CompTIA Linux+ XK0-006 (V8) Practice Question

You suspect automated bots are repeatedly attempting to open SSH sessions with your Linux bastion host. After copying a packet capture from the server and loading it in Wireshark, you want to display only the first packet of every inbound connection attempt-that is, TCP packets where the SYN flag is set, the ACK flag is clear, and the destination port is 22. Which Wireshark display filter accomplishes this?

tcp.flags.fin == 1 and tcp.dstport == 22
tcp.flags.syn == 1 and tcp.flags.ack == 0 and tcp.dstport == 22
tcp.port == 22 and tcp.flags.push == 1
tcp.flags.syn == 1 and tcp.flags.ack == 1 and tcp.srcport == 22

CompTIA Linux+ XK0-006 (V8)

Security

Your Score:

Bash, the Crucial Exams Chat Bot

AI Bot

CompTIA Linux+ XK0-006 (V8) Practice Question

Answer Description

Ask Bash

What are the TCP SYN and ACK flags?

Why is port 22 significant in this context?

What does the Wireshark display filter 'tcp.flags.syn == 1 and tcp.flags.ack == 0 and tcp.dstport == 22' do?

Monthly

$19.99

Billed monthly,
Cancel any time.

3 Month Pass

$44.99

One time purchase of $44.99,
Does not auto-renew.

Annual Pass

$119.99

One time purchase of $119.99,
Does not auto-renew.

Lifetime Pass

$189.99

One time purchase,
Good for life.

All Exams

Unlimited Tests

Unlimited Questions

AI Tutor

Track scores

Report Cards

Voucher Discounts

Advanced PBQs

Included Exams

CompTIA Linux+ XK0-006 (V8) Practice Question

Report Issue

Answer Description

Ask Bash

What are the TCP SYN and ACK flags?

Why is port 22 significant in this context?

What does the Wireshark display filter 'tcp.flags.syn == 1 and tcp.flags.ack == 0 and tcp.dstport == 22' do?

Report Issue