Software Tool Types

Question 1

traceroute uses what two things to determine the path to a remote device?

Answer 1

TTL and ICMP error messages

Question 2

what utility can help you determine if a WAN link is down or a web server isn’t responding?

Answer 2

Traceroute

Question 3

What two reasons can asterisks imply when running traceroute?

Answer 3

1) response from the router took more than the default time-out value
2) the admin has disabled ICMP on the router that the packet is trying to hop through

Question 4

What is the command to trace IPv6 packets? List for Windows, MAC/Linux, and Cisco

Answer 4

1) tracert -6 - Win
2) traceroute6 - MAC/Lnx
3) traceroute -6 - Cisco

Question 5

What 3 extra key pieces of info does ipconfig /all (as opposed to just ipconfig) tell you?

Answer 5

MAC address
DHCP lease times
DNS addresses

Question 6

Describe the differences between ipconfig and ifconfig

Answer 6

ipconfig is mainly used to view the TCP/IP config

if config does same but can be used to configure a protocol or network interface

Question 7

the linux iptables utilities uses what 3 types of ‘chains’ to to allow or disallow traffic?

Answer 7

1) Input (controls for incoming connections)
2) Forward (for incoming non-local connections like a router would receive)
3) Output (controls outgoing connections)

Question 8

what iptables command would block a connection from 192.168.10.1?

Answer 8

iptables -A INPUT -s 192.168.10.1 -j DROP

Question 9

what is the default ping time-out?

Answer 9

1 second

Question 10

The ‘-a’ switch in the ping utility does what?

Answer 10

name resolution

Question 11

what is the ‘-6’ switch used for in ping utility? What is it for MAC?

Answer 11

pinging IPv6 address.

Ping6

Question 12

what is the continuous ping option?

Answer 12

-t

Question 13

what is checked to determine the IP address before a packet is sent to a host?

Answer 13

the ARP cache

Question 14

IPv6 doesn’t need ARP. TRUE or FALSE?

Answer 14

TRUE (it uses the ND protocol)

Question 15

what ARP command switch displays the whole ARP table?

Answer 15

-a (or -g)

Question 16

How long do static entries last in the ARP table?

Answer 16

until the machine is rebooted

Question 17

how do you delete dynamic and static ARP table entries?

Answer 17

for dynamic entries wait for the entries to time out. For static, use the “arp -d” switch with the entry you want to delete

Question 18

nslookup allows you to do what?

Answer 18

query a name server and find out what name resolved to which IP address

Question 19

the primary job of the xxxx utility is to tell you the different features of a domain name, the names of the servers that serve it and how they’re configured

Answer 19

nslookup (‘dig’ for unix)

Question 20

What does the non-authoritative answer mean in an nslookup response?

Answer 20

the server that returned the the information is not responsible for the zone information of the domain you requested

Question 21

Where is the hosts table stored in windows?

Answer 21

c:windows\system32\drivers\etc

Question 22

which Unix utility combines the functions of traceroute and ping and also adds round-trip time and packet loss?

Answer 22

Mtr/My traceroute

Question 23

What is Microsoft’s version of the linux mrt?

Answer 23

pathping

Question 24

performing scans with certain flags set using nmap allows you to determine what 2 things?

Answer 24

1) if a port is open on a device

2) if the port is blocked by a firewall before it gets to the device

Question 25

On a Unix box, how could you create a logical map of the network and determine the live hosts on a network?

Answer 25

use nmap command

Question 26

What route command switch used with the add, change or delete will clear the routing table of entries that aren’t host routes, loopback or multicast routes?

Answer 26

-f

Question 27

what route switch, if used with the add option, will add the route to the Registry (and thus still be there after a reboot)

Answer 27

-p (for persistent)

Question 28

List 5 other options to use with the route command?

Answer 28

1) destination
2) gateway
3) metric
4) netmask / mask
5) if /interface

Question 29

Deploying the nbtstat utility acheives what 3 things?

Answer 29

1) track NetBIOS over TCP/IP statistics
2) Shows incoming and outgoing NetBIOS over TCP/IP connections
3) Resolve NetBIOS names

Question 30

which nbtstat command will get you the remote machine’s NetBIOS name table which will show all the NetBIOS names that machine knows of?

Answer 30

-a [remote machine name]

Question 31

-A nbtstat differs from -a how?

Answer 31

instead of using -A with a NetBIOS name you enter the IP address

Question 32

What command switch displays the NetBIOS name cache?

Answer 32

nbtstat -c

Question 33

If you get the error “no names in cache” when using nbtstat, what has happened?

Answer 33

all entries in cache have expired because the NetBIOS services haven’t been accessed regularly enough

Question 34

what nbtstat command gives you the local NetBIOS name table?

Answer 34

-n

Question 35

what nbtstat command tells you how many NetBIOS names have been resolved to TCP/IP addresses?

Answer 35

-r

Question 36

which nbtstat command can help you determine if the WINS server is configured correctly?

Answer 36

-r

Question 37

Which nbtstat command purges the name table cache and allows you to reload the LMHOSTS file into memory?

Answer 37

-R

Question 38

which nbtstat command lists the session to and from the host you run the command on?

Answer 38

-S

Question 39

which command enables you to check the inbound and outbound TCP/IP connections and see packet statistics?

Answer 39

netstat

Question 40

when using netstat, if the address of the destination computer can be found in the HOSTS file, what will display in the Foreign Address column?

Answer 40

The destination computer’s name

Question 41

which most commonly used netstat switch shows all tcp/ip and udp connections and is used to check the status of a connection that appears to be hung?

Answer 41

-a

Question 42

which netstat switch displays a summary of all the packets sent over the NIC as of that instant and which includes errors?

Answer 42

-e

Question 43

which two netstat switch allow you to look at protocol statistics for just a specific protocol?

Answer 43

• s (displays all protocols)

- p [protocol name]

Question 44

If in doubt, what file type should you set ftp to download files as?

Answer 44

Binary files

Question 45

if the get command gets one file in ftp, how do you get multiple files?

Answer 45

use mget command

Question 46

which utility is good for testing TCP connectivity?

Answer 46

Telnet

Question 47

Which two commands will show you the routing table?

Answer 47

netstat -r and route print

Question 48

If you wanted netstat to return IP addresses for Foreign Addresses instead of names, which switch would you use?

Answer 48

-n

Question 49

What Unix command would you use to filter tcp traffic from host 192.168.1.1

Answer 49

tcpdump host 192.168.1.1

Question 50

what does the unix command “tcpdump -i any” do?

Answer 50

captures tcp traffic on all interfaces