Question 1 The command "tcpdump src host churchward and udp dst port 53" is to capture ______. Question options: the udp packets coming from host churchward, but going to port 53 the tcp packets coming from host churchward, but udp packets going to port 53 the udp packets coming from host churchward, but tcp packets going to port 53 the tcp packet going to port 53 from host churchward Question 4 Tom accesses host C with IP address IPC via host B with IP address IPB from host A with IP address IPA using SSH. How to capture all the TCP response traffic of the incoming link of Host B? Question options: tcpdump tcp src IPB and dst IPA and dst port 22 and 'tcp[13] & 8 !=0' tcpdump tcp src IPB and dst IPA and src port 22 and 'tcp[13] & 8 !=0' tcpdump tcp src IPB and dst IPA and port 22 and 'tcp[13] & 8 !=0' tcpdump tcp src IPB and dst IPA and src port 22 and 'tcp[13] & 16 !=0' Question 6 Capture all the traffic going to 192.168.0.2 except ICMP packets. Question options: tcpdump dst 192.168.0.2 and src net and not icmp tcpdump src 192.168.0.2 and dst net and not icmp tcpdump dst 192.168.0.2 and src net or not icmp tcpdump dst 192.168.0.2 or src net or not icmp Question 7 In three way handshake of establishing a TCP connection, if a client sends a SYN packet to a server with source port, destination port, sequence number, and acknowledgement number as the following respectively. 8971, 22, 156, 305 And also the SYN is acknowledged by a packet with sequence number 588. In the last step to set up the TCP connection, the client needs to send an ACK to the server. What are the values of source port, destination port, sequence number and the acknowledgement number of the ACK respectively? Question options: 8971, 22, 589, 157 22, 8971, 157, 589 8971, 22, 157, unknown 8971, 22, 157, 589 Question 8 Tom accesses host C with IP address IPC via host B with IP address IPB from host A with IP address IPA using SSH. How to capture all the TCP request and response traffic of the incoming link of Host B? Question options: tcpdump tcp host IPA and host IPB and port 22 and 'tcp[13] & 8 !=0' tcpdump tcp host IPA or host IPB and port 22 and 'tcp[13] & 8 !=0' tcpdump tcp host IPA and host IPB and src port 22 and 'tcp[13] & 8 !=0' tcpdump tcp host IPA and host IPB and dst port 22 and 'tcp[13] & 8 !=0' Question 10 Tom accesses host C with IP address IPC via host B with IP address IPB from host A with IP address IPA using SSH. How to capture all the TCP traffic of incoming link of Host B? Question options: tcpdump tcp host IPA and port 22 tcpdump tcp host IPA or host IPB and port 22 tcpdump tcp host IPA and host IPB and port 22 tcpdump tcp host IPA or host IPB or port 22 Question 11 Tom accesses host C with IP address IPC via host B with IP address IPB from host A with IP address IPA using SSH. How to capture all the TCP request traffic of the outgoing link of Host B? Question options: tcpdump tcp src IPB or dst IPC and dst port 22 and 'tcp[13] &8!=0' tcpdump tcp src IPB and dst IPC and dst port 22 and 'tcp[13] &8!=0' tcpdump tcp src IPB and dst IPC and port 22 and 'tcp[13] &16!=0' tcpdump tcp src IPB and dst IPC and dst port 22 and 'tcp[13] &32!=0' Question 12 Please examine the following two packets. What is the sequence number of the packet sent from port 3224 to port 6020? 23:29:04.050167 spider.3224 > 66-28-147-032.servercentral.net.6020: . ack 36517 win 16044 23:29:04.059645 66-28-147-032.servercentral.net.6020 > spider.3224: P 36517:37969(1452) ack 1 win 5840 (DF) Question options: 0 1 36517 37969 Question 13 The following packet captured by Tcpdump shows "win 512" which indicates ___________________. 09:32:43:910000 nmap.edu.1173 > dns.net.21 S 62697789:62697789(0) win 512 Question options: host "dns.net" available buffer size is 512 bytes host "nmap.edu" available buffer size is 512 bytes host "nmap.edu" total window buffer size is 512 bytes host "dns.net" total window buffer size is 512 bytes Question 15 In terms of closing a TCP connection between a client and a server, which one is correct? Question options: the client is passive the server is not passive the client is active the client is not active Question 20 A server sends a SYN + ACK packet from port 23 to port 5678 of a client to acknowledge the request to build a TCP session. The sequence number of the SYN + ACK packet is 1010, and acknowledgement number is 100. What are the starting sequence numbers used by the client and the server respectively for data transfer? Question options: 99, 1010 1010, 99 1010, 100 1009, 100
| Question 1 |
|
The command "tcpdump src host churchward and udp dst port 53" is to capture ______.
|
|
the udp packets coming from host churchward, but going to port 53 |
|
|
the tcp packets coming from host churchward, but udp packets going to port 53 |
|
|
the udp packets coming from host churchward, but tcp packets going to port 53 |
|
|
the tcp packet going to port 53 from host churchward |
| Question 4 |
|
Tom accesses host C with IP address IPC via host B with IP address IPB from host A with IP address IPA using SSH. How to capture all the TCP response traffic of the incoming link of Host B?
