The Windows Command Line Tools module provides you with the instructions and devices to develop your hands-on skills in the following topics.

  • Ipconfig
  • Netstat
  • Ping
  • Tracert and Route
  • ARP and Whoami

From an internal perspective, we will use windows tools to investigate basic topology but also see in detail the services and processes happening within a windows system that are not directly visible without interrogation.

Lab time: It will take approximately 1 hour to complete this lab.

Exam Objectives

The following exam objectives are covered in this lab:

  • CS0-001 1.1: Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes
  • CS0-001 1.2: Given a scenario, analyze the results of a network reconnaissance

Exercise 1 - IPconfig

IPconfig is a command-line tool that displays the current configuration of the installed IP stack on a networked computer.

When used with the /all switch, it displays a detailed configuration report for all interfaces, including any configured WAN miniports (typically used for remote access or VPN connections).

In this exercise you will complete the following tasks:

Using the IPconfig command line tool Please refer to your course material or use your favorite search engine to research for more information about this topic.

Exercise 2 - Netstat

Netstat displays active TCP connections, ports on which the computer is listening, Ethernet statistics, the IP routing table, IPv4 statistics (for the IP, ICMP, TCP, and UDP protocols), and IPv6 statistics (for the IPv6, ICMPv6, TCP over IPv6, and UDP over IPv6 protocols).

In this exercise you will complete the following tasks:

  • Using the Netstat command-line tool

Exercise 3 - Ping

Ping verifies IP-level connectivity to another TCP/IP computer by sending Internet Control Message Protocol (ICMP) Echo Request messages. The receipt of corresponding Echo Reply messages are displayed, along with round-trip times. Ping is the primary TCP/IP command used to troubleshoot connectivity, reachability, and name resolution.

In this exercise you will complete the following tasks:

  • Using the Ping command-line tool

Exercise 4 - Tracert and Route

The Tracert diagnostic utility determines the route to a destination by sending Internet Control Message Protocol (ICMP) echo packets to the destination. In these packets, Tracert uses varying IP Time-To-Live (TTL) values. Because each router along the path is required to decrement the packet's TTL by at least 1 before forwarding the packet, the TTL is effectively a hop counter. When the TTL on a packet reaches zero (0), the router sends an ICMP "Time Exceeded" message back to the source computer.

Route displays and modifies the entries in the local IP routing table which helps to understand the topology of a network.

In this exercise you will complete the following tasks:

  • Using the Tracert command line tool
  • Using the Route command line tool

Exercise 5 - ARP and Whoami

Address Resolution Protocol (ARP) performs IP address-to-media access control address resolution for outgoing packets. As each outgoing addressed IP datagram is encapsulated in a frame, source and destination MAC addresses must be added. Determining the destination MAC address for each frame is the responsibility of ARP.

Whoami Displays user, group and privileges information for the user who is currently logged on to the local system. If used without parameters, it displays the current domain and user name.

In this exercise you will complete the following tasks:

  • Using the ARP command line tool
  • Using the “Whoami” command line tool

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.