What Is the Actual Web Host Name to Which Www.polito.it Is Resolved?
Question one
We will write a custom paper on
Which of the following tools displays the MAC address and IP address data and enables them to be correlated for a given capture transmission?
specifically for you
Which of the following statements is true regarding Wireshark?
Wireshark is probably the nigh widely used packet capture and analysis software in the world.
The expense of Wireshark makes it price-prohibitive for most organizations.
Compared to similar commercial products, Wireshark has the almost sophisticated diagnostic tools.
Wireshark saves frame details in a format that is incompatible and unusable by other software tools.
5 points
Question 2
The master screen of Wireshark includes several shortcuts. Which shortcut category displays a listing of the network interfaces, or machines, that Wireshark has identified, and from which packets tin be captured and analyzed?
Capture Help
Capture
Files
Online
5 points
Question 3
Which of the following enables Wireshark to capture packets destined to any host on the same subnet or virtual LAN (VLAN)?
Capture Help
Host mode
Subnet mode
Promiscuous style
five points
Question 4
The top pane of the Wireshark window, referred to as the __________, contains all of the packets that Wireshark has captured, in time order, and provides a summary of the contents of the packet in a format close to English language.
byte summary
byte data
frame detail
frame summary
v points
Question 5
The center pane of the Wireshark window, referred to as the __________, is used to display the bundle structure and contents of fields within the packet.
byte summary
byte data
frame detail
frame summary
5 points
Question 6
The bottom pane of the Wireshark window, referred to as the __________, displays all of the information in the packet in hexadecimal and in decimalwhen possible.
byte summary
byte data
frame detail
frame summary
five points
Question 7
Wireshark can be used in a diverseness of means, still the almost common configuration for Wireshark, and the configuration that yous ran in the lab, has the software running:
in a peer-to-peer configuration.
from a probe or hub.
on a local area network.
on a local host.
5 points
Question 8
In the simplest terms, Wireshark is used to capture all packets:
from a computer workstation to the Wireshark awarding window.
to and from a computer workstation and the Wireshark application window.
to and from a figurer workstation and the server.
to and from the Wireshark Network Analyzer and the Capture section of the Wireshark awarding window.
5 points
Question 9
Which of the post-obit statements is true regarding how Wireshark works?
Where packets are captured and how they are captured does not have any bear on on how the packets are analyzed.
Past running the Wireshark software on the same reckoner that generates the packets, the capture is specific to that machine.
Wireshark has no touch on on the operation of the car itself or its applications.
No timing information is provided when using a network probe or hub device, or the capture port of a LAN switch.
5 points
Question x
Which of the following statements is true regarding how Wireshark handles time?
Clock time may or may non be the same every bit the organisation time of the device or devices used to run Wireshark and capture packets.
The timestamp used by Wireshark is the current local time in the time zone where the machine resides.
Any discrepancies regarding time are insignificant when capturing packets from high-speed interfaces.
In lodge to overcome time zone mismatches, a common best practice is to use the Eastern Time Zone.
v points
Question 11
When examining a frame header, a difference betwixt bytes on the wire and bytes captured tin betoken that:
all packets are existence captured effectively.
partial or malformed packets might be captured.
the interface speed is low and the reckoner cannot keep up with Wireshark.
the computer is infected with some form of malware.
5 points
Question 12
In the lab, the Ethernet Two detail of the provided packet capture file indicated that Wireshark had determined that the __________ was Intel Core hardware.
frame type
source
destination
blazon of traffic carried in the side by side layer
5 points
Question thirteen
In the lab, the Ethernet Two detail of the provided packet capture file indicated that Wireshark had adamant that the __________ was Internet Protocol (IP).
frame type
source
destination
blazon of traffic carried in the next layer
5 points
Question fourteen
In the lab, the Ethernet Two particular of the provided packet capture file indicated that Wireshark had adamant that the __________ was IPv4 multicast.
frame blazon
source
destination
type of traffic carried in the next layer
5 points
Question xv
The __________ IP accost is the IP address of the local IP host (workstation) from which Wireshark captures packets.
origination
destination
host
source
five points
Question 16
Which of the following statements is true regarding filtering packets in Wireshark?
