Module 3 Prework

Question 1

What is Command Prompt?

Answer 1

Command Prompt is officially called Windows Command Processor, but it is also sometimes referred to as the command shell or cmd prompt, or even by its filename, cmd.exe.

Command Prompt is a command line interpreter application available in most Windows operating systems. It is used to execute entered commands. Most of these commands automate tasks, perform advanced administrative functions, and troubleshoot or solve certain kinds of Windows issues.

Question 2

What is Command Line in Unix?

Answer 2

The terminal is a platform in both Linux and macOS that provides the command line interface (CLI) environment for users in Linux and macOS operating systems.

Question 3

What is a Network?

Answer 3

A network is a collection of two or more devices that can interact with each other over links.

Question 4

What are examples of devices that can be used for networking?

Answer 4

A network can be composed of two to millions of devices. Laptops, phones, cameras, traffic controls, and even water carriers are all examples of these devices.

Question 5

What is a device?

Answer 5

a device is “an object or machine that has been invented for a particular purpose.”

Question 6

What is a connected device?

Answer 6

Imagine you have a device, and then you have another device. Then you connect them, enabling them to communicate and run things together! This is called a network.

With the help of a few physical components and with the proper interface (a shared boundary that allows two or more separate computer system components to exchange information), any number of devices can communicate, interact, and work together, as long as they speak the same language (aka protocols).

Question 7

What are computer networks?

Answer 7

Two or more computers that are connected
A computer network is a set of computers connected to each other, communicating with each other, sharing resources, and sending and receiving digital data.

Devices that connect to a network are not only personal computers, but also servers, smartphones, and other devices. For example, computer-embedded devices, such as printers, security cameras, and computerized sensors, are all types of devices that can be included in a computer network.

Computer networks allow the use of a vast number of services and applications, such as hardware devices (printers, storage servers, etc.), file sharing, mail exchange, and much more.

Question 8

How do computer networks connect?

Answer 8

By using a physical connection like a wired connection or a wireless connection.

Question 9

What types of networks exist?

Answer 9

PAN, LAN, MAN, WAN

PAN-Personal Area Network. Where only two computers are connected.

LAN-Local Area Network- Where a group of connected computers are connected limited to a building or specific place. Smaller computer networks in homes and offices are generally referred to as local area networks (LANs). Digital data can be transferred within the network by various means, such as through cables or over a wireless medium such as a Wi-Fi connection.

MAN-Metropolitan Area Network- Designed for a town or city.

WAN-Wide Area Network-the largest, global, The internet is an example of it.

Question 10

What is the World Wide Web?

Answer 10

The most significant and famous computer network is the World Wide Web, usually referred to as the Internet.

Question 11

If we are talking about connected devices what are protocols?

Answer 11

What happens when two devices try to communicate, but they don’t understand each other? In a sense, computer devices function similarly to humans - both humans and computers need to have an agreed-upon system of communication, a common language, to communicate successfully. For connected devices, we call these languages “protocols.”

Many protocols are used extensively in networking. They are often used in different stages of communication.
Like communication between people, all devices in a computer network need to know the same language to understand each other.

For communication over the Internet, one of the protocols used is the IP, the Internet Protocol, which you will learn soon.

Question 12

What does IP stand for?

Answer 12

the Internet Protocol,

Question 13

What is the Internet vs. the Itranet?

Answer 13

Internet: The Internet is used to connect various computer networks simultaneously. As the Internet is a public network, anybody can access it. On the Internet, numerous users have access to a plethora of information.

Intranet: An intranet is a private version of the Internet. Since it is a private network, no one can access an intranet. There are a small number of users on an intranet, and it supplies its users with minimal information.

Key Differences:

The Internet is a public computer network, whereas an intranet is a private network.

The Internet has many information sources, but an intranet is group-specific.

An intranet has fewer users than the Internet.

Anyone can access the Internet, but only employees or admins may access an intranet.

Question 14

What are the devices two modes of identification?

Answer 14

an IP address and a MAC address.

People also have two main forms of identification: names and fingerprints. We can change our names if we want to, but we can never change our fingerprints. Because every person has unique fingerprints, even if they change their name, there is always a trace of their identity.

In computers, the MAC address is analogous to our fingerprint and cannot be altered, whereas the IP address is analogous to our name and can be altered.

IP Address
Internet Protocol, or IP, is a unique identifier that identifies a device on the network. This address is modifiable. For example: 191.59.163.220.

MAC Address
Media Access Control, or MAC address, is a physical identifier that identifies a specific device on a network. Typically, the supplier is responsible for assigning the address. This address is not modifiable. For example: 79-44-88-8E-AA-DD.

Question 15

What does MAC Address stand for?

Answer 15

Media Access Control, or MAC address, is a physical identifier that identifies a specific device on a network.

Question 16

What are the relationships among network components?

Answer 16

Both the physical components and the software used to set up networks are shared among computer networks. The server, client, peer, transmission media, and connecting devices are all hardware components.

The operating system and protocols are software elements.

Question 17

What are Hardware Components in networking?

Answer 17

Servers, Clients, Transmission Media, Connecting Devices, Peers

Servers
Servers are high-configuration computers that manage the network’s resources. The network operating system is typically installed on the server to give users access to the network’s resources. Servers can take various forms, such as file servers, database servers, or print servers.

Clients
Clients are computers that request and receive access to and use of network resources from servers.

Peers
Peers are computers that both provide and receive services from other peers in a workgroup network.

Transmission media
Transmission media are the channels through which data is transferred from one device to another in a network. Transmission media may include coaxial cables, optic cables, and infrared waves.

Connecting devices
Connecting devices act as intermediaries between networks or computers and bind network media together. Some common connecting devices include:

1. Routers
2. Bridges
3. Hubs
4. Repeaters
5. Gateways
6. Switches

Question 18

What are Servers?

Answer 18

Servers
Servers are high-configuration computers that manage the network’s resources. The network operating system is typically installed on the server to give users access to the network’s resources. Servers can take various forms, such as file servers, database servers, or print servers.

Question 19

What are Clients when referring to Networking?

Answer 19

Clients
Clients are computers that request and receive access to and use of network resources from servers.

Question 20

What are Peers when referring to Networking?

Answer 20

Peers
Peers are computers that both provide and receive services from other peers in a workgroup network.

Question 21

What is Transmission Media when referring to Networking?

Answer 21

Transmission media
Transmission media are the channels through which data is transferred from one device to another in a network. Transmission media may include coaxial cables, optic cables, and infrared waves.

Question 22

What are Connecting devices when referring to Networking?

Answer 22

Connecting devices
Connecting devices act as intermediaries between networks or computers and bind network media together. Some common connecting devices include:

1. Routers
2. Bridges
3. Hubs
4. Repeaters
5. Gateways
6. Switches

Question 23

What are Software Components when referring to networking?

Answer 23

Network operating systems and Protocol Suites

Network operating systems are typically installed on the server and workstations in a network to allow the sharing of files, databases, applications, and printers.

Protocol suites
A protocol is a rule or guideline followed by each computer for data communication. A protocol suite is a set of related protocols established for computer networks. The two most-popular protocol suites are:

1. The OSI model
2. The TCP/IP model

Question 24

What is computer architecture?

Answer 24

The computer network architecture refers to the physical and logical design of the network components.

The architecture is based on how computers and network devices are arranged and how duties are assigned to them.

Understanding the network architecture is essential because it may assist with threat analysis and assessment, such as determining how data is transferred from one device to another. During the Bootcamp, we will look at network architecture in-depth, but for now, we will examine the two main types:

Peer-To-Peer network (P2P)
Client/Server network

Question 25

What are the two main types of computer architecture?

Answer 25

Peer-To-Peer network (P2P)
Client/Server network

Question 26

What is peer-to-peer (P2P)? Hint (architecture)

Answer 26

Peer-To-Peer (P2P)

A peer-to-peer network is a network architecture that enables two or more computer machines to link and exchange resources without needing a server. When all the computers are physically connected, such as in offices, they may establish a P2P network by physically connecting computers to a connected system or constructing a virtual network.

Peer-to-peer networks are beneficial for configurations with up to ten machines, and it does not contain a dedicated server.

Each device in a P2P network is recognized as a peer with functionalities that contribute to the network. Each computer functions as both a client and a server, sharing resources with other computers in the same network.

Question 27

Explain Client/Server Architecture

Answer 27

Client/Server

In a client-server architecture, multiple (physical or remote) clients request and receive services from a central server (host computer).

