Monitoring

You are concerned about attacks directed against your firewall on your network. You would like to examine the content of individual frames sent to the network.
Which tool should you use?
Packet sniffer.
You have installed a new application on a network device. During testing, it appears as if the software is causing other services running on the device to stop responding.
Which tool should you consult to identify the problem?
Application log.
You manage a firewall that connects your private network to the Internet. You would like to see a record of every packet that has been rejected by the firewall in the past month.
Which tool should you use?
Event log.
You connect a packet sniffer to a switch to monitor frames on your local area network. However, the packet sniffer is only able to see broadcast frames and frames addressed specifically to the host device.
Which feature should you enable on the switch so you can see frames from all devices connected to the switch?
Mirroring.
You want to be able to identify traffic that is being generated and sent through the network by a specific application running on a device.
Which tool should you use?
Protocol analyzer.
You decide to use a packet sniffer to identify the type of traffic sent to the router. You run the packet sniffing software on a device which is connected to a hub with three other computers. The hub is connected to the same switch that is connected to the router.
When you run the software, you only see frames addressed to the four workstations but not to the router.
Which feature should you configure?
Mirroring.
You have a Web site that customers use to view product information and place orders. You would like to identify the maximum number of simultaneous sessions that this server can maintain before the performance is negatively impacted.
Which tool should you use?
Load tester.
You have a small network of devices connected together using a switch. You want to capture the traffic that is sent from Host A to Host B.
On Host C, you install a packet sniffer that captures network traffic. After running the packet sniffer, you cannot find any captured packets between Host A and Host B.
What should you do?
Run the packet sniffer application on Host B.
You have a WAN link that connects two sites. The WAN link is supposed to provide 1.5 Mbps of bandwidth. You want to perform a test to see the actual bandwidth of the link.
Which tool should you use?
Throughput tester.
You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffer software on a device which is connected to the same hub that is connected to the router.
When you run the software, you only see frames addressed to the workstation and not other devices.
Which feature should you configure?
Promiscuous mode.
You want to know what protocols are being used on your network. You’d like to monitor network traffic and sort traffic based on protocol.
Which tool should you use?
Packet sniffer.