CH 13 - 14 Quiz & Test
On an Ubuntu Linux computer, in what directory and file would you find the IP address of the DNS server providing the computer with name services?
/etc/resolv.conf
In Wireshark, you are using a filter expression that reads ipv6.src[6:2] == 2b:ad. In this expression, which part indicates an offset?
d. The number 6 in [6:2]
What Wireshark filter expression displays only ICMPv6 Router Advertisements?
d. icmpv6.type == 134
On a computer with a standard installation of Microsoft Windows 10 Pro that is fully dual-stack enabled, what is the preferred protocol?
IPv6
When using Wireshark to view either a live capture or a packet capture file, which display filter would you use to see only (but all) IPv6-related traffic?
IPv6
In Wireshark, you can apply a display filter to quickly find all packets that have had comments made on them.
TRUE
Both IPv4 and IPv6 hosts can send and reply to DNS queries for AAAA Record types.
TRUE65536
How are packet flags set for a Router Advertisement configured for Stateful Address Autoconfiguration (DHCPv6)?
a. M and L flags set on, A and O flags set off
Normally, before testing a network for high latency or slow performance problems, what should you establish?
You should use a protocol analyzer like Wireshark to determine a baseline of normal network activity at different times, such as low and peak network usage.
What would be at least one benefit of subnetting IPv6 network prefix assignments based on the non-nibble boundary?
More network prefixes
The DNS AAAA record is primarily associated with which of the following?
a. IPv6 addresses
Support for packet comments was added into which Wireshark version?
1.8
An IPv6 network prefix address of 2001:db8:a58c:1e40::/60 could be further subnetted to how many /64 network prefixes?
16
When used in terms of IPv6 addressing, how many bits are represented in a nibble?
4
Of the following, which is the best description of a CDN?
A CDN is a globally distributed network of proxy servers deployed in multiple data centers. The goal of a CDN is to serve content to end-users with high availability and high performance.
In order for nodes to receive a DHCPv6-provided address, if the router interface has correctly configured RAs for this process, what else must be in place?
A DHCPv6 server on a network, reachable via DHCPv6 relay
Which of the following is a valid RA configuration that supports only Stateful Autoconfiguration for nodes on an IPv6 router interface?
A flag off, L flag on, M flag on, O flag off
An IPv6-enabled router interface generally has at least which group of the following flag settings for Stateless Address Autoconfiguration?
A flag on, L flag on, M flag off, O flag off
You want to view the Expert Information window in Wireshark to see a list of warnings, errors, and other pertinent information to a trace file you are examining. How do you open Expert Information?
In the Wireshark menu, click Analyze, and then click Expert Information.
When examining a Wireshark trace file related to determining why a Web site is non-responsive, where in the Expert Information window are you most likely to find messages indicating that a TCP frame is suspected of being a retransmission?
In the Note section for TCP
In order for a computer to browse an IPv6 Web site on the Internet, what type of IPv6 addresses are required on the client?
Link-local and global unicast addresses
An IPv6 temporary address must be regenerated how frequently?
On a periodic basis, determined by the operating system
A Wireshark display filter configured as icmpv6.type == 133 will filter and display what type of packet?
Router Solicitation
You are examining a Wireshark trace file looking for issues related to high network latency. You notice that one protocol responsible for advertisement of network services is taking 2 or 3 milliseconds to transmit compared to other packets. Of the following, which is the most likely protocol?
SSDP
You are examining a trace file in Wireshark related to a non-responsive Web site and you suspect a DNS problem. Looking in the Info column in the packet list pane, which of the following messages are more likely to indicate a DNS issue? (Choose all that apply.)
Standard query 0x97ec A www.gstatic.com Standard query 0xb40e A www.static-cisco.com
What is considered the best practice when subnetting IPv6 network prefix assignments?
Subnet based on the nibble boundary
While you can sometimes tell when packet traffic, such as TCP retransmissions, is slow by looking at the time in seconds or milliseconds in the Time column of Wireshark's packet list, it isn't always self-evident. In the case of TCP retransmission traffic, what is another way to determine high latency?
