ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 200-201 All Questions

View all questions & answers for the 200-201 exam
Go to Exam

Exam 200-201 topic 1 question 74 discussion

Actual exam question from Cisco's 200-201
Question #: 74
Topic #: 1
[All 200-201 Questions]

An engineer is investigating a case of the unauthorized usage of the `Tcpdump` tool. The analysis revealed that a malicious insider attempted to sniff traffic on a specific interface. What type of information did the malicious insider attempt to obtain?

  • A. tagged protocols being used on the network
  • B. all firewall alerts and resulting mitigations
  • C. tagged ports being used on the network
  • D. all information and data within the datagram
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by anonymous1966 at Sept. 4, 2021, 6:01 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
anonymous1966
Highly Voted 2 years, 9 months ago
The correct is "D" Sniffing traffic on a specific interface sends to agent the full information.
upvoted 16 times
fejec
2 years, 9 months ago
using verbose parameter (-v or -vv) increases the amount of detail shown in the output, showing more than tagged protocols.
upvoted 3 times
ivlis_27
2 years, 7 months ago
i think D correct because sniffing on specific interface doesn't mean you only get the tagged protocol, if you try you still get many information beside tagged protocol
upvoted 2 times
...
...
...
CCNPTT
Most Recent 7 months, 1 week ago
Selected Answer: D
"Datagram" is NOT only related to UDP, I'm surprised people mentioning it. Just read latest version of the TCP RFC, RFC 9293: "TCP segments are sent as internet datagrams. The Internet Protocol (IP) header carries several information fields, including the source and destination host addresses." "datagram: A message sent in a packet-switched computer communications network." Answer is D.
upvoted 1 times
...
Faio
11 months ago
The answer is D. Tcpdump is a command-line tool used to capture and analyze network traffic in real-time. By sniffing traffic on a specific interface, the malicious insider could potentially obtain all information and data within the datagram, including: The source and destination IP addresses The source and destination ports The protocol type The payload data he other options are not correct. Option A is incorrect because tagged protocols are not part of the datagram. Option B is incorrect because firewall alerts and resulting mitigations are not captured by tcpdump. Option C is incorrect because tagged ports are not part of the datagram.
upvoted 1 times
...
Topsecret
11 months, 2 weeks ago
D. all information and data within the datagram Tcpdump is a packet capture tool that allows users to capture and analyze network packets in real-time. By capturing network traffic on a specific interface, the malicious insider would have been able to intercept and inspect the contents of the captured packets. This includes the payload data, headers, and any other information contained within the network datagrams.
upvoted 1 times
...
Isuckatexams
1 year ago
Selected Answer: D
You could use NMAP for tagged protocols. Why use TCPDUMP or wireshark for anything other than packet inspection?
upvoted 1 times
...
drdecker100
1 year, 4 months ago
Selected Answer: D
The malicious insider attempted to obtain D. all information and data within the datagram by using the Tcpdump tool to sniff the traffic on a specific interface. Tcpdump is a powerful tool that can capture and display the contents of network packets, including the data within the datagram. By analyzing the captured data, the malicious insider can potentially obtain sensitive information such as login credentials, financial data, or confidential business information. This type of unauthorized network monitoring is a serious security threat, and appropriate measures should be taken to prevent it from happening in the future.
upvoted 1 times
...
aaawnd
1 year, 6 months ago
Selected Answer: D
datagram is not exclusive of UDP
upvoted 2 times
...
cy_analyst
1 year, 8 months ago
Selected Answer: A
A is correct, D uses the word datagram which is a udp only concept. Tcpdump can take full packet capture.
upvoted 1 times
CCNPTT
7 months, 1 week ago
Datagram *IS NOT* UDP only.
upvoted 1 times
...
...
aplicacion101
1 year, 11 months ago
Selected Answer: A
Nop, the answer is good, in D the word datagrama damage the answer. It most wise select protocols, so A best answer
upvoted 3 times
...
tor_bap
2 years, 5 months ago
Selected Answer: D
the answer should be D
upvoted 3 times
...
halamah
2 years, 7 months ago
correct id d full data
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel