Tools of the Trade

Question 1

Which DNS tool resolves web addresses to an IP address and answers the question to ‘Is my DNS up’?

Answer 1

Ping

Question 2

Which tool detects hosts that are connected to you?

Answer 2

netstat

Question 3

Which tool traces the route of network connections?

Answer 3

tracert

Question 4

Which tool resolves ethernet MAC address?

Answer 4

ARP (Address Resolution Protocol)

Question 5

Which tool provides the IP address and ethernet tools in Windows?

Answer 5

ipconfig

Question 6

What does ipconfig /all do?

Answer 6

find the MAC address

Question 7

Which tool provides the IP address and ethernet tools in Linux?

Answer 7

ip

Question 8

Which tool provides information on the DNS server for Windows?

Answer 8

nslookup

Question 9

Which tool provides information on the DNS server for Linux?

Answer 9

Digg

Question 10

Which tool opens and listens to ports and can be used as an aggressive tool for reconnaissance?

Answer 10

Netcat

Question 11

Which tool is useful for hardware inventory and reconnaissance of your network and/or system?

Answer 11

Nmap

Question 12

What is the GUI for nmap called?

Answer 12

Zenmap

Question 13

What is any system that shouldn’t be on the network called?

Answer 13

Rogue system

Question 14

What can be used to detect open ports, protocols, hardware, and rogue systems?

Answer 14

Network scans

Question 15

What two functions does Protocol analyzers perform?

Answer 15

sniffing and analyzing the data

Question 16

What does a sniffer do?

Answer 16

grabs all the data going in or out of a particular interface

Question 17

What does a sniffer do with the data acquired?

Answer 17

saves to file or sends live feed into the protocol analyzer

Question 18

What protocol analyzer tool allows us to filter the data by services and protocols?

Answer 18

Wireshark

Question 19

What popular protocol analyzer can only be used on a Linux system?

Answer 19

TCP dump

Question 20

What tool is used to administer and manage network devices from a single source?

Answer 20

Simple network management protocol (SNMP)

Question 21

What is the SNMP program that is packaged within the network element?

Answer 21

Agent

Question 22

In SNMP, what is the part of the network that requires some form of monitoring and management (i.e. routers, switches, workstations, etc)?

Answer 22

managed device

Question 23

In SNMP, what is the separate entity (i.e. workstation) that is responsible for communicating with the SNMP agent implement network device?

Answer 23

SNMP manager

Question 24

What are some of the key functions of a SNMP manager?

Answer 24

Queries agents, gets response from agents, set variables on the agents, acknowledges asynchronous events from agents

Question 25

What is the software that runs on the SNMP manager?

Answer 25

Network Management Station (NMS)

Question 26

What is the commonly shared database between the SNMP agent and the SNMP manager?

Answer 26

Management Information Base (MIB)

Question 27

Which version of SNMP added basic encryption?

Answer 27

Version 2

Question 28

What ports does SNMP use?

Answer 28

UDP 161 or TLS 10161

Question 29

Log event data includes…

Answer 29

date, time, process/source, account, event number, event description

Question 30

In dealing with logs, what event happens on a host even though it’s not on the network?

Answer 30

non-network events

Question 31

In dealing with logs, what events deals with the communication between the host and something on the network?

Answer 31

network events