200-201 · Question #358
200-201 Question #358: Real Exam Question with Answer & Explanation
The correct answer is A: The file is opened.. Wireshark is a widely used network protocol analyzer that supports various capture file formats, including those generated by tcpdump. The .pcap extension is a standard format for packet capture files and is fully supported by Wireshark. The file extension or the inclusion of cha
Question
An engineer must investigate suspicious connections. Data has been gathered using a tcpdump command on a Linux device and saved as sandboxmalware2022-12-22.pcaps file. The engineer is trying to open the tcpdump in the Wireshark tool. What is the expected result?
Options
- AThe file is opened.
- BThe tool does not support Linux.
- CThe file does not support the "-"character.
- DThe file has an incorrect extension.
Explanation
Wireshark is a widely used network protocol analyzer that supports various capture file formats, including those generated by tcpdump. The .pcap extension is a standard format for packet capture files and is fully supported by Wireshark. The file extension or the inclusion of characters such as "-" in the file name does not impact Wireshark's ability to open and read the file. When the engineer opens the sandboxmatware2022-12-22.pcaps file in Wireshark, the tool will read the packet capture data, allowing for detailed analysis of network traffic.
Topics
Community Discussion
No community discussion yet for this question.