Scribd
Upload
24 views5 pages

15.0.3 Class Activity - What's Going On

Uploaded by

lemueljaaziahsoriano
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
24 views5 pages

15.0.3 Class Activity - What's Going On

Uploaded by

lemueljaaziahsoriano
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

Midterm Practical Lab Exam - What's Going On?

Berdin, Ezekiel Torecampo


Midterm Practical Lab Exam - What's Going On?
Objectives
Identify the processes running on a computer, the protocol they are using, and their local and remote port
addresses.
Part 1: Download and install the TCPView software.
Part 2: Answer the following questions.
Part 3: Use a browser and observe the TCPView window.

Background / Scenario
For a hacker to establish a connection to a remote computer, a port must be listening on that device. This
may be due to infection by malware, or a vulnerability in a legitimate piece of software. A utility, such as
TCPView, can be used to detect open ports, monitor them in real-time, and close active ports and processes
using them.

Required Resources
 PC with Internet access
 TCPView software

 2017 - 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 1 of 5 www.netacad.com
Midterm Practical Lab Exam - What's Going On?

Instructions

Part 1: Download and install the TCPView software.


Click the link below to reach the download page for TCPView.
http://technet.microsoft.com/en-us/sysinternals/tcpview.aspx

a. Create a folder on the desktop named TCPView.


b. Extract the contents of the zip to this new folder.

c. Start the Tcpview Application.

 2017 - 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 2 of 5 www.netacad.com
Midterm Practical Lab Exam - What's Going On?

d. Finally, Agree to the software license terms.

Part 2: Answer the following questions.


Questions:

a. How many Endpoints are listed?


247
b. How many are Listening?
43
c. How many Endpoints are Established?
52

Part 3: Use a browser and observe the TCPView window.


a. Open the Options menu and click “Always on Top”.
Note: Use the Help section of the program to help you answer the following questions.

 2017 - 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 3 of 5 www.netacad.com
Midterm Practical Lab Exam - What's Going On?

b. Open any browser.


Question:

What happens in the TCPView window?


multiple browser processes open and turn green across the screen, then some may turn to
yellow, red, or white.
c. Browse to cisco.com.

Question:

What happens in the TCPView window?


more browser processes open as green across the screen, then some may turn to yellow, red, or
white.

d. Close the browser.


Questions:

What happens in the TCPView window?


after some time, multiple browser processes turn red as they close.
What do you think the colors mean?

 2017 - 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 4 of 5 www.netacad.com
Midterm Practical Lab Exam - What's Going On?

green lines indicate starting processes, yellow lines indicate processes that are waiting to open or
close, red lines indicate processes that are closing, and white lines indicate processes that are
running
Note: To close a process directly, right-click the process and choose End Process. Using this method can
cause a program or the operating system to become unstable. Only end processes that you know are safe to
end. This method can be used to stop malware from communicating.
End of document

 2017 - 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 5 of 5 www.netacad.com

You might also like