HIGHER EDUCATION PROGRAMMES

Memorandum

Academic Year 2020: July - December

Formative Assessment 1: Network Systems 2C – (HNTS202-1)

NQF Level, Credit: 6, 15

Weighting: 20%

Assessment Type: Essay Questions

Educator: T. S. Samusodza

Examiner: L. Carolus

Due Date 04 September 2020

Total 100 Marks

Instructions
 This paper consists of Eight (8) questions.
 It is based on Lesson 1 - 4 of your student manual.
 All questions are compulsory.

1 HNTS202-1-July-Dec2020-FA1-Memo-LC-V3-29052020
Question 1 [16 Marks]

Compare and contrast the Transmission Control Protocol/Internet Protocol (TCP/IP) and
the Open Systems Interconnection (OSI) model.

Answer (Note to grader: Allocate a maximum of 16 marks. Grader discretion applies.

Some students may use a table)

These are the four layers of the TCP/IP reference model:

• Application layer: ✔ Defines the protocols used by applications as well as how host

applications interface with the transport layer protocols to access network resources. ✔

• Transport layer: ✔ The protocols that manage session connections between host

computers and control data transfer. ✔

• Internet layer: ✔ The protocols that package data into IP datagrams, which include
source and destination information, to control packet routing between hosts and across
networks. ✔

• Network interface layer: ✔The protocols that define how IP datagrams are packaged

and physically transmitted through the network. ✔

Application Layer✔

The application layer of the TCP/IP layered reference model corresponds to the OSI
model's application, presentation, and session layers. This layer provides protocols and
utilities (compression, encryption, and so forth) and formats application data to be
received by the transport layer. ✔

Transport Layer✔

The TCP/IP transport layer corresponds to the transport layer of the OSI model. This layer
is responsible for source-to-destination session management and defines TCP or User
Datagram

2 HNTS202-1-July-Dec2020-FA1-Memo-LC-V3-29052020
Protocol (UDP) as the means of data transport. A programmer determines whether an
application uses TCP or UDP as the transport mode. The transport layer sends data to
the Internet layer when transmitting from the source, and interfaces with the application
layer when receiving at the destination. Data segments are encapsulated in transport
layer Protocol Data Units (PDUs). ✔

Internet Layer✔

The Internet layer corresponds to the OSI model's network layer and includes several
protocols including IP (v4 and v6), Address Resolution Protocol (ARP), Internet Control
Message Protocol (ICMP), and Internet Group Management Protocol (IGMP). Protocols
at this layer encapsulate transport layer data (PDUs) into IP datagrams, which contain
source and destination information used to route datagrams between host connections
and across networks. ✔

Network Interface Layer✔

The network interface layer corresponds to the physical layer (layer 1) and the data link
layer (layer 2) of the OSI model. The function of the physical layer is to frame packets
and convert the frame into streams of bits appropriate for the medium, as well as
synchronize signals for the transmission. The data link layer subdivides into two layers:
the MAC sublayer provides the interface with the network adapter, and the logical link
control sublayer provides error-checking functions and manages links between
communicating devices. ✔

Leaning Outcome: Identify the TCP/IP Protocol Suite

Reference: Lesson 1, page 2-5

3 HNTS202-1-July-Dec2020-FA1-Memo-LC-V3-29052020
Question 2 [8 Marks]
A client has just begun configuring his network and has called you, a network
administrator, to assist him on understanding what IPv4 addressing is. Present the ideas
which demonstrate the core functions of IPv4 addressing.

Answer (Note to grader: Allocate a maximum of eight [8] marks)

As with telephone numbers and postal systems, IPv4 addresses ensure that messages
are sent to the intended destination. ✔

IP addresses allow for network layer data routing of IP datagrams from one IP device
connection (source) ✔to another (destination) ✔ over a network or across networks in
large internetworked environments. Each networked device must be configured with a
unique IP address in order to transmit data packets from a source to the correct
destination machine. ✔

