What is the correct PCAP filter to capture all TCP traffic going to or from host 192.168.0.125 on
port 25?
A.
tcp.src == 25 and ip.host == 192.168.0.125
B.
host 192.168.0.125:25
C.
port 25 and host 192.168.0.125
D.
tcp.port == 25 and ip.host == 192.168.0.125
D
C is the right answer
https://www.wireshark.org/docs/man-pages/pcap-filter.html
or
http://www.manpagez.com/man/7/pcap-filter/
They don’t ask for wireshark filters, but pcap filters
Correct it is C….that is wireshark commands
Are you sure is C?
If you search on GOOGLE this questions, the other 3 webs with this test says the answer is D (I can’t put all the links here)
can will C, but that eccouncil is D…