312-50V13 · Question #65
312-50V13 Question #65: Real Exam Question with Answer & Explanation
The correct answer is B: tcpdump. tcpdump is a powerful command-line packet analyzer that captures and displays network traffic directly in the terminal, making it the command-line equivalent of the GUI-based Wireshark. Both tools use the same underlying packet capture library (libpcap), and tcpdump output can ev
Question
Which of the following is a command line packet analyzer similar to GUI-based Wireshark?
Options
- Anessus
- Btcpdump
- Cethereal
- Djack the ripper
Explanation
tcpdump is a powerful command-line packet analyzer that captures and displays network traffic directly in the terminal, making it the command-line equivalent of the GUI-based Wireshark. Both tools use the same underlying packet capture library (libpcap), and tcpdump output can even be saved in a format readable by Wireshark.
Why the distractors are wrong:
- Nessus is a vulnerability scanner, not a packet analyzer
- Ethereal was the original name for Wireshark before it was rebranded in 2006 - it's GUI-based, not command-line
- Jack the Ripper (likely referring to John the Ripper) is a password-cracking tool, completely unrelated to packet analysis
Memory Tip: Think of tcpdump as "dumping" raw TCP/IP network traffic straight to your terminal screen - the name itself tells you exactly what it does. If you remember that Wireshark was once called Ethereal, you can immediately eliminate option C since it's still GUI-based, leaving tcpdump as the only true command-line analyzer.
Topics
Community Discussion
No community discussion yet for this question.