The command "tcpdump -i eth0 -nn tcp port 443 -w capture.pcap" meets every stated need: "-i eth0" selects the correct interface, "-nn" turns off both DNS hostname and service-name resolution, the filter expression "tcp port 443" limits the capture to HTTPS traffic in either direction, and "-w capture.pcap" writes the raw packets to the specified file.
A command that uses only "-n" still resolves service names, violating the requirement. The choice that specifies "udp port 443" captures the wrong protocol, and the command that employs "-r" reads from an existing file instead of writing live traffic, so it would not record new packets.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does the '-nn' option in tcpdump do?
Open an interactive chat with Bash
Why is TCP traffic specified with 'tcp port 443' when capturing HTTPS traffic?
Open an interactive chat with Bash
What is the purpose of the '-w' flag in the tcpdump command?
Open an interactive chat with Bash
CompTIA Linux+ XK0-006 (V8)
System Management
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access