单项选择题
You perform a security audit on a server named Server1. You install the Microsoft Network Monitor 3.0 application on Server1. You find that only some of the captured frames display host mnemonic names in the Source column and the Destination column. All other frames display IP addresses. You need to display mnemonic host names instead of IP addresses for all the frames.
What should you do?()
A. Create a new display filter and apply the filter to the capture.
B. Create a new capture filter and apply the filter to the capture.
C. Populate the Aliases table and apply the aliases to the capture.
D. Configure the Network Monitor application to enable the Enable Conversations option. Recapture the data to a new file.
相关考题
-
单项选择题
You perform a security audit of a server named CRM1. You want to build a list of all DNS requests that are initiated by the server. You install the Microsoft Network Monitor 3.0 application on CRM1. You capture all local traffic on CRM1 for 24 hours. You save the capture file as data.cap. You find that the size of the file is more than 1 GB. You need to create a file named DNSdata.cap from the existing capture file that contains only DNS-related data. What should you do? ()
A. Apply the display filter !DNS and save the displayed frames as a DNSdata.cap file.
B. Apply the capture filter DNS and save the displayed frames as a DNSdata.cap file.
C. Add a new alias named DNS to the aliases table and save the file as DNSdata.cap.
D. Run the nmcap.exe /inputcapture data.cap /capture DNS /file DNSdata.cap command. -
单项选择题
Your company has a server named DC1 that runs Windows Server 2008 R2. Server1 has the DHCP Server server role installed.You find that a desktop computer named Computer1 is unable to obtain an IP configuration from the DHCP server.You install the Microsoft Network Monitor 3.0 application on Server1. You enable P-mode in the Network Monitor application configuration. You plan to capture only the DHCP server-related traffic between Server1 and Computer1.The network interface configuration for the two computers is shown in the following table. Server1 Computer1 IP address 192.168.2.1 169.254.15.84 MAC address 00-0A-5E-1C-7F-67 00-17-31-D5-5E-FF You need to build a filter in the Network Monitor application to capture the DHCP traffic between Server1 and Computer1. Which filter should you use?()
A. IPv4.Address == 169.254.15.84 && DHCP
B. IPv4.Address == 192.168.2.1 && DHCP
C. Ethernet.Address == 0x000A5E1C7F67 && DHCP
D. Ethernet.Address == 0x001731D55EFF && DHCP -
多项选择题
Your company has a main office and a branch office. The branch office has three servers that run a Server Core installation of Windows Server 2008 R2. The servers are named Server1, Server2, and Server3. You want to configure the Event Logs subscription on Server1 to collect events from Server2 and Server3. You discover that you cannot create a subscription on Server1 from another computer. You need to configure a subscription on Server1. Which two actions should you perform?()
A. Run the wecutil cs subscription.xml command on Server1.
B. Run the wevtutil im subscription.xml command on Server1.
C. Create an event collector subscription configuration file. Name the file subscription.xml.
D. Create a custom view on Server1 by using Event Viewer. Export the custom view to a file named subscription . xml.
