Notifications
Clear all
Topic starter
01/11/2022 6:18 am
A security analyst needs to perform a search for connections with a suspicious IP on the network traffic. The company collects full packet captures at the Internet gateway and retains them for one week.
Which of the following will enable the analyst to obtain the BEST results?
- A . tcpdump Cn Cr internet.pcap host <suspicious ip>
- B . strings internet.pcap | grep <suspicious ip>
- C . grep Ca <suspicious ip> internet.pcap
- D . npcapd internet.pcap | grep <suspicious ip>
Suggested Answer: A