CompTIA CertMaster Network + 5.2
What is used to analyze details about the wireless access point in an office, display an AP list, their respective channels, and a signal meter.
A Wi-Fi analyzer.
What will a WiFi analyzer NOT do?
A WiFi analyzer will not measure the Channel's bandwidth. Bandwidth is not displayed on a Wi-Fi analyzer app.
How does the Bandwidth Graph help?
A channel graph will show the channel your AP is using, along with channels of other APs. This graph can help mitigate channel overlap.
What is the OUTPUT chain?
A firewall ruleset for outgoing connections. Verify that this chain does not prevent the outgoing connection from using ping or the remote host's IP.
What does a multimeter do?
A multimeter is for testing electrical circuits, but they can test for the continuity of any sort of copper wire, the existence of a short, and the integrity of a terminator.
What is the differance between a MULTIMETER and a Cable Tester?
A multimeter shows whether or not there is a signal accross a wire, aka, is the circuit closed. An open circuit or short circuit means there is not signal continuity. A cable tester, however, provides detailed information on the physical and electrical properties of the cable itself. For example, is there crosstalk, attenuation, noise, resistance, or other problems on the cable run.
What will the admin use at a later date to analyze the data gathered by the packet sniffer?
A packet analyzer. First you sniff, then you analyze.
What is an example of a packet sniffer and what it does?
A packet sniffer such as winpcap for Windows is able to read packets on a port and save the information to a file on disk.
A WAP resides in the middle of an office area. A network administrator wants to gather information about data packets coming through the WAP for subsequent examination. What will provide the minimum level of support for completion of this task?
A packet sniffer.
How is a Wi-Fi Analyzer different than a Spectrum Analyzer?
A spectrum analyzer is usually a handheld device. It is used to analyze radio or electrical interferences. The exact location of interference can be pinpointed using a Spectrum Analyzer.
A network technician installed a Wi-Fi analyzer app on a personal smart phone to analyze an AP. What useful information will be available for a site survey?
AP list. Signal Meter. Channel Graph.
A network technician installed a Wi-Fi analyzer app on a personal smart phone to analyze the recently installed AP. What useful information should be available for a site survey?
AP list. Bandwidth Graph. Signal Meter.
How does the AP list help?
An AP list will show all available wireless access points that the smart phone is able to hear.
What is the equivalent of a cable tester for a fiber run?
An OTDR, optical time domain reflector.
How do you measure channel bandwidth?
An online bandwidth speed tester can be used to determine the speed of the wireless network.
What does a spectrum analyzer, which is usually a handheld device, do?
Analyzes radio or electrical interferences. The exact location of the interference can be pinpointed using this device.
What does a WiFi analyzer do?
Analyzes the signal strength.
Is the PREROUTING chain processed before or after OUTPUT, INPUT, or FORWARD chains?
Before.
What is not displayed on a Wi-Fi analyzer app?
Channel bandwidth is not. An online bandwidth speed tester can be used to determine the speed of the wireless network.
What is the FORWARD chain firewall ruleset used for?
Connections that are passing through the server.
How does the Signal Meter help?
Depending on the position of the smart phone, the Wi-Fi analyzer can display how strong the signal is from the location of the AP. This can be used to troubleshoot signal loss in certain areas.
What is a spectrum analyzer used to troubleshoot?
Electrical interferences. The exact location can be pinpointed using this device.
What is a loopback plug used to troubleshoot?
Faulty ports and faulty network cards.
What is the primary purpose of a multimeter?
Find a short.
What are INPUT, OUTPUT and FORWARD chains?
Firewall rulesets in the Linux kernal.
If a security admin wants to run the nmap utility, from a laptop, to ensure a server does not have any unecessary open ports or services running on it, what piece of information will the admin need to have?
IP address of the server.
What does the nslookup utility do?
It is a software tool for querying DNS server records.
What does a packet or protocol analyzer do?
It is used in conjunction with a packet sniffer. The analyzer will decode a captured frame to reveal its contents in a readable format.
How is an OTDR helpful?
It is used to find a break in the cable. The fiber can be re-spliced at the break in order to not waste fiber.
What does the pathping command perform and display?
It performs a trace route, then it pings each hop router a given number of times for a given period to determine the Round Trip Time, RTT. It shows latency and packet loss at each hop.
The dig command is a command-line tool like nslookup, what does it do?
It queries DNS servers and provides detailed information about record lookups.
What can the netstat command do for you?
It will list all active connections and it is used to see if your ports are configured correctly.
Explain why the admin might execute the netstat command for troubleshooting?