|
|
tcpdump tcp src IPB and dst IPA and dst port 22 and 'tcp[13] & 8 !=0' |
|
|
tcpdump tcp src IPB and dst IPA and src port 22 and 'tcp[13] & 8 !=0' |
|
|
tcpdump tcp src IPB and dst IPA and port 22 and 'tcp[13] & 8 !=0' |
|
|
tcpdump tcp src IPB and dst IPA and src port 22 and 'tcp[13] & 16 !=0' |
| Question 6 |
|
Capture all the traffic going to 192.168.0.2 except ICMP packets.
|
|
tcpdump dst 192.168.0.2 and src net and not icmp |
|
|
tcpdump src 192.168.0.2 and dst net and not icmp |
|
|
tcpdump dst 192.168.0.2 and src net or not icmp |
|
|
tcpdump dst 192.168.0.2 or src net or not icmp |
| Question 7 |
|
In three way handshake of establishing a TCP connection, if a client sends a SYN packet to a server with source port, destination port, sequence number, and acknowledgement number as the following respectively.
8971, 22, 156, 305
And also the SYN is acknowledged by a packet with sequence number 588. In the last step to set up the TCP connection, the client needs to send an ACK to the server. What are the values of source port, destination port, sequence number and the acknowledgement number of the ACK respectively?
|
|
8971, 22, 589, 157 |
|
|
22, 8971, 157, 589 |
|
|
8971, 22, 157, unknown |
|
|
8971, 22, 157, 589 |
| Question 8 |
|
Tom accesses host C with IP address IPC via host B with IP address IPB from host A with IP address IPA using SSH. How to capture all the TCP request and response traffic of the incoming link of Host B?
|
|
tcpdump tcp host IPA and host IPB and port 22 and 'tcp[13] & 8 !=0' |
|
|
tcpdump tcp host IPA or host IPB and port 22 and 'tcp[13] & 8 !=0' |
|
|
tcpdump tcp host IPA and host IPB and src port 22 and 'tcp[13] & 8 !=0' |
|
|
tcpdump tcp host IPA and host IPB and dst port 22 and 'tcp[13] & 8 !=0' |
| Question 10 |
|
Tom accesses host C with IP address IPC via host B with IP address IPB from host A with IP address IPA using SSH. How to capture all the TCP traffic of incoming link of Host B?
|
|
tcpdump tcp host IPA and port 22 |
|
|
tcpdump tcp host IPA or host IPB and port 22 |
|
|
tcpdump tcp host IPA and host IPB and port 22 |
|
|
tcpdump tcp host IPA or host IPB or port 22 |
| Question 11 |
|
Tom accesses host C with IP address IPC via host B with IP address IPB from host A with IP address IPA using SSH. How to capture all the TCP request traffic of the outgoing link of Host B?
|
|
tcpdump tcp src IPB or dst IPC and dst port 22 and 'tcp[13] &8!=0' |
|
|
tcpdump tcp src IPB and dst IPC and dst port 22 and 'tcp[13] &8!=0' |
|
|
tcpdump tcp src IPB and dst IPC and port 22 and 'tcp[13] &16!=0' |
|
|
tcpdump tcp src IPB and dst IPC and dst port 22 and 'tcp[13] &32!=0' |
| Question 12 |
|
Please examine the following two packets. What is the sequence number of the packet sent from port 3224 to port 6020?
23:29:04.050167 spider.3224 > 66-28-147-032.servercentral.net.6020: . ack 36517 win 16044
23:29:04.059645 66-28-147-032.servercentral.net.6020 > spider.3224: P 36517:37969(1452) ack 1 win 5840 (DF)
|
|
0 |
|
|
1 |
|
|
36517 |
|
|
37969 |
| Question 13 |
|
The following packet captured by Tcpdump shows "win 512" which indicates ___________________.
|
|
host "dns.net" available buffer size is 512 bytes |
|
|
host "nmap.edu" available buffer size is 512 bytes |
|
|
host "nmap.edu" total window buffer size is 512 bytes |
|
|
host "dns.net" total window buffer size is 512 bytes |
| Question 15 |
|
In terms of closing a TCP connection between a client and a server, which one is correct?
|
|
the client is passive |
|
|
the server is not passive |
|
|
the client is active |
|
|
the client is not active |
| Question 20 |
|
A server sends a SYN + ACK packet from port 23 to port 5678 of a client to acknowledge the request to build a TCP session. The sequence number of the SYN + ACK packet is 1010, and acknowledgement number is 100. What are the starting sequence numbers used by the client and the server respectively for data transfer?
|
|
99, 1010 |
|
|
1010, 99 |
|
|
1010, 100 |
|
|
1009, 100 |
Since you are asking multiple questions we are answering first 4 questions for you. If you want to get solution of other please specify that question number.
Question1
Answer:
the tcp packets coming from host churchward, but udp packets going to port 53
Question 4
Answer:
tcpdump tcp src IPB and dst IPA and src port 22 and 'tcp[13] & 16 !=0'
Trending now
This is a popular solution!
Step by step
Solved in 2 steps