An easy-to-understand example of a client/server relationship is seen when using the Internet. When using an internet browser to access a website, the client is the computer running the browser software, which requests a web page from a web server. The web server receives this request and responds (or attempts to respond) by sending the web page back to the client computer.
The central operator is the server, whereas the clients are the devices demanding a resource. The server is the primary authority that executes all key functions, such as network administration and security.

A centralized server, which is a robust computer, operates as a hub to which clients can connect (it can be any device, such as a computer, phone, printer, etc.). This server is the core of the system, managing and providing resources to any client that needs them.

Question 28

What are the major differences between the two types of network architecture?

Answer 28

Client/Server
One central server manages all operations.
One powerful computer acts as the server.
Used in large and small organizations.
Easy to manage.
Configurations are only required on the central server.

Peer-to-Peer
No server controls the machines, and all have equal abilities.
No central server is needed.
Used in small organizations, up to ten devices.
Complex to manage.
Each device requires its own configuration.

Question 29

What is a network topology?

Answer 29

A network topology identifies how network devices are connected.

Question 30

What is a Bus Topology?

Answer 30

Bus Topology

In a bus topology, every computer and device on a network is connected to a single cable. A topology with exactly two endpoints is called a linear bus topology. In a bus topology, data is moved in only one direction, and each device is linked to a single cable.

Cost effective.
Has the lowest cable requirements among network topologies.
Useful for small networks.
Easy to understand.
Easy to expand by joining two cables together.

Disadvantages of Bus Topology:
If a cable fails, the whole network fails.
If network traffic is heavy, network performance decreasesץ
Cables have limited lengths.

Question 31

What is a mesh topology?

Answer 31

Mesh Topology

In a mesh topology, every device is connected to another device via a specific channel. These channels are known as links.
Robust.

Advantages of Mesh Topology:
Easy to diagnose problems. Data is reliable because it’s transferred among the devices through dedicated channels or links.
Provides security and privacy.

Disadvantages of Mesh Topology:
Installation and configuration are complicated.
Cable costs are high since bulk wiring is required. Thus, it’s only suitable for a smaller number of devices.
Maintenance costs are high

Question 32

What is Star Topology?

Answer 32

Star Topology

In a star topology, all devices on a network are connected to a single hub by a cable. This hub forms a central node to which all other nodes are connected. The hub can be passive, but can also be intelligent if it’s an active hub. Each node has its own connection to the hub, and the hub acts as a repeater for data flow.

Advantages of Star Topology:
Offers fast performance if there are few nodes and low network traffic.
Can be easily upgraded.
Easy to troubleshoot.
Easy to set up and modify.
If a node fails, the rest of the network can still function.

Disadvantages of Star Topology:It has a high installation cost.
It’s costly to operate.
If the hub fails, then the whole network fails, since all the nodes depend on the hub.
Performance is dependent on the hub and its capacity.

Question 33

What is Ring Topology?

Answer 33

Ring Topology

The name “Ring Topology” comes from the fact that each device is connected to another, with the last one connecting to the first. Each unit has two neighbors.

Ring topology employs several repeaters as it is comprised of many nodes. If someone wants to send data to the last node in a ring topology of 100 nodes, this data will have to pass through 99 nodes to reach the 100th node.

Data transmission is usually unidirectional, but it can be rendered bidirectional by connecting each network node to two connections. Dual ring topology is the term for this. Dual ring topology forms two ring networks, each with data flowing in the opposite direction of the other. If one ring fails, the second ring can act as a backup.
Ring Topology

Data is transferred sequentially (bit by bit). Transmitted data must pass through each of the network’s nodes until it reaches its destination node.

Advantages of Ring Topology:The transmitting network is not affected by high traffic or by the addition of more nodes, as only token-bearing nodes can transmit data.
It’s inexpensive to install and expand.

Disadvantages of Ring Topology:Troubleshooting is difficult.
Adding or deleting computers disrupts network activity.
Failure of one computer disrupts the entire network.

Question 34

What is Tree Topology?

Answer 34

Tree Topology

Tree topology, also called hierarchical topology, has a root node in which all other nodes are connected to it hierarchically. This hierarchy should have a minimum of three levels.

This topology is most commonly used in wide area networks and is suitable for group workstations.

Advantages of Tree Topology:Builds on bus and star topologies.
Nodes can be easily expanded.
Easy to manage and maintain.
Allows easy error detection.