Filters are not a especially useful tool in Wireshark.
Filters allow a circuitous set of criteria to be applied to the captured packets and only the result is displayed.
Filter expressions must be built with the Filter Edit dialog window and cannot be typed directly into the Filter field.
Once packets have been filtered, they are lost and cannot be restored.
five points
Question 17
Selecting a TCP menstruation in the Catamenia Graph Analysis tool tells Wireshark that yous wanted to see all of the elements in a TCP three-way handshake, which are:
SYN, SYN-ACK, and ACK.
SYN, ACK-SYN, and PSH.
ACK, ACK-PSH, and PSH-ACK.
PSH-ACK, ACK, and PSH-ACK.
5 points
Question 18
In the center pane of the __________, the management of each arrow indicates the direction of the TCP traffic, and the length of the arrow indicates between which two addresses the interaction is taking identify.
Wireshark frame header
Menses Graph Assay results
Frame Summary pane
Ethernet 2 frame detail
5 points
Question 19
Within the frame detail pane, what does it mean when the DNS Flags detail specifies that recursion is desired?
DNS volition continue to query higher level DNSs until it is able to resolve the address.
DNS will continue to query lower level DNSs until it is able to resolve the address.
DNS will discontinue querying other DNSs in attempts to resolve the address.
DNS volition be guaranteed show the response "No such proper noun."
v points
Question 20
Within the frame detail pane, the DNS Flags detail response to the query for issaseries.org was "No such proper noun," indicating that the:
issaseries.org domain never existed.
issaseries.org domain existed at one fourth dimension simply no longer exists.
issaseries.org is not known to any of the Domain Name Servers that were searched.
search was ineffective or unsuccessful.
Question 1
Which of the following statements is true?
The Wireshark protocol analyzer has limited capabilities and is not considered multi-faceted.
Wireshark is used to notice anomalies in network traffic besides every bit to troubleshoot application performance issues.
Both Wireshark and NetWitness Investigator are expensive tools that are cost-prohibitive for almost organizations.
NetWitness Investigator is bachelor at no charge while Wireshark is a commercial product.
5 points
Question 2
Wireshark capture files, similar the DemoCapturepcap file found in this lab, have a __________ extension, which stands for package capture, next generation.
.packcng
.paccapnextg
.pcnextgen
.pcapng
5 points
Question 3
The Wireless Toolbar (View > Wireless Toolbar) is used simply:
when using a pre-captured file.
when capturing live traffic.
when reviewing wireless traffic.
in a virtual lab environment.
five points
Question 4
In the frame detail pane, which of the following was a field unique to wireless traffic, confirming that it is a wireless packet?
The Encapsulation type: Per-Package Information header
The Arrival time: May 11, 2007 15:30:37 041165000 Pacific Daylight Time
The Capture Length: 181 bytes
The Epoch Time: 1178922637.041165000 seconds
5 points
Question 5
Which of the following tools provides information near the antennae signal strengths, racket ratios, and other antennae information during a captured transmission?
Windows Explorer
DemoCapture
Wireshark
NetWitness
v points
Question 6
Which of the following can be used to map who is able to communicate with whom, the measured strength of signals, and what frequencies are used, likewise as be used for jamming sure frequencies and for determining which devices were likely used to prepare off remote bombs and Improvised Explosive Devices (IEDs)?
MAC+PHY (MAC and Physical Layer)
IEEE Layer
Flags fields
Quality of Service information
5 points
Question seven
In the IEEE 802.11 Quality of Service information and Flags fields, Wireshark displays data about the __________, which enables the network administrator to determine which Media Admission Control (MAC) addresses lucifer each of them.
antennae and point strength
transmitters and receivers of the data
payload and frame data
Domain System and Internet Protocol version
5 points
Question 8
In the lab, Wireshark displayed the transmitter/receiver address in both full hexadecimal (00:14:a5:cd:74:7b) and a kind of shorthand, which was:
IEEE 802.11.