An IPv4 IP address consists of 32 bits divided into four units of 8-bit values called octets,
and each octet is separated by a period (or dot). ✔ To make IPv4 addresses easier for
humans to manage, IPv4 address formatting expresses binary bit values as dotted
decimal notation. ✔ Each octet converts to a decimal number between 0 and 255. ✔ The
IPv4 address 192.168.1.100 represents the decimal notation for binary strings of 1s and
0s computers use to communicate on a network. ✔

Learning Outcome: Implement IPv4 addressing

Reference: Lesson 1, page 9

4 HNTS202-1-July-Dec2020-FA1-Memo-LC-V3-29052020
Question 3 [12 marks]

You are a network specialist and you are teaching junior assistants how to get to know
your IP address. Upon executing the “ipconfig” command in command prompt, the results
show the IP address, Subnet mask and Default gateway. In Question 2, you have already
demonstrated the core ideas of IPv4 addressing. Now, explain the roles of Subnet Masks
and Default Gateways.

Answer:

Subnet Masks

When you configure each TCP/IP host's network adapter with a logical IPv4 address, the
dotted decimal address identifies both the specific network and the unique host
connection on the network: ✔

• The network ID uses a certain number of bits, starting with the left octet in decimal
notation, and identifies a specific logical network segment as unique within a larger
TCP/IP internetwork, which may comprise many individual networks. All TCP/IP
hosts within a single network segment share a common network ID as part of the
IP address. ✔

• The host ID uses the remaining bits and identifies a specific TCP/IP device such
as a server, workstation, router interface, or other IP addressable node within a
network. The host ID identifies a single, unique device connection that is part of a
specific network. ✔

 The subnet mask identifies which part of the IPv4 address is the network ID and
which part is the host ID. In its simplest implementation, the default subnet mask
is either 255 or 0. Octets with a value of 255 identify the network ID part of the
address, and a value of 0 identifies the host part of the address. ✔

5 HNTS202-1-July-Dec2020-FA1-Memo-LC-V3-29052020
  So, for the IP address 192.168.1.100 and the subnet mask 255.255.255.0, the
network ID is 192.168.1.0 and the host connection ID is 0.0.0.100. ✔

 Another way to write the IP address and subnet mask is to use a forward slash
followed by the number of bits in the subnet mask, 192.168.1.100/24. This notation
method stems from classless interdomain routing (CIDR), but is used extensively
as a shorthand method to identify a subnet mask in simple subnetting
implementations. ✔

 IP addresses are associated with network adapter interface connections, rather

than with a specific device such as a computer. Networked devices may have more
than one network adapter interface connection, such as servers and routers. ✔

Default Gateway

A gateway is a node (a router) on a TCP/IP network that serves as an access point to

another network. A default gateway, usually a router, provides a default route used by
TCP/IP hosts to forward packets to hosts on remote networks. On a local subnet, you
configure the local hosts with the IP address of the router, which is the default gateway,
to enable local hosts to communicate with hosts on another network. ✔

Before a host attempts to establish communication with another host, it first checks its
subnet mask to determine if the destination host is in its local network or on a remote
network. If a host is forwarding data to a host on the same network, the host queries its
internal ARP table for the physical MAC address corresponding to the local IP of the
destination host. If the address is not found, the source host issues an ARP broadcast to
build the routing table of hosts on the local network. However, if the destination host is on
a remote network, the sending host transmits the packet to the default gateway or router
for transmission. ✔

6 HNTS202-1-July-Dec2020-FA1-Memo-LC-V3-29052020
In order for a host on one network to communicate with a host on another network, the
source host first checks its internal routing table to determine if a specific route to the
destination host exists. If the routing table contains no entries for the other network, the
host forwards the IP packet to its default gateway, which maintains the routing information
necessary to forward the IP packet to the destination network. ✔

If a host is configured with the IP address of one default gateway and the router fails, the
host will be unable to communicate beyond its local subnet. Depending on your network
configuration, a host may be configured with more than one default gateway using
advanced TCP/IP settings in Windows Server 2016. ✔

If you choose to configure multiple default gateways, you should assign each default
gateway a different metric (lower is better) to help Windows avoid confusion.
Set the preferred default gateway with a metric of 1, with all other default gateways having
different, higher numbers. ✔

Learning Outcome: Configure and Troubleshoot IPv4

Reference: Lesson 1, page 27

Question 4 [26 Marks]

