C. Wireshark
Explanation: Wireshark is a powerful network protocol analyzer that allows the incident responder to capture and examine network traffic in detail. It is widely used for analyzing malicious traffic, identifying attack patterns, and understanding the nature of suspicious network activity.
Why the other answers are less suitable:
A. Hex editor: A hex editor is used to view and edit raw data files, but it is not designed for analyzing network traffic.
B. tcpdump: While tcpdump is a great command-line tool for capturing network traffic, Wireshark provides a more user-friendly interface with advanced filtering and analysis features, making it more suitable for detailed analysis.
D. Snort: Snort is an intrusion detection/prevention system (IDS/IPS) that monitors traffic in real-time and alerts on suspicious activity, but it is not primarily used for deep traffic analysis like Wireshark.
The answer is C. Wireshark.
Wireshark is a network packet analyzer that can be used to capture and analyze network traffic.
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
044f354
3 months agoWutan
1 year, 3 months ago