题目
题目

FIT1047_S2_2025 Sample Quiz for Assignment 3 Part 3 (not assessed but only two attempts)

多项填空题

Question textNetwork Traffic Analysis using Wireshark To complete this part of the quiz you need to download the following packet capture file available via google drive. Please note that you must be logged in with your Monash email account on the browser you are using for this quiz to access the Google drive. Make sure you are logged out of all your personal Google accounts if you encounter a request access page. Link to Apollo Node PCAP file Important Note: Various parts of the process of creating the PCAP files are randomised. Any name, domain, and/or IP address similarity is coincidental. Scenario The provided PCAP file for Apollo node contains the network traffic sent and received by this node for a period of time. During this time a user on this node has visited the web server of the organisation (the node named Web in the diagram), the intranet server (the node named Intranet in the diagram), and the external web server (the node named External in the diagram). The network connectivity is shown in the following diagram. Task 1: Data Link Layer Using the information contained in the PCAP file, identify the MAC addresses of the following nodes. The answers are not case sensitive. Note: Include colon (:) as the separator for all MAC addresses (e.g. AA:BB:CC:DD:EE:00) MAC address of Hera: Answer 1 Question 1[input] [2 Mark(s)] MAC address of the Intranet server: Answer 2 Question 1[input] [2 Mark(s)] Task 2: Network Layer IP address of Hera: Answer 3 Question 1[input] [2 Mark(s)] IP address of of the external web server (www.luna.net): Answer 4 Question 1[input] [2 Mark(s)] Task 3: Transport and Application Layers Visiting a Web Server Identify the frames of Apollo's visit to the organisation intranet server (the node named Intranet in the diagram) and fill out the following fields. Frame numbers refer to the Wireshark numbering (leftmost column). a) Identify the first frame that initiates the connection. Enter the frame number: Answer 5 Question 1[input] [1 Mark(s)] The client port number: Answer 6 Question 1[input] [1 Mark(s)] The 32-bit raw sequence number in hex including leading zeros (e.g. 00aabbcc): Answer 7 Question 1[input] [1 Mark(s)] b) Identify the frame of the GET request for the default HTML page. Enter the full request URI: Answer 8 Question 1[input] [1 Mark(s)] Enter the size (in bytes) of the application layer message: Answer 9 Question 1[input] [1 Mark(s)] c) Identify the frame of the server response containing the HTML page. Enter the size (in bytes) of the application layer message: Answer 10 Question 1[input] [1 Mark(s)] The HTML page content has a 16-digit hex value as a flag. Enter the flag: Answer 11 Question 1[input] [1 Mark(s)] Sending an email Identify the frames of the email sent from Apollo using the Mail server. Find the frame that contains the email address of the recipient and enter it here (without < and >): Answer 12 Question 1[input] [1 Mark(s)]

题目图片
查看解析

查看解析

标准答案
Please login to view
思路分析
To approach this task, I’ll go through each requested item in order and discuss what information from the PCAP would justify the provided answer. - MAC address of Hera: 10:98:36:af:ef:9a This value corresponds to Hera’s interface MAC as observed on the network segment connecting the Apollo node to the Hera host. In a typical capture, frames exchanged between the Apollo node and Hera would reveal Hera’s MAC in the Ethernet destination or source field depending on direction. The given MAC matches the expected format and is consistent with a value assigned to Hera’s NIC. - MAC address of the Intranet server: 00:19:bb:9b:05:9b This MAC would appear on frames where Apollo or the local gateway communicates with the Intranet server. In the data-link layer, the frame’s Ethernet header shows the destination MAC of the next hop (the Intranet server) or the source MAC of the sender. The provided value is formatted correctly and aligns with how a server on the intranet would present its NIC address in the capture. - IP address of Hera: 130.166.120.70 At the network layer, IP addresses are seen in the IP header fields of packets involving Hera. The address 130.166.120.70 would be Hera’s address on the internal network, allowing routing between Hera and other hosts (e.g.,......Login to view full explanation

登录即可查看完整答案

我们收录了全球超50000道考试原题与详细解析,现在登录,立即获得答案。

类似问题

Network behavior analysis gathers an organization's computer network traffic Blank ______ to identify unusual or suspicious operations.

HTML Documents with Embedded Objects  Use the http-ethereal-trace-4 packet trace file to answer the questions. Apply the http filter to the Wireshark trace.  By looking at the information in the HTTP GET, answer the following questions. Each of these three GET messages was sent to different IP addresses! Packet 17 to was sent to [ans]  

In a consumer society, many adults channel creativity into buying things

Economic stress and unpredictable times have resulted in a booming industry for self-help products

更多留学生实用工具

加入我们,立即解锁 海量真题独家解析,让复习快人一步!