Exam4Training

Which of the following should the analyst use to accomplish this task?

During a forensic investigation, a security analyst reviews some Session Initiation Protocol packets that came from a suspicious IP address. Law enforcement requires access to a VoIP call

that originated from the suspicious IP address.

Which of the following should the analyst use to accomplish this task?
A . Wireshark
B. iptables
C. Tcpdump
D. Netflow

Answer: A

Explanation:

Wireshark is a tool that can capture and analyze network traffic, including Session Initiation Protocol (SIP) and Voice over IP (VoIP) packets. The security analyst can use Wireshark to extract the audio data from the VoIP call that originated from the suspicious IP address and provide it to law enforcement. iptables, tcpdump, and Netflow are other tools that can manipulate or monitor network traffic, but they cannot extract audio data from VoIP packets.

Reference: https://www.wireshark.org/docs/wsug_html_chunked/ChVoIPAnalysis.html

Latest CS0-002 Dumps Valid Version with 220 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Exit mobile version