What type of information did the malicious insider attempt to obtain?
An engineer is investigating a case of the unauthorized usage of the “Tcpdump” tool. The analysis revealed that a malicious insider attempted to sniff traffic on a specific interface.
What type of information did the malicious insider attempt to obtain?
A . tagged protocols being used on the network
B . all firewall alerts and resulting mitigations
C . tagged ports being used on the network
D . all information and data within the datagram
Answer: D
Explanation:
The unauthorized usage of “Tcpdump” tool indicates that the malicious insider was attempting to obtain all information within datagrams passing through a specific interface on the network. Tcpdump allows users to capture packet data from a live network or read packets from a previously saved capture file.
Reference: = Cisco CyberOps – Module 3: Network Data and Event Analysis
Latest 200-201 Dumps Valid Version with 154 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund