Tools of the Trade Flashcards
What does nslookup do?
Retrieves the name space for the network
Queries DNS for the IP address of the supplied host name
Performs a reverse IP lookup
Queries DNS for the IP address of the supplied host name
The nslookup command queries DNS and returns the IP address of the supplied host name
What is Wireshark?
Protocol analyzer
Packet sniffer
Packet analyzer
All of the above
All of the above
Wireshark can sniff and analyze all the network traffic that enters the computer’s NIC
One of your users calls you with a complaint that he can’t reach the site www.google.com. You try and access the site and discover you can’t connect either but you can ping the site with its IP address. What is the most probable culprit?
Google is down.
The gateway is down.
The DNS server is down.
The DNS server is down.
In this case, the DNS system is probably at fault. By pinging the site with its IP address, you have established that the site is up and your LAN and gateway are functioning properly
What command do you use to see the DNS cache on a Windows system?
ipconfig /showdns
ipconfig /displaydns
ping /displaydns
ipconfig /displaydns
To see the DNS cache on a Windows system, run the command ipconfig /displaydns at a command prompt
Which of the following displays the correct syntax to eliminate the DNS cache?
ipconfig /all
ipconfig /dns
ipconfig /flushdns
ipconfig /flushdns
The command ipconfig /flushdns eliminates the DNS cache
Which tool enables you to query the functions of a DNS server?
ipconfig
nslookup
ping
nslookup
The tool to use for querying DNS server functions is nslookup
The Windows tracert tool fails sometimes because many routers block ______ packets.
TCP
UDP
ICMP
ICMP
The Windows tracert tool fails because it relies on ICMP packets that routers commonly block
Which tools can you (and hackers) use to open ports on your network? (Choose three.)
Port scanner
Nmap
Angry IP Scanner
hostname
Port scanner
Nmap
Angry IP Scanner
The hostname command simply returns the host name of the local system. All other tools mentioned can scan ports to locate network vulnerabilities
Which tools are used explicitly to monitor and diagnose problems with DNS?
Nmap or Wireshark
nslookup or dig
ping or pathping
nslookup or dig
The nslookup tool and the more powerful dig tool are used to diagnose DNS problems
Your manager wants you to institute log management and analysis on a small group of workstations and servers that are not connected to the larger enterprise network for data sensitivity reasons. Based upon the level of routine usage and logging, you decide not to implement a management console but intend to examine each log separately on the individual hosts. What type of log management are you using in this scenario?
Centralized log management
Enterprise-level log management
Decentralized log management
Decentralized log management
In this scenario, you are using decentralized log management, since you are not using a centralized log management facility or console to collect all the applicable logs and review them in one place