4.1 You work at Cybersmart South Africa. A client has called you, a network support
agent, saying that he is thinking of switching over from IPv4 to IPv6. Analyse the benefits
of this transition.
[15 marks]

7 HNTS202-1-July-Dec2020-FA1-Memo-LC-V3-29052020
Answer

There are many benefits to IPv6:

• Extended address space: ✔ IPv6 provides 128-bit IP addresses compared to 32-bit

addresses in IPv4. ✔ The IPv4 address space provides 232 or 4,294,967,296

possible addresses, of which a percentage is reserved for specific purposes.
Contrast this to the IPv6 address space, which provides 2128 or
340,282,366,920,938,463,463,374,607,431,768,211,466 possible addresses.
This astounding increase in addresses ensures support for the Internet's growth
and evolution as well as increased flexibility in capacity planning for enterprise
organisations. ✔

• Hierarchical addressing and router efficiency: ✔ Hierarchical addressing optimizes

IPv6 address management and reduces the size of routing tables, which enables
routers to process data more efficiently. ✔

• Stateless and stateful address auto-configuration: ✔ Stateless addressing allows

each host adapter to auto-configure a unique address using neighbor discovery of
IPv6 stateless devices to automate networking and communication. Stateful
addressing uses the DHCPv6 protocol and, as in IPv4, addresses are assigned
dynamically from a DHCP server. ✔

• Elimination of broadcasts: ✔ IPv4 uses Address Resolution Protocol (ARP)

broadcasts to discover the media access control (MAC) physical address of local
hosts to build a table of MACto-IP address mappings. IPv6 embeds this function
within IP as part of the stateless auto configuration function and uses the multicast
protocol (IGMPv6) to send multicast neighbor solicitation messages for neighbor
discovery. ✔

• Integrated Security (IPSec): ✔ IPv6 includes specifications for IPSec integration in the
protocol. Specifically, specifications require Authentication Header (AH) and
Encapsulating Security Payload (ESP) header support to ensure secure, reliable

8 HNTS202-1-July-Dec2020-FA1-Memo-LC-V3-29052020
 communication between different applications and devices. IPSec is required by
IPv6. It is not optional. ✔

• Integrated Quality of Service (QoS): ✔The IPv6 packet header includes two fields,
traffic class and flow label, which set a priority level for data traffic through a
network. For example, streaming video and audio applications require low latency
(minimal time delays) and high priority. The IPv6 source reduces problems with
packet fragmentation and time delays by determining the maximum size of the
data payload that can be transferred over the entire route to the destination. ✔

• Elimination of the need for NAT: ✔A key benefit to a larger address space is the
optional elimination of translation technologies such as NAT. This simplifies
network administration because hosts can engage in peer-to-peer communication
over the Internet, such as for real-time video conferencing and Voice over IP
(VoIP). NAT, however, will continue to be used by many organizations during their
transitions from IPv4 to IPv6. ✔

Learning Outcome: Implement IPv6 addressing

Reference: Lesson 2, page 36-37

4.2 You suggest that he transition to IPv6. Explain your reasoning by comparing IPv4 to
IPv6. [11 marks]

Answer: (Note to grader: 1 mark per comparison under the following topics to a
maximum of 11 marks)

Characteristic IPv4 IPv6

Addresses Source and destination Source and destination
addresses are 128 bits
addresses are 32 bits (4
(16 bytes) long. ✔
bytes) long.
IPSec support Optional. Microsoft® IPv6 requires IPSec.
Detailed specifications
includes IPSec in
ensure software and
Windows® 2000 and hardware vendors adopt

