLCI values.

30.MSS
● Maximum segment size
● Maximum amount of data that present in a single segment
● MTU value for Ethernet is 1500 bytes

31.MTU
● maximum transfer unit
● Maximum amount of data handled by interfaces
● MSS value is 1460 bytes.

32.MSS value is 1460

Mss range is 500 to 1460
Default MSS value is 5

33.TCP header
contains
● Source port number
● Destination port number
● Sequence number
● Acknowledgement number
● Header length
● Reserved Flag
● Window size
● Checksum
● Urgent pointer
● TCP options
● Padding

34.UDP header
contains
● Source port number
● Destination port number
● Total length
● Checksum

35 IP header fields
are
● Version
● Header length
● Types of service
● Total length
● Identification
● Flag
● Fragmentation offset
● Time to live
● Protocol
● Checksum
● Source ip address
● Destination ip address
● Options

36. Ethernet header fields

are
● Destination Mac address
● Source Mac address
● Type or length Payload and CRC
37.What are all the flags available in TCP?
● SYNC
● ACK
● PUSH
● RESET
● URGENT
● FINISH

38.What are all the TCP options?

The TCP options are,
● Maximum segment size
● Window scaling
● Selective acknowledgement
● Time stamp

Chapter 2

1. VLAN
● Vlan is a virtual local area network
● It divides the network at layer 2
● By default switch will not allow to communicate from one vlan to another vlan There
are total 4096
● VLANS Vlan types are normal range vlan and extended range vlan
● Vlan 0 to 1023 are normal range vlan
● Greater than 1023 are extended range vlan

2.Default vlan
● The default vlan are 1,1002,1003,1004&1005
● The default vlan are not allowed to create or delete

3.Inter vlan routing ?

● To communicate from one vlan to another vlan we need to configure inter vlan routing
● To configure the inter vlan routing we need layer 3 devices such as router or layer 3
switch

4.Inter vlan routing methods

Inter vlan routing methods are legacy, router on stick and by using layer 3 switch.

5.Access port
● Access port used to connect end user devices
● Access port carries the traffic from only one vlan at a time
● Access port will be member only one vlan at a time
● Doesn't tag the VLAN id
6. Trunk port
● Used to connect network devices
● It carries traffic from all the VLANS
● It tags the VLAN id It is not any member of VLAN
● Tags Vlan ID

7. Purpose of VTP
● Generally to configure VLAN in multiple switches we need to login each and every
switch to configure the VLANS But in VTP,
● if you configure VLAN in server mode it distributes the VLAN information to the
remaining switches among the same domain.

8.DTP
● DTP is dynamic trunking protocol
● It's a Cisco proprietary protocol
● DTP tries to form a trunk between the switches
● DTP modes are auto and desirable
● To form the trunk either one of the interfaces should be in desirable mode.

9. 802.1q
● The dot1q protocol tags the VLAN id at the trunk port.
● It's a open standard protocol
● Dot 1q inserts the tag between the source Mac address and type or length field
among the ethernet frame
● Its supports both standard and extended VLAN

10.VTP version 1 vs VTP version 3

● Vtp version 1 server mode supports only normal range vlan but VTP version 3
supports both normal range vlan and extended range vlan
● Vtp version 1 modes are server , client and transparent . Vtp version 3 has extra
modes VTP off mode.
● Vtp version 1 doesn't support private VLAN but VTP version 3 supports private vlan

11. VTP
VTP is vlan trunking protocol
It carries vlan information between the switches
VTP modes are
● Server
● Client
● Transparent
Vtp versions are
● Version 1
● Version 2
● Version 3
Vtp messages are
● Summary advertisement
● Subset advertisement
● Advertisement request.

12. Vtp server modes

● Vtp server mode allowed to create, modify and delete the vlan
● It shares the vlan information to the neighbour switches
● It synchronises the vlan database

13.Vtp client mode

● Vtp client mode is not allowed to create, modify or delete the vlan
● It shares the vlan information to the neighbour switches
● It synchronises the vlan database

14.Vtp transparent mode

● Vtp transparent mode is allowed to create , modify and delete the vlan
● It doesn't share the vlan to the neighbouring switches
● It doesn't synchronise the vlan database

15.What is meant by Configuration Revision number?

● It is used to determine whether the received information is newer than the current
version.
● If you make any VLAN change in a VTP device, the configuration revision number is
incremented by 1.

16.How to reset the configuration revision number?

● Bounce the VTP domain name.