Disadvantages of Tree Topology:Requires heavy cabling.
Costly to implement.
The more nodes added, the more difficult maintenance becomes.
If the central hub fails, the whole network fails

Question 35

What is Hybrid Topology?

Answer 35

Hybrid Topology

It is also possible to employ features of two or more topologies. For example, if one department of an organization uses a ring topology and another uses a star topology, connecting these will result in a hybrid ring and star topology.

Advantages of Hybrid Topology:Reliable, since error detection and troubleshooting is easy.
Effective.
Scalable, so networks can be easily increased.
Flexible.

Disadvantages of Hybrid Topology:
Its design can be complex.
Can be costly.

Question 36

What Is a Communication Network?

Answer 36

A communication network is a collection of methods that users employ to pass on valuable information. The communication network is the sum of all the means and methods that an organization employs for communication.

There are five types of communication networks:

Local Area Networks (LAN), Metropolitan Area Network (MAN), Wide Area Network (WAN), Wireless Networks, Inter-Networks (Internets)

Question 37

Explain the LAN communication network:

Answer 37

Local Area Network (LAN)

A LAN is a simple network connecting two or more devices in one physical location, allowing them to share files and networks. It can be simple, such as connecting home, and as complex as interconnecting an entire building.

It’s intended for small physical areas such as an office, a group of buildings, or a factory. LANs are widely used because they’re easy to design and troubleshoot. We can use different types of topologies (star, ring, bus, tree, etc.) to build a LAN.

LAN networks are also widely used to share resources such as printers and shared hard drives.

Question 38

Explain the MAN communication network:

Answer 38

Metropolitan Area Network (MAN)

A MAN is a bigger version of a LAN that employs similar technology. It is designed to extend over an entire city. It can be a means of connecting many LANs into a more extensive network, or it can be a single cable. MANs are mostly held and operated by single private or public enterprises.

MAN attributes:

It generally covers towns and cities (50 km).
The communication media used for MANs include optical fibers and cables.
It allows sufficient data speed for distributed computing applications.

Question 39

Explain the WAN communication Network:

Answer 39

Wide Area Network (WAN)

A WAN is used for networks that cover large areas such as states, countries, or continents. WANs are not easy to design or maintain. WANs operate on low data rates. They can be private, or they can be a publicly leased network.

WAN attributes:

It generally covers large areas (states, countries, continents).
Communication media used are satellites and public telephone networks connected by routers.

Question 40

What are the main differences between the LANs, WANs, and MANs?

Answer 40

LAN
Ownership of network is private
Geographical area covered is small
Design and Maintenance is easy
Communication medium is Coaxial cable
Bandwidth is low
Data rates (speed) is high

WAN-
Owner ship of network is private or public
Geographical-Very large
Design-Not easy
Communication-PSTN or satellite links
Bandwidth-high
data rates-low

MAN-
Ownership of network-private or public
geographical-moderate
design-not easy
communication-Coaxial cables, PSTN, optical fiber, cables, wireless
bandwidth-moderate
data rates-moderate

Question 41

How does a wireless network work?

Answer 41

A wireless network allows devices to remain linked to a network without cables. A Wi-Fi network is a type of wireless network.

Question 42

What are the 3 main categories of wireless networks?

Answer 42

Wireless LANS, Wireless WANS, System Interconnection

Question 43

What are Wireless LANS?

Answer 43

Wireless LANs

These are the systems in which every computer has a radio modem and antenna that allows it to communicate with other systems. Wireless LANs are becoming increasingly common in small offices and homes. The standard for wireless LANs, called IEEE 802.11, is widely used, and most systems employ it.

IEEE 802.11 is a set of technical guidelines used to implement Wi-Fi.
Wireless WANs

The radio network used for cellular telephones is an example of a low-bandwidth wireless WAN. This system has already gone through three generations. The first generation was analog and for voice only. The second generation was digital and for voice only. The third generation is digital and is for both voice and data.

Question 44

What is an Internetwork?

Answer 44

Internetworks

An internetwork (or internet) is a combination of two or more networks. An internetwork can be formed by joining two or more individual networks with various devices such as routers, gateways, and bridges. IR (infrared) technology can send data between networks wirelessly. As you can see in the figure, IR connects data between LANs and WANs:

Question 45

How do you implement a LAN?

Answer 45

As we discussed earlier, a LAN encompasses computers and other devices that connect to a server at a specific location - whether an office or a commercial environment. Devices use LAN connections to share resources.