9 HNTS202-1-July-Dec2020-FA1-Memo-LC-V3-29052020
 later, but it is not the same standards in
implemented by all their implementations. ✔
vendors or
implementations are
vendor-specific.
QoS The IPv4 header does The IPv6 header
not include packet flow includes a flow label field
identification for QoS for QoS packet handling
handling by routers. by routers. ✔
Checksum Pv4 includes a The IPv6 header does
checksum in the header not include a checksum.
to detect errors in the ✔
header.
Packet Fragmentation Both the sending host The sending host
and routers fragment determines packet size
data packet traffic. based on network
segment maximum
transmission unit (MTU)
and what the destination
host can manage. ✔
Internet Group IPv4 uses IGMP to IPv6 uses Multicast
manage subnet Listener
Management Protocol
multicast group Discovery (MLD)
membership. messages to determine
subnet multicast group
membership. MLD
messages are sent as
ICMPv6 messages. ✔
Router Discovery Optional. IPv4 can use IPv6 replaces ICMP
Internet router discovery with
Control Message ICMPv6 Router
Protocol (ICMP) router Solicitation and Router
discovery to determine Advertisement
the IP address of best
default gateway. Messages✔
All-node broadcasting IPv4 uses broadcast IPv6 does not have
addresses to send traffic broadcast addresses. It
to all hosts on a subnet. uses a link-local scope
all-nodes multicast
address. ✔
ARP broadcasts IPv4 broadcasts ARP IPv6 replaces ARP
requests to resolve the broadcasts with

10 HNTS202-1-July-Dec2020-FA1-Memo-LC-V3-29052020
 IP address to MAC or
physical addresses
Configuration Manual configuration or
dynamic addressing
using DHCP.
Resource records Uses host (A) resource
records in DNS to map
host names to IPv4
addresses.
multicast neighbour
solicitation messages. ✔
Offers auto-
configuration. IPv6 does
not require DHCP or
manual configuration. ✔
Uses IPv6 host (AAAA)
resource records in DNS
to map host names to
IPv6 addresses. ✔

Learning Outcome: Implement IPv6 Addressing

Reference: Lesson 2, page 37-38

Question 5 [11 Marks]

You are setting up the DCHP Server role for your newly formed company. Examine the
steps followed when configuring the DCHP Server role. Isolate the steps that should be
implemented first. Motivate your answer.

Answer:

Before a DHCP server can be used on the network, it must be authorized and you must
create scopes. ✔ A DHCP scope is a contiguous range of IP addresses managed by a

DHCP server and leased to DHCP clients. ✔ An administrator creates a DHCP scope for
each physical subnet and then configures scope options or parameters used by clients.
✔

An IP scope consists of IP addresses for a specific subnet. ✔

When you configure a scope, you set specific property values:

• The scope name. ✔

11 HNTS202-1-July-Dec2020-FA1-Memo-LC-V3-29052020
• The IP addresses available for lease (you may exclude some IP addresses for statically
configured devices on a subnet including the DHCP server on which the scope is
configured). ✔

• The subnet mask, which establishes the client's location in the network. ✔

• Lease duration values, which are assigned to DHCP clients. Set shorter durations for
scopes with a limited number of IP addresses or in situations in which clients need highly
dynamic addressing (mobile users). Set longer lease durations for clients that are stable
on the network. ✔

• Exclusions, which are addresses not offered for lease. ✔

• Reservations, which predefine the relationship between an IP address and a machine's

media access control (MAC) address. This configuration setting ensures that a DHCP
client always receives the same address for which it is reserved. Reservations are useful
for devices such as printers; the device can always be contacted using the same IP
address. ✔

• Options, which may be configured to provide information to specific clients. ✔

Learning Outcome: Installing the DCHP Server role

Reference: Lesson 3, page 74

Question 6 [11 marks]

You are an IT lecturer at a university, and you have been tasked with teaching students
how to secure a DHCP server. While it can be complex, there are a few features built into
Microsoft Server 2016 that assists in this process.

Analyse the features in Microsoft Windows Server 2016 that can be used to secure and
monitor your DCHP server?

Answer

12 HNTS202-1-July-Dec2020-FA1-Memo-LC-V3-29052020
Audit Log Fields: ✔A DHCP server audit log provides critical information regarding
activity on the DHCP server. The following table describes the information you will find in
the various fields from an audit log. ✔

Common Event Codes: ✔ DHCP server audit log files use reserved event ID codes to
provide information about the type of server event or activity logged. Each log lists the
event IDs and their description followed by output of DHCP activity for a specific day. ✔

Network Access Protection (NAP) and DCHP: ✔ Network Access Protection (NAP) is
an infrastructure setup that requires clients to prove the system health by having antivirus
installed, with suitable firewall settings, and running updating patches before they are
permitted to connect to the network. A DHCP server can be configured to be a NAP
enforcement point on a per-scope basis. It can refuse to grant an IP lease to noncompliant
clients.

