Which of the following commands should the administrator use to capture only the traffic between the two hosts?

Posted by: Pdfprep Category: CFR-310 Tags: CFR-310 exam questions, CFR-310 practice exam, CyberSec First Responder (CFR) Post Date: November 15, 2020

A Linux system administrator found suspicious activity on host IP 192.168.10.121. This host is also establishing a connection to IP 88.143.12.123.

Which of the following commands should the administrator use to capture only the traffic between the two hosts?
A . # tcpdump -i eth0 host 88.143.12.123
B . # tcpdump -i eth0 dst 88.143.12.123
C . # tcpdump -i eth0 host 192.168.10.121
D . # tcpdump -i eth0 src 88.143.12.123

Answer: B

Which of the following commands should the administrator use to capture only the traffic between the two hosts?

Author

Leave a Reply Cancel reply