The RTO, which represents the round-trip time for the TCP retransmission and can be found in the packet details pane of Wireshark under Transmission Control Protocol by expanding SEQ/ACK analysis and then expanding TCP Analysis flags
You are assessing a Windows 10 computer that cannot connect to the network at all. What is a possible cause? (Choose all that apply.)
The computer's NIC has failed. The Ethernet cable is unplugged from the computer's NIC The network port on the switch that provides the network connection for the computer is damaged.
The output of the ipconfig command in a Windows 10 terminal returns which information, assuming the primary network Interface is an Ethernet card? (Choose all that apply.)
The link-local IPv6 address of the Windows host The IPv4 address of the default gateway
You are troubleshooting a DHCPv4 server and suspect there is a problem with the server's configuration. Of the following, what should you check? (Choose all that apply.)
The static IP address assignments and their associated MAC addresses The starting addresses for the managed pools under Dynamic Address Pool settings The subnet masks for the Static Pool settings
The output of the ifconfig command in a Linux terminal returns which information? (Choose all that apply.)
The subnet mask used by the Linux host The IPv4 address of the Linux host The MAC address of the NIC
On a network with multiple computers, all with a standard installation of Microsoft Windows 10 Pro and no other devices on that network, the computers communicate with each other via:
Their link-local addresses
You are assessing a Windows 10 computer that is displaying a message "limited or no connectivity." You open a command prompt window, type ipconfig /all, and then press Enter. You see the IPv4 address of the computer's primary network interface is 169.254.69.8. What is the problem?
This is an APIPA, which the Windows computer assigned to its network interface because a DHCP server isn't available to dynamically provide addressing services.
Wireshark coloring rules process in what order?
Top down, first match
The IPv4 address 127.0.0.1 is the loopback address for which operating system? (Choose all that apply.)
Windows Linux Mac OS X
You are viewing Router Advertisement packets in Wireshark. What section in the packet details pane displays settings for the On-link flag(L) flag?
b. ICMPv6 Option (Prefix information) > Flag
You are using Wireshark and want to filter packets on the vendor portion of an Ethernet address (the first three bytes). Which filter expression should you use?
b. eth.src[0:3] == 00:00:87
What Wireshark filter expression displays only ICMPv6 Router Solicitations?
c. icmpv6.type == 133
You are assessing a network connection problem involving a Windows 10 computer on an IPv6 network. The issue was caused by the temporary unavailability of the local DHCPv6 server. The server has since come back up. You want to refresh the PC's IPv6 address by having the previous one be removed and requesting a new one. At the command prompt, what commands do you type?
ipconfig /release6 and then ipconfig /renew6
An IPv6 network prefix address of 2001:db8:9971:c3d0::/60 could be further subnetted to how many /61 network prefixes?
2
What is the maximum number of characters you can enter in a Wireshark packet comment?
2,500
Which of the following is not a valid IPv6 node address?
2001:db8:123:456:789:0123:acb/64
Which IPv6 network prefix address is using a non-nibble boundary?
2001:db8:ee42:a340::/61
On a computer with a standard installation of Microsoft Windows 10 Pro, if a RA is received with the A, L, and M flags set on and a DHCPv6 server is providing IPv6 addresses, how many possible global unicast addresses could the computer have?
3
You want to test a number of banking and social media sites to determine if they encrypt user login credentials or leave them in plain text as a network security measure. You determine the IP addresses of the relevant sites and then run a Wireshark capture while logging in to one of them. What should you look for in the Info column of Wireshark's packet list pane to determine the right packet to examine?
Application Data
Which of the following is not a valid type of information that you may find in Wireshark's Expert Information window?
Critical; a critical problem detected, such as a network-wide service failure
In a Linux terminal, running the command route -n returns the IPv4 address of the computer's default gateway. What function does the -n extension perform?
It displays numeric values but not host names.
Which command-line utility can you use to detect basic routing problems? (Choose all that apply.)
Ping or PathPing Tracert or Traceroute
You are examining a trace file in Wireshark and notice that an ICMPv6 packet has the information "Parameter Problem (unrecognized Next Header type encountered)" in the Info column of the packet list pane. To diagnose the problem, you want to see if this packet is "talking" to other packets. How can you do this?
Right-click the ICMPv6 packet in the Wireshark packet list pane, then click Conversation Filter, and then click IPv6.