There are five major steps to implementing a LAN
Equipment
First, you need the right equipment to set up your LAN. This will include the following components:

A router.
Ethernet cables for each device you want to connect.
A computer.
Devices.
A broadband connection, router, and modem (for internet connectivity).

Connect the First Computer
A Windows PC should automatically prompt you with a setup wizard for your first connection, but you can also find it in the Network and Sharing Center in the Settings area under the Control Panel. On a Mac, System Preferences can house the setup prompts.

Set up the WIFI
The automatic setup wizard will hopefully take you through the process step by step so you can have the Internet up and running. Once you have the Wi-Fi working, the devices connected to the Ethernet cables should be able to run on the Internet as well.

Connect to the Internet
Every device connected to the LAN needs to be set up with passwords to connect successfully to the Internet. Those without passwords will not be able to access the Internet. Make sure you protect your passwords and have the right firewalls running for safety.

Connect the Remaining Devices
Any printers or mobile devices that require an internet connection can be connected to the LAN.

Question 46

What is a VPN?

Answer 46

VPN

A virtual private network (VPN) is a technology for securely connecting two private networks over an encrypted connection, such as an employer’s network and an employee’s remote network. It can also mean secure connections between two large private networks.

VPNs generally refer to individual employees as clients. These clients connect to the corporate network, which is referred to as the host network

Question 47

What can you use a VPN for?

Answer 47

What can you use a VPN for:

To customize your location settings to take advantage of overseas services, such as watching television programs normally only accessible in a particular country due to licensing or legal issues. Netflix is a prime example of this.

To protect your passwords from potential hacking by local snoopers when you’re using a public hotspot.
To protect yourself from phishing attempts and malware while you’re browsing the web.

Many people travel around the globe for business, and a VPN allows secure access to your company’s internet resources without fear of being targeted by cybercriminals.
A VPN is great for when you are traveling abroad and want to spend a lazy afternoon catching up on your favorite television show back home. You can change your IP address back to the server in your home country if access is restricted overseas.

Question 48

What is a Data Server?

Answer 48

Data Server

A server is a computer without any accessories, such as monitors or keyboards. A server only functions as a storage place and is linked to a network to make its data accessible to computers.

A data server (DS) is a software program/platform that provides database services such as data storage, processing, and security. A data server operates entirely as a storage location and is connected to a network that makes that data accessible to computers.

Nowadays, most data servers utilize the client-server model. They work by receiving requests from users and client devices. They then deliver the appropriate responses based on the information acquired from the database.

In the case of an internet server, the device is connected to the web, so that any computer with a web connection can access the files stored on the server. Servers store and process data in the same way as computers and connect to the internet through wired or wireless connections.

Question 49

What is a Data Center?

Answer 49

Data centers are an essential component of an organization’s network infrastructure. Consequently, interruption of a data center’s operations significantly affects the organization’s ability to function. The two primary risks to the availability and security of data centers are physical and cyberthreats to the data and applications stored in this infrastructure. The security of an organization’s data centers is a crucial component of any data security approach. Cybersecurity professionals should know how to secure these data centers from cyberthreats, while physical security staff should protect against physical threats.

Question 50

What is the OSI model?

Answer 50

As you know, our devices need to communicate and speak the same language. The framework for communication used almost universally is called OSI (Open Systems Interconnection), or the seven-layer model.

OSI is a networking model that describes how information is transferred from one networking component to another. Just as a house blueprint defines the materials and technologies used to build the house, a networking model defines the protocols and devices required to build a network.

Technically, a networking model is a comprehensive set of documents that describes how everything should run in a network. Individually, each document describes a functionality, protocol, or device required by a small portion of the network.

The purpose of the OSI model is to guide technology suppliers and developers so the digital communications components and programs they develop can interact with different vendors and encourages a straightforward framework that characterizes networking system operations.

Question 51

What is the 7 Layers of the OSI Model?

Answer 51

The 7 Layers of the OSI Model

Layer 7 - Application

Provides the interaction between the user and the application

Layer 6 - Presentation

Formats the data to be readable to the user

Layer 5 - Session

Establishes and ends connections between two hosts

Layer 4 - Transport

Manages the delivery and error checking of data packets

Layer 3 - Network

Receives the data and decides which path the data will take to the destination

Layer 2 - Data Link

Defines the format of data on the network

Layer 1 - Physical

Sends data over the physical component

Question 52

What is a computer port?

