Network Monitoring

13. What does tcpdump do? Select all that apply.

  • Analyzes packets and provides a textual analysis
  • Captures packets
  • Generates packets
  • Encrypts your packets

14. What does wireshark do differently from tcpdump? Check all that apply.

  • It can capture packets and analyze them.
  • It understands more application-level protocols.
  • It has a graphical interface.
  • It can write packet captures to a file.

15. What factors should you consider when designing an IDS installation? Check all that apply.

  • Internet connection speed
  • Traffic bandwidth
  • OS types in use
  • Storage capacity

16. What is the difference between an Intrusion Detection System and an Intrusion Prevention System?

  • An IDS can actively block attack traffic, while an IPS can only alert on detected attack traffic.
  • An IDS can alert on detected attack traffic, but an IPS can actively block attack traffic.
  • An IDS can detect malware activity on a network, but an IPS can’t
  • They are the same thing.

17. What factors would limit your ability to capture packets? Check all that apply.

  • Network interface not being in promiscuous or monitor mode
  • Anti-malware software
  • Encryption
  • Access to the traffic in question

Devendra Kumar

Project Management Apprentice at Google

Leave a Reply