Last Updated on November 16, 2023 by InfraExam
Which tool generates data packet captures and is appropriate for both threat hunting and forensic activities?
- IPS logs
- Cisco Secure Malware Analytics
|Explanation & Hint:
Wireshark is the tool that generates data packet captures and is appropriate for both threat hunting and forensic activities. Wireshark is a widely-used network protocol analyzer that allows security analysts and incident responders to capture and analyze network traffic in detail. It is a valuable tool for examining network communications, identifying anomalies, and conducting both threat hunting and forensic investigations by analyzing packet-level data.