TDC 375-701 Mid-term Study Guide 2009-10-05 * You have the entire class time to finish this exam. * NO calculators, books, mobile devices, etc. allowed. * You may use one 8 1/2" x 11" crib sheet (double sided) for notes. * Be clear and neat, if I can't read it, its wrong. * Don't panic. We've roughly followed the major topics of the assigned course text thus far. This document will highlight the key subject areas from the text, identifying the major sections to pay attention to. I'll point out specific areas that you are not responsible for. When in doubt, assume it'll show up on the exam. Feel free to ask explictly too. I'll include some additional material in each section wher I've added material that may not be in your book. This includes my custom slide decks and real world scenario notes. *** Week 1 *** Chapter 1 - Introduction You should know who the IETF is and what they do. You should have looked at some RFCs and be familiar with some of the common status types. Chapter 2 - The OSI Model and the TCP/IP Protocol Suite You should have a good understandng of what each layer in TCP/IP protocol tends to entail, particularly the network layer. This includes network layer services such as addressing, routing and fragmentation. You should know the difference between unicast, broadcast and multicast. You should know what MTU means. You should have a pretty idea of many of the things that occur at the network protocol layers when a client boots up and attempts to begin communicating with a remote network host. Chapter 4 - Introduction to the Network layer You should understand the difference between packet switching and circuit switching as well as connection-oriented and connectionless service. You should have an idea of what error control, flow control, congestion control, quality (class) of service means. You should know how to a host will packetize data, add protocol headers, trailers and if necessary perform fragmentation and understand how to segment application data into packets. Other: You should have an idea of what Conficker was. You should have a good idea of how the operations community used "sinkholes" to mitigate Conficker. You should have a rudimentary understanding of the end-to-end argument and be able to examine a system and determine how it might or might not have correctly applied those arguments in the system setup/design. NOTE: Its assumed you know some of the following material, but the exam material will not cover it specifically: Chatper 3 - Underlying Technologies *** Week 2 *** Chapter 5 - IPV4 Addresses You should know how many bits make up an IPv4 address, as well as how to convert between binary and decimal notations. You should understand how the classful addressing system worked, but understand that it is obsolete and why. You should understandard "slash" (/) notation and how addresses are formed of a "network part" and "host part". Given an address and its mask, you should be able to do all sorts of things to it, including identifying the network, directed broadcast, address range and number of addresses. You should be able to subnet a block of addresses further. You should know a few of the special address netblocks such as RFC 1918, loopback, limted broadcast and so on. You should know what NAT is and understand its trade-offs. Other: You should have a good idea of what Steve Deering's IETF 51 presentation we watched was all about, the major themes and his motivations. You should know what a bogon is. You should have used the ifconfig (or ipconfig on Windows) and be able to read its output. *** Week 3 *** Chapter 6 - Delivery and Forwarding of IP Packets You should know when an IPv4 router is used or not. You should know what a next-hop is and how forwarding is done primarily based on the most-specific (longest, best) prefix match. You should have a general idea of what MPLS is, where it tends to be used and why. Chapter 7 - Internet Protocol Version 4 (IPv4) You should know a fair amount about IPv4, including how it fits into the TCP/IP protocol suite and various details about the datagram header fields, including, but not limited to header length, total length, id, flags, fragment offset, TTL, type, checksum, source and destination address. You should also be familiar with IP options. Other: You should be familiar with the terms, default-free, ships-in-the- night and traffic engineering. You should have used whois and traceroute. You should have an idea of what Netflow is. NOTE: You will NOT be responsible for anything specific to IP over ATM. You will NOT be responsible for knowing how to calculate the IP header checksum. *** Week 4 *** Chapter 8 - Address Resolution Protocol (ARP) You should know what ARP does and what fields make up its format. You should have an idea of what other uses there are for ARP and what security threats ARP is exposed to. You should know what an ARP table (or cache) is and why or how one might be used. You should know how ARP fits into the TCP/IP protocol suite. Chapter 9 - Internet Control Message Protocol Version 4 (ICMPv4) You should know how ICMP fits into the TCP/IP protocol suite. You should be familiar with a few different ICMP messages and the common header format. You should know which ICMP messages are most useful in practice and why. You should understand the trade-offs in filtering versus allowing various types of ICMP messages. You should know how traceroute and PING may or may not use ICMP messages. Other: You should understand what routing is and its basic operation. How routers remove L2 headers, do various checks and make forwarding decisions. You should be familiar with what BGP is and who uses it. You should know what an AS and ASN is. You should be able to identify major attributes of a routing table. You should also know the difference between route security and router security. NOTE: You will NOT be responsible for anything to do with ATMARP. While you should be familiar with some basic routing protocols and concepts, we did not get to deal with the majority of Chapter 11, so most of the material there will not apply to this exam. $Id: midterm-guide.txt,v 1.2 2009/10/07 23:03:18 jtk Exp $