17. In Which condition the advertisement request is issued?

● Switch - reset
● Change in VTP domain name.
● Switch receives the summary advertisement with high configuration revision number

18. What are all the step to create the extended range VLAN(1024 - 4095)?
● By Default switch will be in server mode, it won't allow to create extended range
VLAN
● So change the VTP mode to transparent, now only it allow to create Extended range
VLAN

19.VTP version 1 vs VTP version 2

In VTP version 1 Transparent mode switch will forward the advertisement only if domain
name and version matches but in VTP version 2 transparent mode switch will forward the
traffic without considering domain name and version.Vtp version 1 supports only
ETHERNET but version 2 supports both ethernet and token ring

20.What is STP?
STP stands for spanning the protocol
it provides layer 2 security.
It is used to prevent loops and provide redundancy to the network.

STP selections
a. Root bridge election
b. port election
1. designated port selection
2. non designated port selection
3. root port selection

ROAD BRIDGE ELECTION

Let us consider 3 switches are interconnected with each other with default bridge priority
value 32768.
In STP each and every switch is identified by the bridge ID. Bridge ID is a combination of
bridge priority MAC address.
The switch with lowest bridge ID is elected as a root bridge; the other two switches will
become non root bridge.
In case all the switches have the same bridge ID then it will select the switch with lowest
MAC address as root bridge. This process is called root bridge election.

PORT ELECTION
Root port selection
Every non road bridge should have at least one root port to reach the root bridge
1. The port with the lowest path cast to reach the road bridge is selected.

DESIGNATED AND NON DESIGNATED PORT SELECTION

All the ports connected to the road bridge will become designated port.
the respective leftover ports become non designated port
Designated port is responsible for every LAN segment to be connected to the STP tree.

STP PORT STAGES

1.blocking
2.listening
3.learning
4.forwarding

STP convergence time

1. For direct link failure 30 seconds.
2. For indirect link failure 50 seconds.

21. RSTP
Rapid spanning tree protocol
Developed by Cisco
Convergence time is lesser than 2 seconds

22.MSTP
Multiple spanning tree protocol
In MSTP multiple vlan mapped with single stp instances

VPN and IPSEC

1.IPSEC
Internet protocol security is frame work that offers confidentiality, integrity, authentication and
anti replay

2.VPN
VPN is a virtual private network , establishes secure private network over the internet

3.Types of VPN are

● Site to site vpn
● Remote site vpn
● SSL VPN

4.SSL VPN
● Secure socket layer
● VPN encrypts the traffic between web browser and web server
● In SSL VPN client software is not required

5.VPN protocols
● VPN protocols are
● IPsec
● Point to point tunnelling protocol
● Layer 2 tunnelling protocol and
● SSL VPN

6.IPSEC protocols
● IP sec protocols are
● authentication header
● Encapsulation security payload and
● Internet key exchange

7.There are 2 modes

Transport mode and tunnel mode

8.Tunnel mode
Tunnel modes encrypt the entire ip packet
Transport mode
Transport mode encrypts only the payload of the packet
9.Gre vpn?
● GRE stands for Generic routing encapsulation,
● it is used to create point to point tunnels and it doesn't provide data encryption. It is
developed by Cisco

10.DM vpn?
● Dynamic multipoint VPN
● It is used to create point to multipoint tunnels and it doesn't provide data encryption; it
is developed by Cisco.

11.SSL contains?
● 1.Domain name
● 2.Organization name
● 3.Certificate authority name
● 4.Date of issue
● 5.Date of expiry
● 6.Public key

12. Ssl handshake?

● The web browser will send the client hello message to the web server for that server
will send the server hello message to the client.

● Then client will validate the server by server public key with certificate authority after
that the client will use server random and generate the pre master key

● Then the pre master key will be encrypted using server public key and send to server

13.what is firewall?
Firewall is a network security device either hardware or software. it provide security and it
monitors all incoming and outgoing data traffic

14.ACL
Access Control List
It is a list of rules that permit or deny the traffic or packet.

2 types
● Standard ACL
● Extended ACL

Standard ACL:
● Filter applies based on Source IP
● Filter applies towards Destination IP.
● (1-99) are Standard ACL ranges.

Extended ACL:
 ● Filter applies based on Source IP, Destination IP, Source MAC address, Destination
MAC address and Protocol.
● Filter applies towards Source IP.
● (100-199) are extended ACL ranges.

15.NAT
NAT is a Network Address Translation.
It converts Private IP address into Public IP address and vice versa.

3 types of NAT
● Static NAT
● Dynamic NAT
● PAT

Static NAT
● 1 to 1 mapping, each and every private IP address needs a separate public IP
address.
● Manually, network admin have to bind each and every private IP address with the
registered public IP address.

