nerdexam
Exams200-201Questions#364
CiscoCisco

200-201 · Question #364

200-201 Question #364: Real Exam Question with Answer & Explanation

In a PCAP file, the source address (10.0.2.15) and destination address (192.124.249.9) are the IP addresses found in the Internet Protocol v4 (Network Protocol) header, while source port (50588) and destination port (443) are TCP (Transport Protocol) fields. TLS v1.2 is the Appli

Submitted by rohit_dlh· Mar 6, 2026Network Traffic Analysis / Security Monitoring and Analysis - understanding packet capture structure, protocol layering (IP, TCP, TLS), and the ability to identify source/destination addresses and ports within a captured network frame, commonly tested in CompTIA CySA+, Security+, or similar cybersecurity certifications.

Question

Drag and Drop Question Refer to the exhibit. Drag and drop the element names from the left onto the corresponding pieces of the PCAP file on the right. Answer:

Explanation

In a PCAP file, the source address (10.0.2.15) and destination address (192.124.249.9) are the IP addresses found in the Internet Protocol v4 (Network Protocol) header, while source port (50588) and destination port (443) are TCP (Transport Protocol) fields. TLS v1.2 is the Application Protocol operating over TCP port 443, which is the standard HTTPS/TLS port. The labels 'Network Protocol' and 'Transport Protocol' are swapped in the correct arrangement - Internet Protocol v4 is the Network Layer (Layer 3) protocol, and TCP is the Transport Layer (Layer 4) protocol, which aligns with the OSI model.

Topics

#PCAP Analysis#Network Protocols#OSI Model#Packet Inspection

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 200-201 PracticeBrowse All 200-201 Questions