CFR-310 Exam QuestionsBrowse all questions from this exam

CFR-310 Exam - Question 19


An incident responder was asked to analyze malicious traffic. Which of the following tools would be BEST for this?

Show Answer
Correct Answer: C

When analyzing malicious traffic, a network packet analyzer is required to capture and inspect packet data. Wireshark is specifically designed for this purpose, allowing detailed analysis of network traffic. Hex editors are used for examining binary files, tcpdump captures network traffic but lacks the user-friendly interface and advanced analysis features of Wireshark, and Snort is primarily an intrusion detection system. Therefore, Wireshark is the best tool for analyzing malicious traffic.

Discussion

1 comment
Sign in to comment
WutanOption: C
Sep 5, 2023

The answer is C. Wireshark. Wireshark is a network packet analyzer that can be used to capture and analyze network traffic.