Packets received by Node 10, and sent from Node 7 will reveal which of the following combination of source IP
The exhibit represents a simple routed network. Node 7 is a Windows 2000 Professional machine
that establishes a TCP communication with Node 10, a Windows 2003 Server. The routers are
Cisco 2500 series running IOS 11.2.
While working at Node 10, you run a packet capture. Packets received by Node 10, and sent from
Node 7 will reveal which of the following combination of source IP and source Physical addresses:
which of the following statements are true about your network traffic?
You have implemented an IPSec policy, using only AH. You are analyzing your network traffic in
Network Monitor, which of the following statements are true about your network traffic?
what must first be installed?
In order to perform promiscuous mode captures using the Wireshark capture tool on a Windows
Server 2003 machine, what must first be installed?
What is the IP address range reserved for internal use for APIPA in Microsoft networks?
You are configuring the rules on your firewall, and need to take into consideration that some
clients in the
network are using automatic addressing. What is the IP address range reserved for internal use
for APIPA in Microsoft networks?
what type of WLAN is this frame a part of?
If you capture an 802.11 frame, and the ToDS bit is set to zero and the FromDS bit is set to zero,
what type of WLAN is this frame a part of?
What transmission system uses short bursts combined together as a channel?
There are several options available to you for your new wireless networking technologies, and you
are examining how different systems function. What transmission system uses short bursts
combined together as a channel?
What is a reason an IDS cannot manage hardware failures?
You have just installed a new Intrusion Detection System in your network. You are concerned that
there are functions this system will not be able to perform. What is a reason an IDS cannot
manage hardware failures?
Which keyword is used to tell Snort to ignore a defined number of bytes before looking inside the packet for a
For the new Snort rules you are building, it will be required to have Snort examine inside the
content of the packet. Which keyword is used to tell Snort to ignore a defined number of bytes
before looking inside the packet for a content match?
What is the function of this rule?
You have recently taken over the security of a mid-sized network. You are reviewing the current
configuration of the IPTables firewall, and notice the following rule:
ipchains -A input -p TCP -d 0.0.0.0/0 12345 -j DENY
What is the function of this rule?
What are the two basic positions you can take when creating the policy?
At a policy meeting you have been given the task of creating the firewall policy. What are the two
basic positions you can take when creating the policy?