ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50 All Questions

View all questions & answers for the 312-50 exam
Go to Exam

Exam 312-50 topic 4 question 6 discussion

Actual exam question from ECCouncil's 312-50
Question #: 6
Topic #: 4
[All 312-50 Questions]

Which technical characteristic do Ethereal/Wireshark, TCPDump, and Snort have in common?

  • A. They are written in Java.
  • B. They send alerts to security monitors.
  • C. They use the same packet analysis engine.
  • D. They use the same packet capture utility.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by dorinh at Dec. 1, 2021, 9:44 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
dorinh
6 months, 1 week ago
pcap is an application programming interface (API) for capturing network traffic. While the name is an abbreviation of packet capture, that is not the API's proper name. Unix-like systems implement pcap in the libpcap library; libpcap, WinPcap, and Npcap provide the packet-capture and filtering engines of many open-source and commercial network tools, including protocol analyzers (packet sniffers), network monitors, network intrusion detection systems, traffic-generators and network-testers.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel