4BHEL KSN Test (Group A)

2024-04-09

Max. 100 points

Name:

Task Max. Achieved
1 12
2 12
3 12
4 36
5 28
Sum 100
Grading: >= 88: 1, >=76: 2, >=64 : 3, >=51: 4, <=50: 5

Requires header tables!

  1. Internet Protocol Suite (TCP/IP)
    1. Answer the following statements indicating whether they are True or False.
      0-3 correct: 0 points, 4 correct: 4 points, 5 correct: 8 points, 6 correct: 12 points.
      Statement True False
      An IPv6 address has 4 bytes (octets).
      ping sends ICMP ECHO_REQUEST to network hosts.
      TCP and UDP are ip layer protocols.
      QUIC is an application layer protocol.
      Wireshark can be used to interpret hex dumps of network traffic.
      Port numbers identify sending and receiving application end-points on a host.
    2. Answer the following statements indicating whether they are True or False.
      0-3 correct: 0 points, 4 correct: 4 points, 5 correct: 8 points, 6 correct: 12 points.
      Statement True False
      Postel's law states: "Be liberal in what you accept, and conservative in what you send".
      SSH allows remote logins to other computers.
      SSH uses port 80.
      Application layer protocols provide process-to-process communications across an Internet Protocol (IP) computer network
      HTTPS uses port 465 as default.
      Users should generally prefer HTTP over HTTPS.
  2. Wireshark The following hex dump is from an echo request from computer A to computer B. It shows an ethernet frame from the beginning that is cut off before the end. Answer the following questions / fill out the appropriate values using this hex dump and the relevant header tables. 
    0000   9c b6 54 0b e5 5b c8 94 02 f8 a6 1d 08 00 45 00
0010   00 54 b1 25 40 00 40 01 74 45 0a 00 00 ba 0a 00
0020   00 85 08 00 40 cb 95 9a 00 17 78 35 14 66 00 00
0030   00 00 cd 14 09 00 00 00 00 00 10 11 12 13 14 15
0040   16 17 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25
0050   26 27 28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35
0060   36 37
    1. 4 points each
      • Next node's MAC address:
      • Computer A's MAC address:
      • EtherType (in hex):
      • Next node's MAC address: 9c:b6:54:0b:e5:5b
      • Computer A's MAC address: c8:94:02:f8:a6:1d
      • EtherType (in hex): 0x0800 (IPv4)
    2. 4 points each except 8 points for each IP address
      • Internet protocol version (decimal):
      • Header length (bytes, decimal):
      • Total length (bytes, decimal):
      • Time to live (decimal):
      • Protocol (text; {1: ICMP, 6: TCP, 17: UDP}):
      • Source IP (dot-decimal notation):
      • Destination IP (dot-decimal notation):
      • Internet protocol version (decimal): 4
      • Header Length (bytes, decimal): 5 * 4 = 20
      • Total length (bytes, decimal): 84 (0x054)
      • Time to live (decimal): 64 (0x40)
      • Protocol (text): ICMP (1)
      • Source IP: 10.0.0.186 (0a 00 00 ba)
      • Destination IP: 10.0.0.133 (0a 00 00 85)
    3. The following hex dump is the TCP header of the Diffie-Hellman Key Exchange Init. Answer the following questions / fill out the appropriate values.
      6/ 2/ 6/ 2/ 4/ 4/ 4 points 
      0000   d1 8a 00 16 ec 24 7f 93 8b f3 da 71 80 18 01 f5
0010   c0 3d 00 00 01 01 08 0a 89 e6 9f cc 54 a6 33 11
      • Source port (decimal):
      • Is the source port a well known port? If yes, which one?
      • Destination port (decimal):
      • Is the destination port a well known port? If yes, which one?
      • Data offset (bytes, decimal):
      • Checksum (hex):
      • Reserved (binary):
      • Source port (decimal): 53642 (0xd18a)
      • Is the source port a well known port? If yes, which protocol? no
      • Destination port (decimal): 22 (0x0016)
      • Is the destination port a well known port? If yes, which protocol? SSH
      • Data offset (bytes, decimal): 8 * 4 = 32
      • Checksum (hex): 0xc03d
      • Reserved (binary): 0b0000