Q.1 What is the significance of the DNS protocol while you surf the Internet?
Q.2 How would you define zone transfers and recursive DNS queries?
Q.3 What is the difference between recursion desired and recursion available in DNS queries?
Q.4 How many DNS record types exist? Explain the purpose of the AAAA record type and what does non-authoritative answer mean?
Q.5 Differentiate between active and passive modes of FTP. Explain which mode is better.
Q.6 What solution can you come up if you are being asked to make your FTP session encrypted? Explain the difference it would make.
Q.7 Using a virtual infrastructure or a physical one, install the FTP server on any of the machines and then try to communicate with it while capturing live packets in Wireshark.
Q.8 Find out how you can limit the maximum number of login attempts. How can such limitation affect the overall security of your FTP server?
Q.9 Why do we refer to HTTP communication as a request/response approach and what is the purpose of the three-way handshake while initiating the connection?
Q.10 Which version of HTTP are we currently using and what is the difference between the old and new ones?
Q.11 While your browser makes an HTTP request, various other parameters are also sent in your request. Why is it so? What is the purpose of Accept-Encoding and Accept-Language parameters sent with your request?
Q.12 Visit websites of your choice and browse a couple of pages while capturing all the packets in Wireshark. Then, create a display filter to check whether any redirection was present in your whole session.
Q.13 For what purpose is SMTP on client side used? To send e-mails or receive them? Which protocols are popularly used to receive e-mails?
Q.14 Is it possible to perform a brute force attack on an SMTP server? If yes, then how and how do you identify such traffic pattern?
Q.15 What do you understand by e-mail harvesting and how you can perform an e-mail harvesting attack on an SMTP server? Is there any kind of specific response you will look for?
Q.16 Read about the difference between various email protocols and SMTP?
Q.17 What is the significance of SIP in a VOIP session? What percentage of traffic do you think SIP will have in a whole VOIP session?
Q.18 What is the difference between RTP and RTCP protocols?
Q.19 Download a SIP traffic capture file (sippcap) from Wireshark's website and analyze the session using a flow graph. Are you able to the see the process flow we discussed?
Q.20 Filter out all the wrong password attempts using specific code for such responses and apply a different coloring scheme (use the aaa.pcap capture file).