Dynamic NAT
● 1 to 1 mapping, each and every private IP address needs a separate public IP
address.
● The binding of private IP address into public IP address is done automatically by the
router.

PAT
● Port Address Translation.
● Many to one mapping, upto 65535 private IP address is translated by using public
IP address.
● Mapping of Port number is done automatically.
 DNS QUERY

1.Dns query
● Once the user type google.com, the computer doesn't know the IP of Google, so it
contacts the local dns server.
● If the local dns server have the IP, it's returning the IP address else it will contact the
root server
● The root server will give referral of top-level domain server to the local dns server
● Now the local dns server will contact the top-level domain server to get an IP of
Google
● The top-level domain server will give a referral of the authoritative server, now the
local dns server will contact the authoritative server and get the ip .
● After that local dns server will give the IP of Google to computer.

2.Record types

● A record
● AAAA- Quad A
● Canonical name record
● Mail exchange record
● Name server record
● Reverse pointer record
● Start of authority
● Service of location

3.RECURSIVE QUERY
● In recursive query local dns server will contact each and every dns server like root
server, top level domain server and authoritative server to get the IP
● Once the local dns server gets the IP, it will be handed over to the computer.

4.ITERATIVE QUERY
In iterative query, the computer itself should contact each and every dns server to get the IP

5.What is the DNS Domain?

● Root domain
● Top domain
● Sub domain

6.What is the DNS query?

● Recursive query
● iterative query
● inverse query163.

7.What are all the records available in DNS?

● A - record
● PTR - record (reverse - lookup pointer)
● NS - record (name server)
● MX - record (mail exchange)

8.Application layer protocols?

The application layer, protocols are http, FTP, TFTP, TELNET, SSH, SMTP, SNMP, DNS,
DHCP.

9.Which transport layer is used in DNS?

● TCP and UDP.

10.Functions of records in DNS?

● A-records -> Maps the domain name to an IP address.
● PTR- record -> Maps the IP address to a domain name.
● NS-record -> Maps the domain to a list of DNS.
● MX-record -> Maps the domain name to a list of main exchange servers.

11.What are the transport layer protocols?

TCP and UDP

12.What are the data link layer protocols?

The data link layer protocols are 802.1Q, VTP, DTP, STP, RSTP, etc.

13.What are the network layer protocols?

The network layer protocols contain routed protocols such as IP, IPX, AppleTalk and routing
protocol such as EIGRP and OSPF,

14.Push flag
If the application doesn't have any data to send, then it sets the push flag and informs the
TCP stack to push all the data from the sending buffer.

15.Urgent flag
If application has urgent data to send, then it sets the urgent flag and inform the TCP stack
to prioritise the data urgent data by holding the processing of other data

16.Reset flag
The client is requesting for some service, but that service is not available means then server
will send the reset flag.

17.Urgent pointer
Urgent pointer indicates where the urgent data starts and ends.

18.SACK
SACK is selective ACK, it uses the left edge and right edge to point out the missing data, it
informs the sender to resend the missing segment.

19.Window scaling
The normal window size is 65,535 bytes by using window scaling we can increase the size
of the window to 1GB.

20.TCP Option
TCP options are maximum segment size, selective acknowledgement, window scaling, time
stamp and no options.
TCP options are negotiated through the sync message

21.More fragment
If one packet is converted into 5 fragments, MF bit is set to 1 for first four fragments and MF
bit set to 0 for final fragment

22.IP flags
IP flags are don't fragment and more fragment

23.Don't fragment
If router receives the packet with don't fragment set to 1 then router will not fragment the
packet To fragments the packet, DF bit should be set to 0

24.How does the packet get reassembled?

The packets are reassembled by using identification, flag and fragmentation offset field.

25.OSI layer live example:

● Once I enter Google.com, the application layer invokes HTTP protocol then it will
pass the data to the presentation layer.
● In presentation layer data translation, data encryption and data compression take
place according to requirements. Then the data is passed to the session layer.
● The session layer will create a session between the laptop and Google server. Then
data passed to transport layer
● In the transport layer TCP header will be added, the main fields are source port
number and destination port number. The source port is randomly selected by laptop
and destination port number is 80. then segment is passed to network layer
● In the network layer IP header will be added, the main fields are source IP address
and destination IP address. The source IP address is the IP address of the laptop
and destination IP address is the IP address of google server. Then packet is passed
to data link layer
● In data link layer ethernet header and trailer is added, the main fields are source
and destination Mac address. The source Mac is the Mac of the laptop and the
destination Mac is the Mac address of the gateway.
● Then the frame is passed to the physical layer, the physical layer converts the
frames into binary bits. Binary bits are travelled into the network.
● This is live example of OSI layer model