GemtekTe_IEEE.
GemtekTe_00:xiv:a5.
GemtekTe_cd:74:7b.
five points
Question 9
Matching the __________ to their advisable transmitter and receiver addresses can provide the needed forensic bear witness of which devices are involved in a item communication.
MAC addresses
IP addresses
brand names
IEEE numbers
5 points
Question 10
Which of the following statements is true regarding the fields displayed in Wireshark?
There are hundreds of fields of data bachelor and there are many different ways to interpret them.
There are a few dozen fields of data available only there are many unlike means to interpret them.
There are very few fields of data available and nearly administrators will interpret them in the aforementioned or a similar way.
Although in that location are very few fields of data bachelor, well-nigh administrators will interpret them differently.
5 points
Question 11
Which of the following is a packet capture add-on that is frequently installed with Wireshark that enables the capture of more wireless information?
3Com
QoS
GemtekTE
AirPcap
5 points
Question 12
Regardless of whether the packet is sent through the air or on a wire, the ultimate payload in an investigation is:
data regarding the transmitters and receivers of the data.
particular about the Internet Protocol version.
a Domain Name System query.
evidence of any suspicious activity.
five points
Question 13
In the lab, the DNS query indicated an IP address of __________ for www.polito.it.
172.xxx.0.100
130.192.73.ane
177.390.13.vi
172.30.121.1
5 points
Question 14
What is the actual Spider web host name to which world wide web.polito.information technology is resolved?
web01.polito.gov
web01.polito.it
web01.polito.com
world wide web.polito.com
5 points
Question xv
In social club to use NetWitness Investigator to clarify the same packets that you analyzed with Wireshark, you kickoff had to relieve the DemoCapturepcap.pcapng file in the older __________ format.
.libpcap
.tcpdump-libcap
.pcapng
.pcap
five points
Question xvi
Which of the following statements is truthful regarding NetWitness Investigator?
NetWitness Investigator is available for costless and so it is only used for some initial analysis.
NetWitness Investigator is often used only by skilled analysts for specific types of analysis.
Investigators with piffling preparation typically tin can capture needed information using NetWitness Investigator.
Wireshark provides a more in-depth, security-focused assay than NetWitness Investigator.
five points
Question 17
Which of the following statements is truthful regarding NetWitness Investigator reports?
NetWitness reports incorporate only low-level wireless information, such as command and control.
NetWitness reports do non provide the kind of sophisticated assay that is constitute within Wireshark.
NetWitness and Wireshark both provide the same data merely the two tools differ in how that information is displayed.
NetWitness is unable to provide information well-nigh the geographic location of the transmitter and receiver.
5 points
Question 18
Which of the following tools displays the MAC address and IP address data and enables them to be correlated for a given capture transmission?
DemoCapture
Wireshark
NetWitness Investigator
Both Wireshark and NetWitness Investigator
5 points
Question 19
When y'all were using NetWitness Investigator in the lab, the Destination City study indicated that the Destination Organization of world wide web.polito.it was recorded as:
Turin Polytechnic.
Politecnico de Tourino.
Republic of Italy.
Turin, Italia.
5 points
Question 20
Which of the following statements is true regarding the information in the Destination Urban center report?
The Height Level Domain (TLD) ".information technology" belongs to Italian republic.
The Top Level Domain (TLD) ".it" is proofthat the Spider web site is physically located in Italy.
The Top Level Domain (TLD) was actually registered in the United States.
Information technology indicates that it will exist impossible to determine the actual physical location of the server.
Ultra Fast Custom Academic Aid
Source: https://freelanceacademicwriters.com/which-of-the-following-tools-displays-the-mac-address-and-ip-address-information-and-enables-them-to-be-correlated-for-a-given-capture-transmission/
0 Response to "What Is the Actual Web Host Name to Which Www.polito.it Is Resolved?"
Post a Comment