what is the actual web host name to which www.polito.it is resolved

Question 1

We will write a custom paper on

Which of the following tools displays the MAC accost and IP accost information and enables them to be correlated for a given capture transmission?

specifically for you

Which of the following statements is true regarding Wireshark?

Wireshark is probably the most widely used parcel capture and analysis software in the world.

The expense of Wireshark makes it price-prohibitive for most organizations.

Compared to similar commercial products, Wireshark has the most sophisticated diagnostic tools.

Wireshark saves frame details in a format that is incompatible and unusable by other software tools.

5 points

Question 2

The main screen of Wireshark includes several shortcuts. Which shortcut category displays a list of the network interfaces, or machines, that Wireshark has identified, and from which packets tin be captured and analyzed?

Capture Assistance

Capture

Files

Online

5 points

Question 3

Which of the post-obit enables Wireshark to capture packets destined to any host on the same subnet or virtual LAN (VLAN)?

Capture Help

Host mode

Subnet style

Promiscuous fashion

v points

Question 4

The top pane of the Wireshark window, referred to as the __________, contains all of the packets that Wireshark has captured, in time order, and provides a summary of the contents of the packet in a format shut to English.

byte summary

byte data

frame particular

frame summary

five points

Question five

The center pane of the Wireshark window, referred to every bit the __________, is used to display the parcel structure and contents of fields within the packet.

byte summary

byte data

frame detail

frame summary

five points

Question 6

The bottom pane of the Wireshark window, referred to every bit the __________, displays all of the information in the packet in hexadecimal and in decimalwhen possible.

byte summary

byte data

frame detail

frame summary

v points

Question 7

Wireshark tin can be used in a variety of ways, even so the most common configuration for Wireshark, and the configuration that yous ran in the lab, has the software running:

in a peer-to-peer configuration.

from a probe or hub.

on a local area network.

on a local host.

5 points

Question 8

In the simplest terms, Wireshark is used to capture all packets:

from a estimator workstation to the Wireshark application window.

to and from a computer workstation and the Wireshark awarding window.

to and from a calculator workstation and the server.

to and from the Wireshark Network Analyzer and the Capture section of the Wireshark application window.

v points

Question 9

Which of the following statements is truthful regarding how Wireshark works?

Where packets are captured and how they are captured does not have any impact on how the packets are analyzed.

By running the Wireshark software on the same computer that generates the packets, the capture is specific to that auto.

Wireshark has no bear on on the performance of the car itself or its applications.

No timing information is provided when using a network probe or hub device, or the capture port of a LAN switch.

5 points

Question 10

Which of the post-obit statements is true regarding how Wireshark handles fourth dimension?

Clock time may or may non be the same as the system time of the device or devices used to run Wireshark and capture packets.

The timestamp used by Wireshark is the current local time in the time zone where the automobile resides.

Any discrepancies regarding time are insignificant when capturing packets from high-speed interfaces.

In order to overcome time zone mismatches, a common best practice is to use the Eastern Fourth dimension Zone.

5 points

Question xi

When examining a frame header, a difference between bytes on the wire and bytes captured tin indicate that:

all packets are being captured effectively.

partial or malformed packets might exist captured.

the interface speed is low and the computer cannot go along upwardly with Wireshark.

the computer is infected with some course of malware.

5 points

Question 12

In the lab, the Ethernet 2 particular of the provided packet capture file indicated that Wireshark had determined that the __________ was Intel Core hardware.

frame type

source

destination

type of traffic carried in the next layer

5 points

Question 13

In the lab, the Ethernet Two particular of the provided packet capture file indicated that Wireshark had determined that the __________ was Internet Protocol (IP).

frame blazon

source

destination

type of traffic carried in the next layer

5 points

Question fourteen

In the lab, the Ethernet 2 detail of the provided packet capture file indicated that Wireshark had determined that the __________ was IPv4 multicast.

frame type

source

destination

blazon of traffic carried in the next layer

v points

Question xv

The __________ IP address is the IP address of the local IP host (workstation) from which Wireshark captures packets.

origination

destination

host

source

5 points

Question 16

Which of the following statements is truthful regarding filtering packets in Wireshark?

Filters are not a peculiarly useful tool in Wireshark.

Filters allow a circuitous set up of criteria to exist practical to the captured packets and only the effect is displayed.

Filter expressions must be built with the Filter Edit dialog window and cannot exist typed directly into the Filter field.

Once packets have been filtered, they are lost and cannot be restored.

5 points

Question 17

Selecting a TCP menstruation in the Flow Graph Analysis tool tells Wireshark that y'all wanted to meet all of the elements in a TCP three-style handshake, which are:

SYN, SYN-ACK, and ACK.

SYN, ACK-SYN, and PSH.

ACK, ACK-PSH, and PSH-ACK.

PSH-ACK, ACK, and PSH-ACK.

5 points

Question xviii

In the center pane of the __________, the direction of each pointer indicates the direction of the TCP traffic, and the length of the arrow indicates between which two addresses the interaction is taking place.

Wireshark frame header

Menstruum Graph Assay results

Frame Summary pane

Ethernet II frame particular

5 points

Question xix

Within the frame detail pane, what does information technology mean when the DNS Flags item specifies that recursion is desired?

DNS volition continue to query higher level DNSs until it is able to resolve the address.

DNS will continue to query lower level DNSs until it is able to resolve the address.

DNS will discontinue querying other DNSs in attempts to resolve the address.

DNS will exist guaranteed bear witness the response "No such name."

5 points

Question 20

Within the frame detail pane, the DNS Flags detail response to the query for issaseries.org was "No such name," indicating that the:

issaseries.org domain never existed.

issaseries.org domain existed at one time but no longer exists.

issaseries.org is non known to whatever of the Domain Name Servers that were searched.

search was ineffective or unsuccessful.

Question i

Which of the following statements is true?

The Wireshark protocol analyzer has express capabilities and is not considered multi-faceted.

Wireshark is used to discover anomalies in network traffic as well every bit to troubleshoot application operation bug.

Both Wireshark and NetWitness Investigator are expensive tools that are price-prohibitive for virtually organizations.

NetWitness Investigator is bachelor at no accuse while Wireshark is a commercial product.

5 points

Question ii

Wireshark capture files, like the DemoCapturepcap file found in this lab, have a __________ extension, which stands for packet capture, adjacent generation.

.packcng

.paccapnextg

.pcnextgen

.pcapng

5 points

Question 3

The Wireless Toolbar (View > Wireless Toolbar) is used but:

when using a pre-captured file.

when capturing alive traffic.

when reviewing wireless traffic.

in a virtual lab environment.

5 points

Question 4

In the frame item pane, which of the following was a field unique to wireless traffic, confirming that it is a wireless package?

The Encapsulation type: Per-Bundle Information header

The Inflow time: May 11, 2007 15:30:37 041165000 Pacific Daylight Time

The Capture Length: 181 bytes

The Epoch Fourth dimension: 1178922637.041165000 seconds

5 points

Question 5

Which of the following tools provides information about the antennae point strengths, noise ratios, and other antennae data during a captured transmission?

Windows Explorer

DemoCapture

Wireshark

NetWitness

five points

Question 6

Which of the following can be used to map who is able to communicate with whom, the measured strength of signals, and what frequencies are used, also as exist used for jamming sure frequencies and for determining which devices were likely used to set off remote bombs and Improvised Explosive Devices (IEDs)?

MAC+PHY (MAC and Physical Layer)

IEEE Layer

Flags fields

Quality of Service information

5 points

Question 7

In the IEEE 802.11 Quality of Service information and Flags fields, Wireshark displays information about the __________, which enables the network administrator to make up one's mind which Media Access Command (MAC) addresses match each of them.

antennae and signal strength

transmitters and receivers of the data

payload and frame information

Domain System and Internet Protocol version

five points

Question 8

In the lab, Wireshark displayed the transmitter/receiver address in both full hexadecimal (00:14:a5:cd:74:7b) and a kind of shorthand, which was:

IEEE 802.eleven.

