Wireshark Network Analysis Quiz Questions and Answers

When you disable the UDP protocol decoding process, applications that use UDP (such asDHCP and DNS) will not be decoded.

Answer :
  • True

Which protocol acts as the routable network layer protocol used to get packets from end-toendon a TCP/IP network?

Answer :
  • IP

_____________ are programs or devices that capture the vital information from the target network or particular network.

Answer :
  • Sniffer

Which description of deterministic analysis is true?

Answer :
  • definitive proof of a user's identity

There are __________ types of sniffing.

Answer :
  • 2

Active sniffing is difficult to detect.

Answer :
  • false

Which of the following is not a sniffing tool?

Answer :
  • Maltego

You have identified a malicious file in a sandbox analysis tool. Which piece of file information from the analysis is needed to search for additional downloads of this file by other hosts?

Answer :
  • file hash value

When using Wireshark to acquire packet capture on a network, which device would enable the capture of all traffic on the wire?

Answer :
  • Network tap

Name at least three troubleshooting tasks that can be performed using network analysis.

Answer :
  • None of the above