Answer 52

What Is a Port?

A port is a virtual place where network connections begin and end. Each port is connected with a specific process or service. Ports enable computers to quickly distinguish between various types of traffic. For example, Internet use goes through a different port than emails.

Question 53

What is a port number?

Answer 53

What Is a Port Number?

Each port is allocated a number that is defined across all network devices. Many standard ports are dedicated to specific protocols, but some are dynamic and may change. As a dedicated protocol, for instance, all Simple Mail Transfer Protocol (SMTP) communications are routed to port 25. While IP addresses allow communications to be sent to and from specific devices, port numbers provide the specific services or apps inside those devices.

Question 54

What are the two categories of ports?

Answer 54

There are two categories of ports: Well-known ports and registered ports.

Question 55

What is a well known port?

Answer 55

Well-known ports
In the early days of the Internet, there was a slow start to assigning services needing specific ports. Ports were initially assigned from the lowest port number and gradually increased.

The well-known port numbers are the ones that the Internet Corporation for Assigned Names and Numbers (ICANN) has designated for application usage. Each application type has a specified port number.

Ports 0-1023 were used by many of the core services on Unix servers, so they are considered well-known ports for historical reasons. Telnet (23) and Simple Mail Transport Protocol (SMTP) (25) are examples.

Question 56

What is a registered port?

Answer 56

Registered ports
The Internet Assigned Numbers Authority (IANA) keeps a list of all services that run on well-known ports, as well as on all registered ports. The registration process establishes a permanent assocation between a port number and a service.

These services are all long-running services assigned to ports between 1,024 and 49,151. Two examples of registered ports are the Microsoft Remote Desktop Protocol (RDP) (3389) and Network File System (NFS) (2049).

Question 57

What is a network sniffer?

Answer 57

What Is a Network Sniffer?

A network sniffer is an application that listens to network traffic received by a network card. Network sniffers work by taking snapshot copies of data flowing through a network, without redirecting or altering it. Wireshark is the most popular network sniffer that you will use during this module.

Question 58

What is a Network Sniffer?

Answer 58

To explain how a network sniffer works, let’s review how a network functions. As we learned, networks consist of “nodes” that transmit data across a connected network, such as smartphones, computers, servers, etc. Networks utilize data packets that are broken down and then reconstructed after transmission to prevent network overload and to optimize these data transfers.

A user may analyze traffic using “passive sniffing” or “active sniffing” by employing network sniffers to “sniff” packets en route.

Active: Active sniffing involves directly engaging with the target devices by sending and receiving packets.
Passive: Passive sniffing involves monitoring data while it is in transit.

Question 59

What is Wireshark?

Answer 59

What Is Wireshark?

Wireshark interface
Wireshark is the most popular network sniffing tool. It is a network protocol analyzer that captures packets from a network connection, such as one between a workstation and a website on the Internet. This application enables users to monitor network traffic in real time and offline, record network packets, conveniently view network statistics, troubleshoot network difficulties, and investigate security concerns

Question 60

What are Wireshark’s Main Features?

Answer 60

Wireshark’s Main Features

Packet Capturing: Wireshark monitors and captures (sniffs) network connections in real-time. It can capture the total traffic flow, which may contain thousands of packets.

Packet Filtering: After capturing massive amounts of data, Wireshark takes all the random live data and only presents the required data by using filters. By employing a filter, users can obtain the relevant information they want to observe.

Packet Visualization: Wireshark enables users to access the core of a packet. It also enables the visualization of whole conversations, network flows, and a deep dive into a packet’s most minor details.

Question 61

What are Wireshark’s Main Uses?

Answer 61

Wireshark’s Main Uses

To analyze network traffic in real time and offline.
To capture network packets.
To view network data in a convenient manner.
To troubleshoot network problems and examine security issues.

Question 62

How Does Wireshark Relate to Cybersecurity?

Answer 62

Most network intrusions leave traces of their actions and operations within a network. Wireshark enables cybersecurity professionals to collect and closely examine these traces. These traces are presented as packets, and after they have been recorded, they may be used for real time or offline analysis. Additionally, when investigating malicious files, users may put the malicious file in a separate machine, capture the network, execute the malicious software, and observe and analyze its actions. It is a powerful tool used widely in the cyber industry.