NVCC ITN 263 Final Exam Study Guide Updated 2023 With Accurate Answers 100% Verified

Which of the following statements is true regarding Wireshark? - Wireshark is probably the most widely used packet capture and analysis software in the world. The main screen of Wireshark includes several shortcuts. Which shortcut category displays a list of the network interfaces, or machines, that Wireshark has identified, and from which packets can be captured and analyzed? - Capture Which of the following enables Wireshark to capture packets destined to any host on the same subnet or virtual LAN (VLAN)? - Promiscuous mode The top pane of the Wireshark window, referred to as the __________, contains all of the packets that Wireshark has captured, in time order, and provides a summary of the contents of the packet in a format close to English. - frame summary The middle pane of the Wireshark window, referred to as the __________, is used to display the packet structure and contents of fields within the packet. - frame detail The bottom pane of the Wireshark window, referred to as the __________, displays all of the information in the packet in hexadecimal and in decimal when possible. - data summary Wireshark can be used in a variety of ways; however, the most common configuration for Wireshark, and the configuration that you ran in the lab, has the software running: - on a local host In the simplest terms, Wireshark is used to capture all packets: - to and from a computer workstation and the server. Which of the following statements is true regarding how Wireshark works? - By running the Wireshark software on the same computer that generates the packets, the capture is specific to that machine. Which of the following statements is true regarding how Wireshark handles time? - Clock time may or may not be the same as the system time of the device or devices used to run Wireshark and capture packets. When examining a frame header, a difference between bytes on the wire and bytes captured can indicate that: - partial or malformed packets might be captured. In the lab, the Ethernet II detail of the provided packet capture file indicated that Wireshark had determined that the __________ was Intel Core hardware. - source In the lab, the Ethernet II detail of the provided packet capture file indicated that Wireshark had determined that the __________ was Internet Protocol (IP). - type of traffic carried in the next layer In the lab, the Ethernet II detail of the provided packet capture file indicated that Wireshark had determined that the __________ was IPv4 multicast. - destination The __________ IP address is the IP address of the local IP host (workstation) from which Wireshark captures packets. - destination Which of the following statements is true regarding filtering packets in Wireshark? - Filters allow a complex set of criteria to be applied to the captured packets and only the result is displayed. Selecting a TCP flow in the Flow Graph Analysis tool tells Wireshark that you wanted to see all of the elements in a TCP three-way handshake, which are: - SYN, SYN-ACK, and ACK. In the center pane of the __________, the direction of each arrow indicates the direction of the TCP traffic, and the length of the arrow indicates between which two addresses the interaction is taking place. - Flow Graph Analysis results Within the frame detail pane, what does it mean when the DNS Flags detail specifies that recursion is desired? - DNS will continue to query higher level DNSs until it is able to resolve the address. Within the frame detail pane, the DNS Flags detail response to the query for was "No such name," indicating that the: - is not known to any of the Domain Name Servers that were searched. Which of the following characteristics relates to a demilitarized zone (DMZ)? - A type of perimeter network used to host resources designated as accessible by the public from the Internet Which of the following refers to a host on a network that supports user interaction with the network? - Client Which of the following refers to filtering traffic as it attempts to leave a network, which can include monitoring for spoofed addresses, malformed packets, unauthorized ports and protocols, and blocked destinations? - Egress filtering Which of the following is the name given to unauthorized access to a system? - Backdoor Which of the following describes caching? - Retention of Internet content by a proxy server Which of the following characteristics relates to access control? - The process or mechanism of granting or denying use of resources; typically applied to users or generic network traffic Which term describes an object, computer, program, piece of data, or other logical or physical component you use in a business process to accomplish a business task? - Asset Which name is given to the security service of preventing access to resources by unauthorized users while supporting access to authorized users? - Confidentiality Which term describes when a system is usable for its intended purpose? - Availability Which of the following describes authentication? - The process of confirming the identity of a user Which of the following describes a blacklist? - A type of filtering in which all activities or entities are permitted except those identified When conducting an audit, the auditor should be which of the following? - An external person who is independent of the organization under audit Which term is used to describe a network service that maintains a searchable index or database of network hosts and shared resources? - Directory Service Which of the following refers to a form of attack that attempts to compromise availability? - Denial of service (DoS) Which term describes a network device that forwards traffic between networks based on the MAC address of the Ethernet frame? - bridge Which of the following refers to a software firewall installed on a client or server? - Host firewall Which of the following refers to a type of software product that is pre-compiled and whose source code is undisclosed? - closed source Which term describes the cumulative value of an asset based on both tangible and intangible values? - asset value (AV) Which malicious software program is distributed by hackers to take control of victims' computers? - Bots