An incident responder needs to analyze potential data exfiltration which is believed to occur from a specific host to external destinations using uncommonly used high-numbered ports. Which Tcpdump command will MOST effectively capture the necessary traffic while minimizing the capture of unrelated data?
tcpdump -i eth0 'portrange 1024-65535'
tcpdump -i eth0 'src host 192.168.1.100 and src portrange 49152-65535'
tcpdump -i eth0 'src host 192.168.1.100'
tcpdump -i eth0 'tcp[tcpflags] & (tcp-syn|tcp-fin) != 0 and src portrange 1024-65535'