Define the purpose of network analysis insight into network communications to identify performance problems, identify security breaches, evaluate application behaviour, perform capacity planning. identify device and software misconfigurations evaluate efficient use of packet sizes in a data transfer application What are some troubleshooting tasks for a network analyst? - identify network errors and service refusals validate secure login and data traversal What are some optimization tasks for a network analyst? - evaluate current bandiwdth usage passively discover hosts, OSs and services validate application secure data traversal What are some security tasks for a network analyst? - identify and define malicious traffic signatures determine application protocols and ports in use What are some application tasks for a network analyst? - analyse application bandwidth requirements If values do not match, the packet is dopped. When a packet arrives to a network devices, what is the first thing that the device performs? calculate and compare the checksum.
Which of these network devices do change the MAC address source and/or destination of an Ethernet frame header: router, switch, firewall? router, firewall. What must a network analysist consider in terms of law? that some companies require an explicitly written permission to analyse their network, because it may contain sensitive or confidential data. What is the recommended format when saving Wireshark traces and why? pcapng, because it allows to save packet comments. True/False: Wireshark can not help in identifying network devices queuing delays False.
How to switch between Configuration Profiles in Wireshark? Edit -> Configuration Profiles What are the steps of a Wireshark troubleshooting session? plan, capture, analyse, repeat What are the steps of a Wireshark security analysis? plan, capture, analyse, secure, document. It is called "expert mode" What is the best network location to place a wireshark station? as close to the source of packets as possible. There are both possibilites: temporary coloring, and permanent coloring with Coloring Rules T/F: There is a mode in Wireshark called "specialist" False.
T/F: Coloring in Wireshark can only be temporary False.
0 kommentar(er)
