Tools of the Trade

Question 1

What does nslookup do?

Retrieves the name space for the network

Queries DNS for the IP address of the supplied host name

Performs a reverse IP lookup

Answer 1

Queries DNS for the IP address of the supplied host name

The nslookup command queries DNS and returns the IP address of the supplied host name

Question 2

What is Wireshark?

Protocol analyzer

Packet sniffer

Packet analyzer

All of the above

Answer 2

All of the above

Wireshark can sniff and analyze all the network traffic that enters the computer’s NIC

Question 3

One of your users calls you with a complaint that he can’t reach the site www.google.com. You try and access the site and discover you can’t connect either but you can ping the site with its IP address. What is the most probable culprit?

Google is down.

The gateway is down.

The DNS server is down.

Answer 3

The DNS server is down.

In this case, the DNS system is probably at fault. By pinging the site with its IP address, you have established that the site is up and your LAN and gateway are functioning properly

Question 4

What command do you use to see the DNS cache on a Windows system?

ipconfig /showdns

ipconfig /displaydns

ping /displaydns

Answer 4

ipconfig /displaydns

To see the DNS cache on a Windows system, run the command ipconfig /displaydns at a command prompt

Question 5

Which of the following displays the correct syntax to eliminate the DNS cache?

ipconfig /all

ipconfig /dns

ipconfig /flushdns

Answer 5

ipconfig /flushdns

The command ipconfig /flushdns eliminates the DNS cache

Question 6

Which tool enables you to query the functions of a DNS server?

ipconfig

nslookup

ping

Answer 6

nslookup

The tool to use for querying DNS server functions is nslookup

Question 7

The Windows tracert tool fails sometimes because many routers block ______ packets.

TCP

UDP

ICMP

Answer 7

ICMP

The Windows tracert tool fails because it relies on ICMP packets that routers commonly block

Question 8

Which tools can you (and hackers) use to open ports on your network? (Choose three.)

Port scanner

Nmap

Angry IP Scanner

hostname

Answer 8

Port scanner

Nmap

Angry IP Scanner

The hostname command simply returns the host name of the local system. All other tools mentioned can scan ports to locate network vulnerabilities

Question 9

Which tools are used explicitly to monitor and diagnose problems with DNS?

Nmap or Wireshark

nslookup or dig

ping or pathping

Answer 9

nslookup or dig

The nslookup tool and the more powerful dig tool are used to diagnose DNS problems

Question 10

Your manager wants you to institute log management and analysis on a small group of workstations and servers that are not connected to the larger enterprise network for data sensitivity reasons. Based upon the level of routine usage and logging, you decide not to implement a management console but intend to examine each log separately on the individual hosts. What type of log management are you using in this scenario?

Centralized log management

Enterprise-level log management

Decentralized log management

Answer 10

Decentralized log management

In this scenario, you are using decentralized log management, since you are not using a centralized log management facility or console to collect all the applicable logs and review them in one place