Refer to the exhibit. A security analyst needs to investigate a security incident involving several suspicious connections with a possible attacker. Which tool should the analyst use to identify the source IP of the offender?
Wireshark is a powerful tool that can analyze traffic between hosts on your network. But it can also be used to help you discover and monitor unknown hosts, pull their IP addresses, and even learn a little about the device itself. SO answers is Packet Sniffer( Wireshark).
Netstat image is useless without the source of infomration that identified the possible attacker connections. An FMC as in "D. Firewallmanager" would identify the attack based on IPS and show the IP. A sniffer does not have security intel to identify the offending IP.
upvoted 3 times
...
This section is not available anymore. Please use the main Exam Page.350-201 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
ak_technonet
7 months, 1 week agoMedjai89
1 year agoTOLU1985
1 year, 2 months agoTOLU1985
1 year, 2 months agoCiscoTester
2 years ago