单项选择题
You are the network administrator for your company. The network consists of a single Active Directory domain. The domain contains 25 Windows Server 2003 computers and 6,000 Windows XP Professional computers.The written company security policy states that network traffic to Web servers must be audited on a regular basis. A server named Server1 is configured as a Web server on the company’s intranet. You install Network Monitor Tools from a Windows Server 2003 product CD-ROM on Server1.You run Network Monitor on Server1 for three hours. When you stop the network capture, you see that Network Monitor captured over 40,000 frames. As you look at the captured frames, you notice that an extremely large number of TCP connection requests have all come from the 131.107.0.1 IP address.In Network Monitor, you need to view only the frames for network traffic that are captured between Server1 and the 131.107.0.1 IP address.
What should you do?()
A.Create an Address Capture filter for all network traffic between Server1 and the 131.107.0.1 IP address.
B.Create a Find Frame Expression filter for network traffic captured between Server1 and the 131.107.0.1 IP address.
C.Create an Address Display filter for all network traffic captured between Server1 and the 131.107.0.1 IP address.
D.Create a Pattern Match capture trigger for the 131.107.0.1 IP address.
相关考题
-
单项选择题
You are the network administrator for your company. The network consists of a single Active Directory domain. The domain contains Windows Server 2003 computers and Windows XP Professional computers. You configure a server named Server1 to be a file server. The written company security policy states that you must analyze network traffic that is sent to and from all file servers.You need to capture file-transfer network traffic that is being sent to and from Server1. You install Network Monitor Tools from a Windows Server 2003 product CD-ROM on a server named Server2, which is on the same network segment as Server1.You run Network Monitor on Server2. However, Network Monitor captures only network traffic that is sent to and from Server2. You need to capture all network traffic that is sent to and from Server1. What should you do?()
A.Install the Network Monitor driver on Server1. Run Network Monitor on Server2 to capture network traffic.
B.Open Network Monitor on Server2 and create a capture filter to enable the capture of all protocols. Run Network Monitor to capture network traffic.
C.Install Network Monitor Tools on Server1. Run Network Monitor to capture network traffic.
D.Open Network Monitor on Server2 and increase the capture buffer from 1 MB to 20 MB in size. Run Network Monitor to capture network traffic. -
单项选择题
You are the network administrator for your company. A Windows Server 2003 computer named Router11 is used to connect the network to the Internet.You find out that some computers on the network are infected with a worm, which occasionally sends out traffic to various hosts on the Internet. This traffic always uses a certain source TCP port number.You need to identify which computers are infected with the worm. You need to configure a solution on Router11 that will perform the following two tasks: (1)Detect and identify traffic that is sent by the worm. (2)Immediately send a notification to a network administrator that the infected computer needs to be repaired. What should you do?()
A.Configure a WMI event trigger.
B.Configure a Network Monitor capture filter.
C.Configure a Network Monitor trigger.
D.Configure a System Monitor alert. -
单项选择题
You are the network administrator for your company. The network contains a Windows Server 2003 Web server named WebServer1. WebServer1 is connected to the Internet by means of a dedicated link. You are responsible for monitoring the bandwidth utilization of WebServer1. You run a System Monitor log on WebServer1, which monitors the Bytes Total/sec counter on the Network Interface object. The sample rate for the counter is set to 15 seconds. The log is archived once each day.The size of the System Monitor log is becoming too large for the available disk space. You need to reconfigure the System Monitor log settings to reduce the amount of data that is captured. What should you do?()
A.Retain the current counter, but set the sample rate to 5 seconds.
B.Retain the current counter, but set the sample rate to 60 seconds.
C.Change the counter to Total Bytes, and set the sample rate to 15 seconds.
D.Change the counter to Current Bandwidth, and set the sample rate to 60 seconds.
