1. In as much detail as you can, please explain the TCP three-way handshake. 2. What is...
Question:
1. In as much detail as you can, please explain the TCP three-way handshake.
2. What is DNS (Domain Name System) and what is it used for?
3. A user types 'google' into their web browser. Please explain what happens behind the scenes when the user presses 'enter' in as much detail as you can.
4. What is ARP (Address Resolution Protocol) and what is it used for?
5. What is NAT (Network Address Translation) and what is it used for?
6. What is ICMP (Internet Control Message Protocol) and what is it used for?
7. What is the difference between TCP and UDP?
8. What is DHCP (Dynamic Host Configuration Protocol) and what is it used for?
9. Are you familiar with RFC1918? What are the Private IP address ranges? Why do we need them?
10. What is a SIEM? Explain some of its capabilities.
11. Provide an example of 6 different information security technologies that are typically part of a large enterprise.
12. What is the most common way for a device to transmit its security logs?
13. Where does Microsoft Windows store its security events?
14. Where does Linux OS store its security events?
15. Please describe the functions of a firewall, router and switch.
16. What is a default gateway and how would you find the default gateway for Linux and Windows hosts?
17. How do you determine if a process is running, restart a process, and test CPU & memory usage on a Linux host?
18. How do you determine interface status (up/down) on a Linux host?
19. Please name some tools that perform packet captures and mention one that you prefer to use and explain why.
20. Explain the troubleshooting steps you would take to resolve device connectivity problems.
21. How do you gather IP information on both Linux and Windows hosts?
22. What is a daemon in the Linux environment?
Principles Of Information Security
ISBN: 9780357506431
7th Edition
Authors: Michael E. Whitman, Herbert J. Mattord