Refer to the exhibit.
A network engineer is analyzing a Wireshark file to determine the HTTP request that caused the initial Ursnif banking Trojan binary to download.
Which filter did the engineer apply to sort the Wireshark traffic logs?
A . http.request.un matches
B . tls.handshake.type ==1
C . tcp.port eq 25
D . tcp.window_size ==0
Answer: B
Explanation:
Reference:
https://www.malware-traffic-analysis.net/2018/11/08/index.html
https://unit42.paloaltonetworks.com/wireshark-tutorial-examining-ursnif-infections/
Latest 300-215 Dumps Valid Version with 59 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund