CSUSD Common Configuration for Wireshark Lab Assessment Questions

Lab Assessment Questions

1. What are some causes of the number of bytes on the wire exceeding the number of bytes being captured?

2. What are the source and destination MAC address in Frame 546?

3. What is the manufacturer’s specific ID for Intel Core?

4. What is the MAC address used for IPv4 multicast?

5. What version of IP is present in Frame 546? What is the source IP address?

6. At what times do the various steps of the Google three-step TCP handshake occur?

7. A DNS query failure is referred to a higher level Domain Name Server under what condition?

8. The descriptive text that accompanies the packet analysis is provided by Wireshark. True or False?

there is an example in the attachment

0 X
[ools Help
1
– Expression
Protocol Length
TO
Info
74 Echo (ping) request id-Axboel, seq-5/1280, ttl-128 (reply in 2)
74 Echo (ping) reply fd-ex0001, seq-5/1260, ttl-128 (request in 1)
74. Echo (ping) request id-db2001, seq=61536, ttl=128 (reply in 4)
74 Echo (ping) reply Id=2×0201, seq-6/1536, tel-128 (request In 3)
74 Echo (ping) request id-@bei, seq-7/1792, ttl-128 (reply In 6)
ICY
fts on interface a
54905E1})
Analyzing Protocols with Wireshark
che Tire
1.vWorkstation
2019-08-04618:38:11
RAEED ALMOSPI
P V..E..E..
*
– abcdef
sepqrstuv
fe he
26
Packets: 14 – Oksployed: 14 (100.0%)