It will show all active ports. It will show active TCP connections.
If you are having trouble with an application connecting to a web server, what will netstat do for you?
It will show if the app is connected to the correct web server via the correct port.
How is a Channel Graph helpful?
It will show the channel the access point is using, along with channels of other APs. This graph can help mitigate channel overlap.
How is a light meter helpful?
It will test attenuation of fiber optic cables.
If fiber cables must be tested thoroughly to ensure there are no faults or excessive attenuation on the physical network, what two tools should a tecchnician use to test?
Light Meter. OTDR, short for Optical Time Domain Reflector.
A network technician suspects a short in the network cable and wants to test it. What tool will provide this capability?
Multimeter.
More about netstat.
Netstat gets its information from the OS directly. It asks the kernel for a list of all the listening ports and displays them. It can show which ADDRESSES are listening in addition to which ports and, with sufficient privilege, it can list the process IDs.
How are pcap files created?
Network analyzers like Wireshark create .pcap files to collect and record packet data from a network. PCAP comes in a range of formats including Libpcap, WinPcap, and PCAPng.
More about nmap.
Nmap gets its information by experiment, trying to connect to each port in turn and displaying the result of the connection attempt. This process is much slower, so by default it only tries the 1000 most-common port numbers. It can further probe each port to determine the type of service that is running, but it can't show process IDs.
Is the ipconfig /flushdns command necessary in this case?
No.
With a limited batch of fiber cables, a network admin decides to find the break in the failed cable in order to re-splice it and re-use on the network. What tool will help the admin find the location of the break?
Optical time domain reflector. OTDR.
What is PCAP File?
Packet Capture or PCAP, also known as libpcap, is an application programming interface, API, that captures live network packet data from OSI model Layers 2-7.
A .pcap file was copied over to a temporary network share. A security administrator examined the contents to verify the network's security protocol use. What was used to capture the packets, ie pcap files?
Packet sniffers like Wireshark capture packets, called pcaps.
What does the PREROUTING chain handle?
Packets that have just arrived. It determines priority how to handle the packets depending on whether it is used for local processing or forwarding. This chain is processed before OUTPUT, INPUT, or FORWARD chains.
What is the traceroute or tracert command used to troubleshoot?
Routing problems between the source and destination.
A security admin has been tasked to audit a new web server on the network. The admin's task is to ensure the server does not have any unecessary open ports or services running on it. Deduce the best course of action for checking the server if the admin knows the IP address of the server.
Run the nmap utility from a laptop
What is a multimeter used to troubleshoot?
Short circuits or a lack of signal across a copper wire.
A Wi-Fi router is unable to reach all users on the office floor due to radio interference. Which tool haS the capability to pinpoint the origin of the interference?
Spectrum Analyzer
Why is ipconfig /all helpful here?
The /all command is used to verify IP configurations in detail. It can be used to verify immediate changes on the network adapter.
What is a firewall ruleset for connections that are passing through the server?
The FORWARD chain.
A Linux server is unable to ping remote hosts, but other hosts can ping the server. Using the iptables command-line utility, what should a network technician examine to ensure the ping command can work for the Linux server?
The OUTPUT chain is a firewall ruleset for outgoing connections. Verify that this chain does not prevent the outgoing connection using ping.
What should a network technician examine within the iptables command-line utility to ensure the ping command can work for the Linux server?
The OUTPUT chain.
How is a Signal Meter helpful?
The Wi-Fi analyzer can display how strong the signal is from the location of the AP. This can be used to troubleshoot signal loss in certain areas.
What is enumeration?
The act or process of making or stating a list of things one after another.
What is the dig utility used to do?
The dig utility is used to query a DNS and return information about a domain name.
Why wouldn't the admin use netstat to do this?
The key words are LOCAL HOST. The netstat utility can output the status on active ports and TCP connections on a local host to verify any unnecessary ports or services running. Running netstat from the laptop will only provide details about the laptop, not the target server.
How is the AP list helpful?
The list will show all available wireless access pointst the smart phone can hear. The Service Set Identifier of the AP will be listed.
What is a versatile port scanner used for topology, host, service, and OS discovery and enumeration?
The nmap utility.
What's the difference between netstat and nmap?
The nmap, or network mapper utility, is used to discover informatino about hosts on the network. For example, what ports are open on a host. Where, netstat shows active connections to a host. Netstat will show currently active connections, display route information, and show network interface statistics.
The route command is a command utility to configure and manage the routing table
The route command is a command utility to configure and manage the routing table
What does a routing table do?
