• Post author:
  • Post category:Blog
  • Reading time:2 mins read
  • Post last modified:June 12, 2024

Which three options are tools that can perform packet captures? (Choose three.)

  • Wireshark
  • ELSA
  • Sguil
  • Squirt
  • Tshark
  • tcpdump
Explanation & Hint:

Three tools from the provided list that can perform packet captures are:

  1. Wireshark – A widely used network protocol analyzer that lets you see what’s happening on your network at a microscopic level. It is commonly used for network troubleshooting, analysis, software and communications protocol development, and education.
  2. Tshark – The command-line version of Wireshark, which can capture and analyze packets without a GUI.
  3. tcpdump – A powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture.

ELSA, Sguil, and Squert are tools associated with network security monitoring, but they do not perform packet captures themselves. ELSA is a centralized syslog framework, Sguil facilitates the real-time monitoring and analysis of network events, and Squert is a web application that is used to query and view event data stored by Sguil’s database.

For more Questions and Answers:

Data Security Post-Assessment | CBROPS

Notify of
Inline Feedbacks
View all comments