|
|
| Pavlov 2002-09-25, 8:43 am |
| You adminsiter your company's network. You have 20 Windows 2000 Pro computers operating in a switched network environment running TCP/IP. The company uses a Windows 2000 Server computer running Internet Authentication Service (IAS) to connect to the Internet.
You decide to set up Network Monitor to monitor all traffic on your network.
You install Network Monitor on the IAS server. You properly configure Network Monitor to monitor all TCP/IP traffic.
Which packets are you able to monitor?
A. All packets on your network.
B. None of the packets on your network.
C. Only packets sent from the IAS server.
D. Only packets addressed to the IAS server.
E. All packets addressed to and sent from the IAS computer as well as all broadcast and multicast frames on the same network segment.
Good luck and see ya' tomorrow with the answer...  | |
| frazang 2002-09-25, 10:50 am |
| let's try A and see what happens.
Thanks for these posers Pavlov. At this point in my reviewing it's nice to see a fresh question.  | |
| Slinky 2002-09-25, 10:53 am |
| Since the network monitor driver is bound to the actual network card, I'll have to say A. I'm sure I'm wrong though.  | |
| RUSH2112 2002-09-25, 11:03 am |
| Let's try E. (Strike 3, I'm out!!!) | |
| Shadowwraith 2002-09-25, 1:21 pm |
| Would be my choice. For the mere fact the way I understand it is that Network Monitor can only monitor packets sent to and received on the server that it is installed on. Hope I'm right. | |
| Slinky 2002-09-25, 1:23 pm |
| Now that I read E some more its starting to make sense. Argh! | |
| Slinky 2002-09-25, 1:26 pm |
| quote:
Originally posted by Shadowwraith
Would be my choice. For the mere fact the way I understand it is that Network Monitor can only monitor packets sent to and received on the server that it is installed on. Hope I'm right.
Unless you have the SMS version of Netmon, then you can monitor packets sent out on other networks from your computer. | |
|
|
| Slinky 2002-09-25, 1:30 pm |
| I know, I was just throwing it out there for FYI whether it was relevant or not. | |
|
|
| Deja-vue 2002-09-25, 11:05 pm |
| I will say E.
But i cheated, i ask Pavlov... | |
|
| I seem to be the only one that has gone for D, but I still stand at that. I've always thought that on a switched network you'll only be able to monitor traffic TO the computer. | |
| Pavlov 2002-09-26, 8:49 am |
| You adminsiter your company's network. You have 20 Windows 2000 Pro computers operating in a switched network environment running TCP/IP. The company uses a Windows 2000 Server computer running Internet Authentication Service (IAS) to connect to the Internet.
You decide to set up Network Monitor to monitor all traffic on your network.
You install Network Monitor on the IAS server. You properly configure Network Monitor to monitor all TCP/IP traffic.
Which packets are you able to monitor?
A. All packets on your network.
B. None of the packets on your network.
C. Only packets sent from the IAS server.
D. Only packets addressed to the IAS server.
E. All packets addressed to and sent from the IAS computer as well as all broadcast and multicast frames on the same network segment.
A. Incorrect: Because you are operating on a switched network, you aren't able to view all packets on your network.
B. Incorrect: Although not all packets can be monitored, you are able to monitor packets addressed to and sent from the IAS server running NetMon as well as all broadcast and multicast frames on the same network segment.
C. Incorrect: On a switched network, you are able to monitor packets destined for and sent from the IAS server running NetMon as well as all broadcast and multicast frames on the same network segment.
D. Incorrect: In a switched network environment, using NetMon, you can monitor packets addressed to and sent from the IAS server running NetMon as well as all broadcast and multicast frames on the same network segment.
E. Correct: You can monitor packets addressed to and sent from the IAS server in a switched network environment as well as broadcast and multicast frames on the same network segment. | |
| RUSH2112 2002-09-26, 10:18 am |
| OMG  I got one right! | |
| frazang 2002-09-26, 10:47 am |
| and RUSH is still in the game! WTG! | |
| RUSH2112 2002-09-26, 1:07 pm |
| quote:
Originally posted by frazang
and RUSH is still in the game! WTG!
Yeah, now I'm at a 1-2 count. Saved by a high and outside pitch. LOL | |
|
| I chose D because I was told that on a switched network you only see packets addressed to the computer running network monitor. I've also found an article describing this here:
http://www.xs4all.nl/~koppelra/win2000/infra/3.htm
It says here that:
"When you use Network Monitor on an IAS server running in a switched network environment, you will see only the traffic addressed to the IAS server computer that is running Network Monitor."
I don't know what to believe? This is a hard exam and I'm worried that some matierial is incorrect! | |
|
| The correct answer was D!
This question is published in the MCSE Readiness Review book by Microsoft and they have since published a corrections page:
http://support.microsoft.com/defaul...;EN-US;Q280784&
As I was the only one that chose D, does that mean everyone looked up the answer from the book? | |
| louwersel 2002-10-08, 7:50 am |
| I am going for E
Almost sure, but not 100%  | |
| l9nux 2002-10-08, 12:27 pm |
| quote:
I am going for E
I hope your joking louwersel
Does nobody listen... The correct answer is D, as confirmed by Microsoft themselves!
(look at the link in my previous post) | |
|
| I think it would be E for the same reasons.
There is no mention as to whether it is the basic or full blown version of monitor.
Ill go for basic. | |
| twister166 2002-10-09, 4:55 pm |
| quote:
Originally posted by l9nux
I hope your joking louwersel
Does nobody listen... The correct answer is D, as confirmed by Microsoft themselves!
(look at the link in my previous post)
The correct answer is E. If you know how switch works the windows monitor does not even come into play.
Switch operates in layer 2, it separates collision domain but not broadcast domain, so it sort of works like a bridge, therefore the broadcast and multicast will pass through. The basis of switching is that if port 1 wants to talk to port 3, port 1 contacts port 3 and estabilsh a direct connect circuit which is collision free thus can be full duplex. Since the monitor is on the ISA server, it will only see the traffics that can be seeing on the switch port the ISA server resides. The traffic that can get to the ports are broadcast, multicast and dest/source from the ISA server. I hope it clears it up. | |
|
| Well I dont know who is right. Microsoft clearly state the following:
"D. Correct: If you use NetMon in a switched network environment, you see only the traffic addressed to the computer that is running NetMon."
Why have they posted that correction on their website if it's wrong?
I've got my 216 exam on Friday, I just hope this question doesn't appear because I now have no idea!! | |
| twister166 2002-10-09, 6:40 pm |
| quote:
Originally posted by l9nux
Well I dont know who is right. Microsoft clearly state the following:
"D. Correct: If you use NetMon in a switched network environment, you see only the traffic addressed to the computer that is running NetMon."
Why have they posted that correction on their website if it's wrong?
I've got my 216 exam on Friday, I just hope this question doesn't appear because I now have no idea!!
NetMon does not run in permiscure(sp??) mode, so it does not listen to all traffic even in a hub... you can test this, if you have two PC's, and set PC1 up for NetMon, and have PC2 ping the broadcast address... if you see the broadcast, there is your answer... Of course, that may not be M$ answer... I don't have the readiness guide, so I cannot say about that... |
|
|
|
