Chapter 3 Flashcards

1
Q

Netflow

A

Is a Cisco network protocol that collects IP traffic information, allowing network traffic monitoring. Flow data is used to provide a view of traffic flow and volume. A typical flow capture includes the IP and port source and destination for the traffic and the class of service. Netflows and a netflow analyzer can help identify service problems and baseline typical network behavior and can also be useful in identifying unexpected behaviors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Windows netstat - o output

A

Provides ethernet statistics on how many bytes and packets have been sent and received. Also shows Discards, errors and unknown protocols.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Windows netstat -e

A

Shows various information depending on the OS, Windows shows the destination network, netmask, gateway, interface the route is associated with and a metric for the route that captures link speed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Windows netstat -nr

A

This means that running netstat from a system can provide information about both the machine’s network behavior and what the local network looks like. Knowing what machines a system has or is communicating with can help you understand local topology and services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

DHCP

A

Is a client/server protocol that provides an IP address as well as information such as the default gateway and subnet mask for the network segment that the host will reside on.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

DHCP being used in passive reconnaissance

A

When you are conducting passive reconnaissance, DHCP logs from the DHCP server for a network can provide a quick way to identify many of the hosts on the network. If you combine DHCP logs with other logs, such as firewall logs, you can determine which hosts are provided with dynamic IP addresses and which hosts are using static IP addresses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

nslookup

A

Uses DNS to translate URL’s to IP addresses and vice versa

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

traceroute

A

Traces the route by each hop. Will typically find that the last few responses stay the same. These are often the local routers and other network devices in an organization’s network, and knowing how traffic gets to a system can give you insight into the company’s internal network topology.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Border Gateway Protocol

A

Is responsible for looking at all of the available paths that data could travel and picking the best route, which usually means hopping between autonomous systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Domain Registrars

A

This means that registrars work with the domain name registries to provide registration services: the ability to acquire and use domain names. Registrars provide the interface between customers and the domain registries and handle purchase, billing, and day-to-day domain maintenance, including renewals for domain registrations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Zone Transfers

A

Are intended to be used to replicate DNS databases between DNS servers, which makes them a powerful information-gathering tool if a target’s DNS servers allow a zone transfer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Exif

A

Data often includes location and camera data, allowing the images to be mapped and identified to a specific device or type of camera.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Cisco Log Criticality 0-7. What level for emergencies and what is for debugging?

A

Log level 0 is used for emergencies in Cisco’s logging level scheme. Log level 7 is for debugging information and is at the bottom of the scale

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

axfr flag

A

It is one of the many mechanisms available for administrators to replicate DNS databases across a set of DNS servers. This is used for DNS Zone Transfers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly