Chapter Three Test | Packet Filtering: Catching the Cool Packets

The answers to this chapter test are located in Appendix A, "Answers to Chapter Tests."

Which protocol filters should you use when you want to check for any IP routing issues on the network?

_____________________________________________
Which protocol filters should you use when you want to catch all name lookups on the IP network?

_____________________________________________
What protocol filter should you use when you want to capture error and information messages crossing the IP network?

_____________________________________________
What protocol filter should you use when you want to capture all FTP, HTTP and other connection-oriented communications?

_____________________________________________

What field and value do you think the following predefined filters are based on?

Your boss has asked you to track all FTP traffic to and from your network. You decide to use the prebuilt filters for FTP, but there's a gnawing feeling of doom in the back of your mind… Hmm…. Didn't Laura say you might want to make that filter using the pattern filters? What was she talking about?

_____________________________________________

_____________________________________________
Answer the following questions as true (T), false (F) or absolutely ridiculous (AR). You might have to look up some information on the protocols and protocol numbers.
1. There are only about 5 protocols to filter on.
  
  T F AR
2. Predefined filters can only be used as display filters.
  
  T F AR
3. Protocol filters only work above the network layer.
  
  T F AR
4. You cannot combine protocol and address filters.
  
  T F AR