1. Given the following Wireshark filter, what is the attacker attempting to view?
A. SYN, SYN/ACK, ACK
B. SYN, FIN, URG, and PSH
C. ACK, ACK, SYN, URG
D. SYN/ACK only
A. You’ll see bunches of Wireshark questions on your exam, and EC-Council just loves the “TCP flags = decimal numbers” side of it all. Wireshark also has the ability to filter based on a decimal numbering system assigned to TCP flags. The assigned flag decimal numbers are FIN = 1, ...With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.
Start Free Trial
No credit card required