Network Traffic Monitoring Flashcards

1
Q

Which of the following suspicious traffic signatures exposes malicious attempts such as
ping sweep, port scan, and DNS querying?

A

Reconnaissance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following filters in Wireshark displays only the traffic in a LAN (192.168.x.x)
between workstations and servers with no Internet?

A

ip.src==192.168.0.0/16 and ip.dst==192.168.0.0/16

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following display filters in Wireshark is used to perform filtering by multiple
IP addresses?

A

ip.addr == 10.0.0.4 or ip.addr == 10.0.0.5

How well did you know this?
1
Not at all
2
3
4
5
Perfectly