ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 200-201 All Questions

View all questions & answers for the 200-201 exam
Go to Exam

Exam 200-201 topic 1 question 336 discussion

Actual exam question from Cisco's 200-201
Question #: 336
Topic #: 1
[All 200-201 Questions]

An engineer must investigate suspicious connections. Data has been gathered using a tcpdump command on a Linux device and saved as sandboxmalware2022-12-22.pcaps file. The engineer is trying to open the tcpdump in the Wireshark tool. What is the expected result?

  • A. The file is opened.
  • B. The tool does not support Linux.
  • C. The file does not support the “-“ character.
  • D. The file has an incorrect extension.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by RoBery at Jan. 19, 2024, 6:52 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ImGonnaPassIt
2 months, 2 weeks ago
Selected Answer: A
While this is true that the file has an invalid extension, the question is about the result. The result is the file is opened by the tool (A)
upvoted 1 times
...
d503c75
6 months, 2 weeks ago
The answer is correct. I just tested it on my PC and it simply opened in wireshak. Option A.
upvoted 2 times
...
ciola89
1 year ago
Selected Answer: A
In linux .* extentions are used just to human readable reasons. The system know which file type is and opens it.
upvoted 2 times
...
ciola89
1 year ago
Linux based machines does not "read" after . characters like extensions (we write them just for human semplicity). The file type remains pcap for the machine, so it will be open.
upvoted 2 times
...
dnn_cbops
1 year, 2 months ago
Selected Answer: D
wrong extension
upvoted 3 times
Silexis
1 year, 2 months ago
The file will be opened due to file metadata. If you go and double-click on it, it will probably wont due to incorrect extension but if you look on Properties you will see the metadata shows a corect file capture type so using Wireshark ---> Open will show you the file But I think this is just another unfair question for this exam, made to drag you down, because nobody says how was the opening processed - as Double-click or from Wireshark panel..........
upvoted 1 times
...
...
RoBery
1 year, 2 months ago
D Wireshark can open files with the .pcap or .pcapng extension, not .pcaps
upvoted 3 times
d503c75
6 months, 1 week ago
Try it. It will open…
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago