Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Cwnp Discussions
exam questions

Exam CWAP-402 All Questions

View all questions & answers for the CWAP-402 exam
Go to Exam

Exam CWAP-402 topic 1 question 23 discussion

Actual exam question from CWNP's CWAP-402
Question #: 23
Topic #: 1
[All CWAP-402 Questions]

When using Wireshark for protocol analysis, what filter will allow you to see only beacon frames?

  • A. wlan.fc.type_subtype = =0x05
  • B. wlan.fc.type_subtype = =0x0b
  • C. wlan.fc.type_subtype = =0x08
  • D. wlan.fc.type_subtype = =0x04
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
Reference:
http://www.lovemytool.com/blog/2010/02/wireshark-wireless-display-and-capture-filters-samples-by-joke-snelders.html
by VladeDivac at Oct. 17, 2021, 3:02 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
tonydiamond
3 months, 3 weeks ago
Selected Answer: C
wlan.fc.type_subtype == 0x8 is the expression which we need to add in the filter box. The reason why we are comparing it with 0x8 is, beacons are part of the management frames which has the type field set to 0 and beacons are represented by a hex value of 0x8 i.e there sub-type is 8. We can change the sub-type alone and map them to any one of the other management frames. For example the above filter can be modified to show only probe request frames with this expression wlan.fc.type_subtype == 0x5 and wlan.fc.type_subtype == 0x6 goes for probe response frames.
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel