Your network is a mixed environment of Windows, Linux, and UNIX, computers. The routers are primarily Cisco and the network uses a T-1 to connect to the Internet. You are experimenting with setting up a mail server in a production environment for internal use only. You do not want this mail server to receive any requests from anywhere but the internal network. Therefore you have decided to block incoming SMTP traffic at the Firewall. Which port will you block at the Firewall?
You are training some network administrators to analyze log files. Some of the logs present IP addresses in binary. You explain the usefulness of reading addresses in multiple formats. You demonstrate several conversions between decimal and binary. What is the decimal equivalent of the following binary IP address: 11001111.10001010.01101101.01110001
You are configuring the IP addressing for your network. One of the subnets has been defined with addresses already. You run ifconfig on a host and determine that it has an address of 10.12.32.18/14. What is the broadcast address for this network?
The main reason you have been hired at a company is to bring the network security of the organization up to current standards. A high priority is to have a full security audit of the network as soon as possible. You have chosen an Independent Audit and are describing it to your coworkers. Which of the following best describes an Independent Audit?
You suspect an increase in malicious traffic on your network. You run several packet captures to analyze traffic patterns and look for signs of intruders. While studying the packets, you are currently looking for ICMP Messages. You choose to use the IP Protocol ID to locate different kinds of packets. What is the IP Protocol ID of ICMP?
Recently you feel your network has been attacked by people sending out of spec packets to your firewall in order to get past the firewall rules. You have decided that you will capture all the packets on the firewall segment with network monitor to analyze the TCP headers for proper use. If you capture a packet that is the first part of a legitimate three way handshake between two Windows 2000 professional computers, what will the SEQ and ACK values be for the initializing packet?
During a network packet capture in Wireshark, you capture ICMP traffic, and are analyzing this capture. In an ICMP Message, what is the function of the first eight bits?
You are introducing a co-worker to the security systems in place in your organization. During the discussion you begin talking about the network, and how it is implemented. You decide to run a packet capture to identify different aspects of network traffic for your co-worker. In the packet capture you are able to identify Protocol IDs. What is the IP protocol ID for TCP?
The three-way handshake utilizes three steps, identified as: Step 1, 2 and 3, that take place between a client and a server in order to establish a TCP connection. In Step 2 of a normal three-way handshake, the server is said to be performing:
A significant function of TCP is the ability to guarantee session information. The method used by TCP to guarantee the uniqueness of a session between two hosts is which of the following?