Exam4Training

Which of the following will enable the analyst to obtain the BEST results?

A security analyst needs to perform a search for connections with a suspicious IP on the network traffic. The company collects full packet captures at the Internet gateway and retains them for one week.

Which of the following will enable the analyst to obtain the BEST results?
A . grep -a <suspicious ip> internet.pcap
B . tcpdump-n-rinternet.pcaphost<suspicious ip>
C . strings internet.pcap | grep <suspicious ip>
D . npcapd internet.pcap | grep <suspicious ip>

Answer: B

Latest CS0-002 Dumps Valid Version with 220 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Exit mobile version