Exam 312-50v10 topic 1 question 283 discussion

tshark -f "net 192.168.8.0/24" is working for me. Your command is not working, and not even documented https://www.wireshark.org/docs/wsug_html_chunked/ChCustCommandLine.html

C:\Program Files\Wireshark>tshark.exe -i LAN1 -f "net 172.16.0.0/24" Capturing on 'LAN1' ** (tshark:12836) 15:02:37.888714 [Main MESSAGE] -- Capture started. ** (tshark:12836) 15:02:37.899201 [Main MESSAGE] -- File: "C:\Users\lu\AppData\Local\Temp\wireshark_Wi-FiTS1BC2.pcapng" 1 0.000000 1.2.3.4 → 172.16.0.10 TCP 54 443 → 24174 [ACK] Seq=1 Ack=1 Win=63756 Len=0 2 0.000192 1.2.3.4 → 172.16.0.10 TLSv1.3 XXX Application Data 3 0.000405 172.16.0.10 → 1.2.3.4 TLSv1.3 XX Application Data

Correct option is C: sudo tshark -f "net 192.168.8.0/24" A capture or read filter can either be specified with the -f or -R option, respectively, in which case the entire filter expression must be specified as a single argument (which means that if it contains spaces, it must be quoted), or can be specified with command-line arguments after the option arguments, in which case all the arguments after the filter arguments are treated as a filter expression. Reference: tshark documentation https://www.wireshark.org/docs/man-pages/tshark.html

wireshark –capture –local –masked 192.168.8.0 –range 24 Anything like this is not documented anywhere. Pretty sure the correct answer is tshark -f --net 192.168.8.0/24

The question, says it's a cron job, so it's a command line tool. I agree with goodlife's answer.

i keep seeing different answers for this across the internet. Answer B being 1 and the Other is A. Any thoughts on this?