What type of information did the malicious insider attempt to obtain?

An engineer is investigating a case of the unauthorized usage of the “Tcpdump” tool. The analysis revealed that a malicious insider attempted to sniff traffic on a specific interface.

What type of information did the malicious insider attempt to obtain?
A . tagged protocols being used on the network
B . all firewall alerts and resulting mitigations
C . tagged ports being used on the network
D . all information and data within the datagram

Answer: D

Explanation:

The unauthorized usage of “Tcpdump” tool indicates that the malicious insider was attempting to obtain all information within datagrams passing through a specific interface on the network. Tcpdump allows users to capture packet data from a live network or read packets from a previously saved capture file.

Reference: = Cisco CyberOps – Module 3: Network Data and Event Analysis

Latest 200-201 Dumps Valid Version with 154 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments