Chapter 17 - Troubleshooting Tools

Question 1

What command can you type from a command prompt to see the hops a packet takes to get to a destination host?

Answer 1

traceroute or tracert

Question 2

What tool would you use to verify a complaint about a slow network?

Answer 2

Throughput tester

Question 3

You need your IP address, subnet mask, default gateway, and DNS information. What command will you type from a Windows command prompt?

Answer 3

ipconfig /all

Question 4

You need to log in as a dumb terminal to a server or Unix host and run programs. What application will you use?

Answer 4

Telnet

Question 5

You need to add a route to your Windows server’s routing table. What command will you use?

Answer 5

route

Question 6

You want to log in to a server and transfer files. What application will you use?

Answer 6

FTP

Question 7

You need to check your name-resolution information on your host. What command will you type from the command prompt?

Answer 7

nslookup

Question 8

You want to use netstat , but you want to see only the IP address, not the names of the hosts. Which modifier will you use?

Answer 8

netstat-n

Question 9

You want the IP configuration on a Unix host. What command will you type at the command prompt?

Answer 9

ifconfig

Question 10

Which Windows command will show you the routing table of your host or server?

Answer 10

route print

Question 11

Which TCP/IP utility is most often used to test whether an IP host is up and functional?

A. ftp
B. telnet
C. ping
D. netstat

Answer 11

C. The program Packet Internet Groper ( ping ) is used to find out if a host has the IP stack initialized.

Question 12

Which TCP/IP utility will produce the following result? Interface: 199.102.30.152 Internet Address Physical Address Type 199.102.30.152 A0–ee–00–5b–0e–ac dynamic

A. arp
B. netstat
C. tracert
D. nbtstat

Answer 12

A. The arp utility is used to display the contents of the ARP cache, which tracks the resolution of IP addresses to physical (MAC) addresses and will produce the displayed output.

Question 13

Which Windows utility can you use to connect to a machine 50 miles away to troubleshoot?

A. Remote Desktop
B. netstat
C. arp
D. Wireshark

Answer 13

A. Microsoft has made what it calls Remote Desktop software available for free with Windows products since Windows NT. When this software is installed (installed by default in later versions) on both source and destination computers, a remote desktop connection can be made.

Question 14

Which TCP/IP utility might produce the following output?

Reply from 204.153.163.2: bytes=32 time=1ms TTL=128 Reply from 204.153.163.2: bytes=32 time=1ms TTL=128

Reply from 204.153.163.2: bytes=32 time=1ms TTL=128 Reply from 204.153.163.2: bytes=32 time<10ms TTL=128

A. tracert
B. ping
C. WINS
D. ipconfig

Answer 14

B. The purpose of the ping utility is to test the communications channel between two IP hosts as well as how long it takes the packets to get from one host to another.

Question 15

Which utility can you use to find the MAC and TCP/IP addresses of your Windows workstation?

A. ping
B. ipconfig 
C. ipconfig /all 
D. tracert 
E. telnet

Answer 15

C. The ipconfig /all utility will display the current configuration of TCP/IP on a given workstation—including the current IP address, DNS configuration, WINS configuration, and default gateway.

Question 16

Which ping commands will verify that your local TCP/IP interface is working? (Choose all that apply.)

A. ping 204.153.163.2 
B. ping 127.0.0.1 
C. ping localif 
D. ping localhost
E. ping iphost

Answer 16

B, D. The address 127.0.0.1 is the special IP address designated for the local TCP/IP interface. The hostname localhost is the hostname given to the local interface. Therefore, pinging either the IP address or the hostname for the local interface will tell you whether the local interface is working.

Question 17

Which command-line tool can you use to find this information without physically going to the computer?

A. ping 
B. nbtstat 
C. arp 
D. netstat 
E. ftp

Answer 17

A. The command nbtstat–r displays all the name resolutions performed by the local client as well as their associated IP addresses. The–R switch will reload the cache.

Question 18

Which nbtstat utility switch will purge and reload the remote NetBIOS name table cache?

A. -r
B. -R
C. /r
D. /R

Answer 18

9. B. To purge and reload the remote NetBIOS name cache, you must use nbtstat –R. Remember that the R must be uppercase and that it will not work correctly without the hyphen before it.

Question 19

Wireshark is an example of a ?

A. Throughput tester
B. Protocol analyzer
C. Remote connection tool
D. IDS

Answer 19

10. B. Commercial sniffers like Wireshark and Omnipeek can capture any packets because they set the NIC to operate in promiscuous mode, which means the NIC processes all packets that it sees.

Question 20

Which utility produces output similar to the following?

1 110 ms 96 ms 107 ms fgo1.corpcomm.net [209.74.93.10]

2 96 ms 126 ms 95 ms someone.corpcomm.net [209.74.93.1]

10 209 ms 202 ms 195 ms pos3–1–155M.br4.SJC.globalcenter.net [206.132.150.98]

A. arp
B. tracert
C. nbtstat
D. netstat

Answer 20

11. B. The tracert utility will give you that output. The tracert command (or trace for short) traces the route from the source IP host to the destination host.

Question 21

You are the network administrator. A user calls you, complaining that the performance of the intranet web server is sluggish. When you try to ping the server, it takes several seconds for the server to respond. You suspect that the problem is related to a router that is seriously overloaded. Which workstation utility could you use to find out which router is causing this problem?

A. netstat 
B. nbtstat 
C. tracert
D. ping 
E. arp

Answer 21

12. C. The tracert utility will tell you which router is having the performance problem and how long it takes to move between each host. Tracert can be used to locate problem areas in a network.

Question 22

Which ipconfig switch will display the most complete listing of IP configuration information for a station?

A. /all
B. /renew
C. /release
D. /?

Answer 22

A. The ipconfig /all switch will display the most complete listing of TCP/IP configuration information, also displaying the MAC address, DHCP lease times, and the DNS addresses.

Question 23

Which Windows TCP/IP utility could you use to find out whether a server is responding on TCP port 21?

A. tcp 
B. port
C. ping 
D. nbtstat 
E. telnet

Answer 23

15. E. The telnet utility can be used to test if a particular IP host is responding on a particular TCP port.

Question 24

Which utility will display a list of all the routers that a packet passes through on the way to an IP destination?

A. netstat 
B. nbtstat 
C. tracert 
D. ping 
E. arp

Answer 24

13.

Question 25

Which arp command can you use to display the currently cached ARP entries?

A. arp 
B. arp–all 
C. arp a 
D. ipconfig arp 
E. arp ipconfig

Answer 25

C. The arp a command will display the current contents of the ARP cache on the local workstation.

Question 26

Which command-line tool would best be used to verify DNS functionality?

A. netstat 
B. nbtstat 
C. dig 
D. icmp 
E. arp

Answer 26

C. dig is an old UNIX command that will show you DNS server information.

Question 27

Which of the following arp utility switches perform the same function? (Choose all that apply.)

A. -g
B. -A
C. -d
D. -a

Answer 27

A, D. The arp utility’s–a and–g switches perform the same function. They both show the current ARP cache.

Question 28

Which of the following is NOT a chain type used by iptables ?

A. Forward
B. Backward
C. Input
D. Output

Answer 28

B. There are three different chain types: Input: Controls behavior for incoming connections. Forward: Used for incoming connections that aren’t being delivered locally (like a router would receive) Output: Used for outgoing connections

Question 29

Which command captures traffic on all interfaces?

A. tcpdump i any
B. tcpdump i eth0
C. tcpdump host 192.168.5.5
D. tcpdump host all

Answer 29

A. To capture traffic on all interfaces, use the any keyword with the i (interface) switch.