5.5

Question 1

If names are not resolving, what could happen? and how can we test it?

Answer 1

Web browsing doesn’t work(Internet is broken). We can test it by pinging the IP address and see if it works, it means it’s not a connectivity issue.

Question 2

How can we troubleshoot DNS issues?

Answer 2

1. Check your IP configuration(is the DNS address correct?)
2. Use “nslookup” or “dig” to test
3. Try a different DNS server(Google is 8.8.8.8 and 8.8.4.4 or Quad9 is 9.9.9.9)

Question 3

What are some IP configuration issues?

Answer 3

1. Communicate to a local IP addresses(but not outside subnets)
2. No IP communication(local or remote)
3. Communicate to some IP addresses(but not others)

Question 4

How can we troubleshoot IP configurations?

Answer 4

1. Check your documentation(IP address, subnet mask, gateway)
2. Monitor the traffic(examine local broadcast)
3. Check devices around you(confirm your subnet mask and gateway)
4. Traceroute and ping(Issue might be our interference)

Question 5

What could duplicating IP addresses cause?

Answer 5

Intermitten connectivity(the two addresses “fight” with each other.

Question 6

how can we troubleshoot duplicate IP addresses?

Answer 6

1. Check your IP addresses(did we misconfigure something?)
2. Ping an IP address before static addressing(Does it respond)
3. Determine the IP addresses(ping the IP address, check our ARP table, find the MAC address in our switch MAC table)
4. Capture the DHCP process(what DHCP servers are responding?)

Question 7

What kind of problem do duplicating MAC addresses can cause? How can we confirm the MAC address of a device?

Answer 7

Intermitten connectivity. By using the ARP command from another computer, we can confirm the MAC matches the IP.

Question 8

What should we do when we have an expired IP address?

Answer 8

Check the status of our DHCP server.

Question 9

What is a rogue DHCP server?

Answer 9

It’s a non-authorized server that assigns IP addresses(there is no inherent security in DHCP)

Question 10

what can a rogue DHCP server cause?

Answer 10

Client is assigned an invalid or duplicate address(intermitten connectivity or no connectivity)

Question 11

How can we disable rogue DHCP communication?

Answer 11

Enable DHCP snooping on our switch and then disable the rogue DHCP server and renew the IP leases.

Question 12

What is untrusted SSL certificate?

Answer 12

The certificate not trusted error indicates that the SSL certificate is not signed or approved by a company that the browser trusts.

Question 13

Why is the correct time on a system important?

Answer 13

Some cryptography is very time sensitive.

Question 14

How can we resolve an incorrect time?

Answer 14

Configure NTP on all devices(automate the clock setting)

Question 15

What happens when we have an exhausted DHCP scope?

Answer 15

Client will receive an APIPA address(local subnet communication only)

Question 16

How can we resolve and prevent exhausted DHCP scope?

Answer 16

resolve: Check the DHCP server(add more IP addresses if possible)
prevent: IPAM(IP address management) may help(monitor and report on IP address shortages) or lower the lease time(especially if there are a lot of transient users)

Question 17

What does the blocked TCP/UDP ports affect? and what could cause that?

Answer 17

a) Applications not working(slowdowns with other applications)
b) Firewall or ACL configuration(security choke points)

Question 18

How can we resolve blocked TCP/UDP ports?

Answer 18

1. Confirm with a packet capture to see if there is any communication problems.
2. Run a TCP-or UDP-based traceroute tool(see how far your packet can go)

Question 19

How can we resolve incorrect host-based firewall setting?

Answer 19

Check the host-based firewall settings and then take a packet capture to see if the traffic made it to the network or not.

Question 20

How can we confirm an incorrect ACL setting?

Answer 20

We can confirm it with packet captures and TCP/UDP traceroutes(identify the point of no return)

Question 21

What is unresponsive service?

Answer 21

a) It’s when there is no response to an application request(no answer)
b)

Question 22

how can we confirm unresponsive service?

Answer 22

1. Check the port number to see if we have the right one(and the protocol type of TCP/UDP)
2. Confirm connectivity(ping, traceroute)
3. We check to see if the application is still working(telnet to the port number and see if it responds)

Question 23

What can hardware failure cause?

Answer 23

No response(application doesn’t respond)

Question 24

How can we confirm a hardware failure?

Answer 24

1. Confirm connectivity(without a ping, we are not going to connect)
2. Run a traceroute(See if we are being filtered, if not it should make it to the other side)
3. Check the server(Lights?Fire?)