CompTIA Study Materials
AWS Study Materials
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA Security+ SY0-601 Practice Question

An incident responder needs to analyze potential data exfiltration which is believed to occur from a specific host to external destinations using uncommonly used high-numbered ports. Which Tcpdump command will MOST effectively capture the necessary traffic while minimizing the capture of unrelated data?

  • tcpdump -i eth0 'portrange 1024-65535'

  • tcpdump -i eth0 'src host 192.168.1.100'

  • tcpdump -i eth0 'tcp[tcpflags] & (tcp-syn|tcp-fin) != 0 and src portrange 1024-65535'

  • tcpdump -i eth0 'src host 192.168.1.100 and src portrange 49152-65535'

Subscribe to avoid duplicate questions and track your progress over time

Your Score:
Operations and Incident Response
Architecture and Design
Implementation
Governance, Risk, and Compliance
Attacks, Threats, and Vulnerabilities
CompTIA Security+ SY0-601
  • Attacks, Threats, and Vulnerabilities
  • Architecture and Design
  • Implementation
  • Operations and Incident Response
    • This question is filed here
  • Governance, Risk, and Compliance