Which of the following commands should the administrator use to capture only the traffic between the two hosts?

Posted by: Pdfprep Category: CFR-310 Tags: , ,

A Linux system administrator found suspicious activity on host IP 192.168.10.121. This host is also establishing a connection to IP 88.143.12.123.

Which of the following commands should the administrator use to capture only the traffic between the two hosts?
A . # tcpdump -i eth0 host 88.143.12.123
B . # tcpdump -i eth0 dst 88.143.12.123
C . # tcpdump -i eth0 host 192.168.10.121
D . # tcpdump -i eth0 src 88.143.12.123

Answer: B

Leave a Reply

Your email address will not be published.