Network Monitoring - Quiz Explanation

The answers you selected are indicated below, along with text that explains the correct answers.
1. What is the purpose of the ping command?
Please select the best answer.
  A. To see if a remote machine is working
  B. To query kernel tables for network status information
  C. To follow packets through the network and detect problem network points
  D. To watch network traffic on an individual-packet level
  The correct answer is A. The purpose of the ping command is to see if a remote machine is working, or “alive.” Ping generates a series of ICMP echo request packets directed at a particular machine. The first test you should run with this command is to ping your own machine.

2. For what purpose would you use netstat?
Please select the best answer.
  A. To see if a remote machine is working
  B. To query kernel tables for network status information
  C. To follow packets through the network and detect blockages
  D. To watch network traffic on an individual-packet level
  The correct answer is B. The purpose of netstat is to query kernel tables for network status information. Netstat lists active TCP connections and shows active UNIX domain connections. It can also tell you which servers are listening for connections on your machine.

3. Which command would you use to monitor all listening TCP servers on your machine?
Please select the best answer.
  A. netstat -ta
  B. netstat -i
  C. netstat -r
  D. netstat -s
  The correct answer is A. You would use netstat -ta to monitor all TCP servers on your machine. The -i option shows how network interfaces are being used. The -r option shows the routing table. The -s option reports standard statistics from the TCP/IP protocol stack, organized by protocol.

4. What does the output from traceroute show?
Please select the best answer.
  A. Which users have root permissions and which ones do not
  B. A statistical picture of how the different network interfaces are being used
  C. A network address and an appropriate gateway for reaching that network
  D. The sequence of machines across which packets travel
  The correct answer is D. The output from traceroute shows the sequence of machines across which packets travel. Traceroute tries each stage of the path three times and reports on the round trip for each stage.

5. For what would you use the ping option -n?
Please select the best answer.
  A. To stop after sending a certain number of packets
  B. To send a packet of a given size
  C. To direct it to ignore the routing table
  D. To direct it not to look up DNS names, only numbers
  The correct answer is D. You would use ping -n to configure ping to not look up DNS names, only numbers. This option should be used if the name service is broken.

6. When reading the output from netstat -i, what does the column headed RX-OK mean?
Please select the best answer.
  A. The number of errors
  B. The number of frames dropped
  C. The number of frames received successfully
  D. The number of buffer overruns
  The correct answer is C. The RX-OK column reports the number of frames received successfully.

7. How would you continually monitor network status on your machine?
Please select the best answer.
  A. netstat -s
  B. netstat -ct
  C. netstat -m
  D. netstat -i
  The correct answer is B. You would continually monitor network status using netstat -ct. The -c option tells netstat to generate its output continuously, at one-second intervals. Therefore, the command
-ct
provides a list of TCP connections every second.

8. What is the purpose of tcpdump?
Please select the best answer.
  A. To monitor network traffic on a particular segment
  B. To locate failures far from your local network
  C. To view the routing table on your machine
  D. To check to see if a remote machine is active
  The correct answer is A. Tcpdump is used to observe network traffic.

  TCP/IP Illustration