WCNA Practice Test Questions

100 Questions


Some ICMP packets include portions of the original packet that triggered the ICMP response.


A. True


B. False





A.   True


Which statement about this traffic is correct?


A. This is a TCP port scan.


B. The SYN packets are sent from asingle source port number.


C. The responses to the SYN packets should only have the RST bit set.


D. A firewall is blocking the SYN packets from reaching the desired host.





A.   This is a TCP port scan.

By default, Merge cap combines trace files based on the order they are listed on the command-line.


A. True


B. False





B.   False

DHCP is based on BOOTP.


A. True


B. False





A.   True

What is the maximum MACService Data Unit (MSDU) size defined by the IEEE 802.11 specification?


A. 1518 bytes


B. 2304 bytes


C. 2312 bytes


D. 4096 bytes





A.   1518 bytes


Which statement about the Capture Options window shown is correct?


A. Wireshark will resolve IP addresses to host names.


B. Wireshark will scroll to displaythe most recent packet captured.


C. Wireshark will attempt to resolve OUI values for all MAC addresses.


D. Wireshark will automatically stop capturing packets after two files have been saved.





B.   Wireshark will scroll to displaythe most recent packet captured.

Which statement about TCP sequence and acknowledgment numbering is correct?


A. The sequence number always increments by 1 for each data packettransmitted.


B. Both sides of a TCP connection must agree on an Initial Sequence Number value.


C. Starting Sequence Numbers cannot be larger than 65,535 because this is a 2-byte field.


D. The Acknowledgment Number field indicates the next sequence number expected from the other side of the connection.





D.   The Acknowledgment Number field indicates the next sequence number expected from the other side of the connection.

When you apply a display filter, the Status Bar indicates the total number ofpackets captured and the packets displayed.


A. True


B. False





A.   True

You are performing a TCP scan on a target while capturing your traffic with Wireshark. Which statement about the analysis is correct?


A. If you receive TCP Push responses, the target port is blocked.


B. If you receive ICMP responses, the target port is likely firewalled.


C. If only UDP responses are received, the target does not support TCP.


D. If a TCP RST response is received, the target is not currently powered up.





B.   If you receive ICMP responses, the target port is likely firewalled.

The ip.addr != 10.2.4.1 display filter shows all packets except ones that contain the address 10.2.4.1 in the source or destination IP address fields.


A. True


B. False





B.   False

Which format is used by capture filters?


A. tshark format


B. libpcap format


C. display filter format


D. Berkeley Packet Filtering (BPF) format





D.   Berkeley Packet Filtering (BPF) format

Applications may override the default port value defined in the TCP/IP stack services file.


A. True


B. False





A.   True


Page 3 out of 9 Pages
Previous