GemtekTe_IEEE.

GemtekTe_00:14:a5.

GemtekTe_cd:74:7b.

5 points

Question 9

Matching the __________ to their advisable transmitter and receiver addresses can provide the needed forensic show of which devices are involved in a particular communication.

MAC addresses

IP addresses

brand names

IEEE numbers

v points

Question 10

Which of the following statements is true regarding the fields displayed in Wireshark?

There are hundreds of fields of data available and there are many dissimilar ways to interpret them.

There are a few dozen fields of information available simply there are many dissimilar ways to interpret them.

At that place are very few fields of data bachelor and most administrators volition interpret them in the same or a similar way.

Although there are very few fields of information available, about administrators will interpret them differently.

5 points

Question eleven

Which of the following is a packet capture add together-on that is frequently installed with Wireshark that enables the capture of more wireless information?

3Com

QoS

GemtekTE

AirPcap

5 points

Question 12

Regardless of whether the packet is sent through the air or on a wire, the ultimate payload in an investigation is:

data regarding the transmitters and receivers of the data.

particular almost the Net Protocol version.

a Domain Name Arrangement query.

show of whatever suspicious activity.

5 points

Question 13

In the lab, the DNS query indicated an IP accost of __________ for world wide web.polito.information technology.

172.30.0.100

130.192.73.1

177.390.13.6

172.30.121.one

5 points

Question fourteen

What is the actual Web host name to which world wide web.polito.it is resolved?

web01.polito.gov

web01.polito.it

web01.polito.com

www.polito.com

5 points

Question fifteen

In club to utilise NetWitness Investigator to analyze the aforementioned packets that you analyzed with Wireshark, y'all first had to save the DemoCapturepcap.pcapng file in the older __________ format.

.libpcap

.tcpdump-libcap

.pcapng

.pcap

5 points

Question 16

Which of the following statements is true regarding NetWitness Investigator?

NetWitness Investigator is available for free so it is simply used for some initial analysis.

NetWitness Investigator is often used only by skilled analysts for specific types of analysis.

Investigators with niggling training typically can capture needed information using NetWitness Investigator.

Wireshark provides a more in-depth, security-focused analysis than NetWitness Investigator.

5 points

Question 17

Which of the following statements is true regarding NetWitness Investigator reports?

NetWitness reports comprise but low-level wireless information, such as command and control.

NetWitness reports do not provide the kind of sophisticated assay that is found within Wireshark.

NetWitness and Wireshark both provide the same information simply the two tools differ in how that information is displayed.

NetWitness is unable to provide information about the geographic location of the transmitter and receiver.

5 points

Question 18

Which of the post-obit tools displays the MAC accost and IP accost information and enables them to be correlated for a given capture transmission?

DemoCapture

Wireshark

NetWitness Investigator

Both Wireshark and NetWitness Investigator

five points

Question 19

When you were using NetWitness Investigator in the lab, the Destination City report indicated that the Destination Organization of www.polito.it was recorded as:

Turin Polytechnic.

Politecnico de Tourino.

Republic of Italian republic.

Turin, Italy.

5 points

Question twenty

Which of the following statements is true regarding the information in the Destination City report?

The Height Level Domain (TLD) ".it" belongs to Italy.

The Height Level Domain (TLD) ".it" is proofthat the Web site is physically located in Italy.

The Top Level Domain (TLD) was actually registered in the Usa.

It indicates that it will exist impossible to determine the actual concrete location of the server.

Ultra Fast Custom Bookish Aid

novotnyagaine.blogspot.com

Source: https://freelanceacademicwriters.com/which-of-the-following-tools-displays-the-mac-address-and-ip-address-information-and-enables-them-to-be-correlated-for-a-given-capture-transmission/

Share this post