Since DHCP servers on Windows Server 2016 will no longer enforce NAP-based policies,
you cannot add NAP policies to DHCP scopes anymore. When client computers that were
NAP-enabled send a DHCP request, Windows Server 2016 DHCP servers will treat them
as if they were not NAP-enabled and process the request normally. ✔

Unauthorized Servers: ✔Most networks undergo immense changes over time as new
and different technologies are adopted by IT departments and integrated into the current
network environment. The result often is highly heterogeneous networks that deploy and
implement different network operating systems and server services solutions. A non-
Windows DHCP server does not authenticate with Active Directory and can be configured
on the network to process client requests. At the very least, clients may receive incorrect
configuration data. ✔

DHCP Administration Delegation: ✔Despite security concerns you may wrestle with
when you deploy and manage DHCP servers on a network, network and system
administration involves many responsibilities, and you must delegate responsibility to
others for managing areas of operation in large networks. Commit to striking a balance
between security and delegated administration:

13 HNTS202-1-July-Dec2020-FA1-Memo-LC-V3-29052020
 • Restrict membership of the DHCP Administrators group as much as possible. Any
DHCP Administrator can manage the DHCP server service. ✔
• Those who require only read access should be assigned membership in the DHCP
Users group. ✔

Learning Outcome: Install the DHCP Server Role

Reference: Lesson 3, page 84-86

14 HNTS202-1-July-Dec2020-FA1-Memo-LC-V3-29052020
Question 7 [12 Marks]

Sue is the owner of a business. She has asked you to configure her network. Upon doing
this task, you see that she is already running on IPv6. You are now tasked with configuring
DCHP on her Microsoft Server 2016.

Identify and explain the DCHP options available for IP addresses with the IPv6 protocol,
differentiate between that option and the DCHPv6.

Answer

DHCPv6 is used to manage IP addresses on a network with the IPv6 protocol. ✔IPv6

clients do not directly require a DHCP server to assign an address. ✔IPv6 clients can do
an auto-configuration using a protocol configuration called Stateless Address Auto
Configuration (SLAAC). ✔ However, the DHCPv6 feature allows administrators to
manage the network in a more efficient way by using two different modes, stateless and
stateful: ✔

 In the stateless mode, the IPv6 client only gets additional network parameters of
the IPv6 address, including the router address, DNS servers, and so on. ✔
 In the stateful mode, the IPv6 client accepts the IPv6 address from the DHCPv6
server instead of using the local router configuration. ✔

Differentiation:

DHCPv4 was created to manage the allocation of a limited set of IPv4 addresses to client
systems. ✔ IPv4 is based on 32-bits and has a limited set of available IP addresses. ✔
However, IPv6 is based on 128-bits, enabling the allocation of a larger set of IP addresses
to clients. ✔ The IPv6 protocol has a built-in feature called Stateless Address Auto
Configuration (SLAAC), which allows client systems to configure themselves with a valid
IPv6 address. IPv4 addresses are configured either manually or through DHCP. ✔

15 HNTS202-1-July-Dec2020-FA1-Memo-LC-V3-29052020
IPv4 address (A) resource records in DNS enable you to map host names to IPv4
addresses. ✔IPv6 address (AAAA) resource records in DNS enable you to map host

names to IPv6 addresses. The IPv4 header includes a checksum. ✔

Learning Outcome: Implementing DCHP

Reference: Lesson 3, page 94-96

Question 8 [4 Marks]

A Domain Name System (DNS) zone is a contiguous portion of the DNS namespace for
a domain, such as fuller.com. The zone contains resource records that include the
necessary information to perform name resolution services.

List the four different DNS zones.

Answer

• Primary zone✔

• Secondary zone✔

• Stub zone✔

• Active Directory–integrated zone✔

Learning Outcome: Configuring DNS Server role

Reference: Lesson 4, page 119

16 HNTS202-1-July-Dec2020-FA1-Memo-LC-V3-29052020