1. In as much detail as you can, please explain the TCP three-way handshake.

2. What is DNS (Domain Name System) and what is it used for?

3. A user types 'google' into their web browser. Please explain what happens behind the scenes when the user presses 'enter' in as much detail as you can.

4. What is ARP (Address Resolution Protocol) and what is it used for?

5. What is NAT (Network Address Translation) and what is it used for?

6. What is ICMP (Internet Control Message Protocol) and what is it used for?

7. What is the difference between TCP and UDP?

8. What is DHCP (Dynamic Host Configuration Protocol) and what is it used for?

9. Are you familiar with RFC1918? What are the Private IP address ranges? Why do we need them?

10. What is a SIEM? Explain some of its capabilities.

11. Provide an example of 6 different information security technologies that are typically part of a large enterprise.

12. What is the most common way for a device to transmit its security logs?

13. Where does Microsoft Windows store its security events?

14. Where does Linux OS store its security events?

15. Please describe the functions of a firewall, router and switch.

16. What is a default gateway and how would you find the default gateway for Linux and Windows hosts?

17. How do you determine if a process is running, restart a process, and test CPU & memory usage on a Linux host?

18. How do you determine interface status (up/down) on a Linux host?

19. Please name some tools that perform packet captures and mention one that you prefer to use and explain why.

20. Explain the troubleshooting steps you would take to resolve device connectivity problems.

21. How do you gather IP information on both Linux and Windows hosts?

22. What is a daemon in the Linux environment?

Answer rating: 100% (QA)

The TCP threeway handshake is a process that establishes a connection between two devices over a network It consists of three steps First the initiating device client sends a SYN synchronize packet to ... View the full answer