Curioustab Logo Curioustab
Home » Computer Science » Networking

Windows NT network assessment: You manage eight NT servers and plan to move them to different network segments. Which tool on each server best measures which server generates the most network traffic?

Difficulty: Easy

Correct Answer: Network Monitor

Explanation:


Introduction / Context:
When planning network segmentation or server relocation, administrators need visibility into traffic volumes per host. Windows NT offered several TCP/IP tools, but only some are suitable for measuring packet flows and bandwidth usage. This question evaluates knowledge of the correct utility for network traffic analysis in an NT environment.



Given Data / Assumptions:

  • Eight Windows NT servers are involved.
  • Goal is to determine which server generates the most traffic.
  • Measurement must be done on each server before re-segmenting the network.
  • Classic NT toolset applies (no third-party analyzers assumed).


Concept / Approach:

Windows NT includes Network Monitor (and an agent) that captures and analyzes packets, showing per-host traffic statistics and protocols. While Performance Monitor can show interface counters, Network Monitor provides protocol-level visibility and capture capabilities, making it preferable for identifying the top talkers and understanding traffic composition.



Step-by-Step Solution:

Identify the need: quantify per-server traffic and analyze packets.Match need to tool: Network Monitor captures and summarizes network frames.Confirm alternatives: PerfMon counters are coarse, not packet-centric.Select Network Monitor as the best fit for measuring which server generates the most traffic.


Verification / Alternative check:

Cross-check by enabling Performance Monitor counters (Bytes Total/sec) on NICs to validate trends, then use Network Monitor to capture a representative interval for detailed confirmation of the highest traffic generator.



Why Other Options Are Wrong:

  • NBTSTAT: Focused on NetBIOS over TCP/IP name tables and sessions, not traffic quantification.
  • NETSTAT.EXE: Displays connections and listening ports; limited for traffic volume analysis.
  • Performance Monitor: Helpful but less granular than a protocol analyzer for per-conversation traffic.
  • ARP.EXE: Manipulates the ARP cache; irrelevant to traffic measurement.


Common Pitfalls:

Assuming open connections imply high traffic; a single idle TCP session may contribute little. Always measure bytes or frames over time. Ensure captures occur during peak windows to avoid misleading off-peak data.



Final Answer:

Network Monitor

← Previous Question Next Question→

More Questions from Networking

Discussion & Comments

No comments yet. Be the first to comment!
Join Discussion