Refer to exhibit. An engineer is investigating an intrusion and is analyzing the pcap file. Which two key elements must an engineer consider? (Choose two.)
A.
variable "info" field and unchanging sequence number
B.
high volume of SYN packets with very little variance in time
C.
SYN packets acknowledged from several source IP addresses
D.
identical length of 120 and window size (64)
E.
same source IP address with a destination port 80
Answer is A & B. The SYN packets are not being acknowledged
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.200-201 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
mgo28404
4 months, 3 weeks agoimbatnom
7 months, 4 weeks ago