The routing table is stored on a router or host and contains information about the topology of the network immediately around it. It lists routes to particular destinations.
A loopback plug or loopback adapter is a specially wired RJ-45 plug with a 6" stub of cable. What is it used for?
To test for faulty ports and network cards.
What is the main difference between traceroute and pathping?
Traceroute helps to find the actual path from the source to the destination, but pathping provides information about latency and loss at the intermediate hops between the source and the destination devices.
If all you need is the route or hops, then use traceroute. If you are having problems with the network between the source and destination, then you will want to use pathping to help determine where the loss is occuring.
True.
Nmap is a versatile port scanner used to discover topology, hosts, services, and operating systems?
True.
Open ports are vulnerable to attacks and should be shut down if not used. The nmap utility is used to find them?
True.
The INPUT chain is a firewall ruleset for incoming connections. Other hosts are able to ping the Linux server, so this chain does not have any issues.
True.
The INPUT chain is a firewall ruleset for incoming connections. Other hosts are able to ping the Linux server.
True.
The PREROUTING chain handled packets that have just arrived, and determines, via priority, how to handle the packets depending on whether it is used for local processing or forwarding.
True.
The arp command is used to troubleshoot the arp table cache.
True.
The term Cable Tester is used to describe a basic cable tester used on twisted pair cables?
True. It provides details such as crosstalk, attenuation, noise, and resistance.
A packet analyzer and Protocol Analyzer are the same thing?
True. So, it can be said: first you sniff, then you Protocol Analyze.
Multiple applications can run over the same port. But, unnecessary services are also considered a security risk. What should you do?
Use the nmap utility to determine which services are running on each port and identify which should remain active.
What is the route command used for?
View and modify the routing table.
What software tool will you use if you are configuring a AP and need to choose a channel?
Wi-Fi Analyzer.
What's the difference between a WiFi analyzer and a spectrum analyzer?
WiFi analyzers only see devices using 802.11 protocol. They will only show WiFi APs and clients, and nothing else. A spectrum analyzer looks at RF frequencies, for example: baby monitors, some CCTV devices, RC cars, garage door openers etc. These devices may cause interference and will NOT show up on a WiFi analyzer.
A packet sniffer will interrogate the frames received by a network adapter using a special driver. What does Windows use?
Winpcap can save the captured frame into a file such as a .pcap file.
What is the most popular protocol analyzer?
Wireshark.
Can a Wi-Fi analyzer be used on a laptop and or smartphone?
Yes. It will analyze details about the AP in an office and others in the area. It can display an AP list, their respective channels, and a signal meter.
What command utility can be used to diagnose local addressing issues?
arp.
If you want to query DNS and return detailed information about a domain name, which utility would you use?
dig
What command is used to find an IP address on a Linux server?
ifconfig. traceroute is also Linux.
A punch down tool terminates fixed cables into an IDC such as a 66 block and 110 block. What is an IDC?
insulation displacement connector
A Windows server is being configured to go live again on a LAN after the DHCP server is configured with a new pool of addresses. The change must be verified upon completion. Which commands will be helpful to this scenario?
ipconfig /release. ipconfig /renew. ipconfig /all.
A systems admin is unable to ping remote hosts from a Debian server. Remote hosts can ping the server. The admin troubleshoots the issue by examining the OUTPUT chain. Determine which tool meets the admin's needs to troubleshoot the issue.
iptables
What command line utility is used to edit the Linux kernal firewall rules?
iptables
A Linux server is unable to ping remote hosts, but other hosts can ping the server. What command-line utility should a network technician use to examine this problem?
iptables.
A network admin gains remote access to a server with a beta application running on it. The admin realizes there are issues connecting the application with the web server. What utility should the admin run to troubleshoot further?
netstat command
Which command-line tool shows active connections to execute further troubleshooting actions?
netstat. The netstat command allows an admin to check the state of ports on the local host and check for service misconfigurations. This can help identify if the application is connecting to the correct web server on the correct port. It will also list all active connections.
A security admin is auditing a newly deployed web server on the local network. He wants to scan for open ports and scan for unnecesary services. What utility will he use?
nmap
If network performance is lacking and there seems to be issues in between the source and destination, what utility is a good first step to start troubleshooting this?
pathping
What command will provide the best information regarding other nodes between a workstation and a remote host?
pathping
What command utility is used to configure and manage the routing table on a Windows or Linux host?
route
What command-line utility is a common packet analyzer used to display the contents of the pcap file?
tcpdump
What format of the trace route command is used by Linux?
traceroute