Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil 212-89 Exam - Topic 3 Question 25 Discussion

Actual exam question for Eccouncil's 212-89 exam
Question #: 25
Topic #: 3
[All 212-89 Questions]

Bran is an incident handler who is assessing the network of the organization. In the

process, he wants to detect ping sweep attempts on the network using Wireshark tool.

Which of the following Wireshark filter he must use to accomplish this task?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Nichelle at May 05, 2022, 11:39 PM

Limited Time Offer

25%

Off

Get Premium 212-89 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Pamella
7 months ago
I thought D might be relevant, but C seems more accurate.
upvoted 0 times
...
Novella
7 months ago
C is the go-to for ICMP echo requests, no doubt!
upvoted 0 times
...
Louann
7 months ago
Wait, are we sure about that? What about A?
upvoted 0 times
...
Asha
8 months ago
I think C is right too, makes sense for ping sweeps.
upvoted 0 times
...
Angella
8 months ago
Definitely C, that's the echo request type!
upvoted 0 times
...
Leah
8 months ago
I recall a similar question where we focused on ICMP types. I’m leaning towards "icmp.type==8" since it corresponds to echo requests.
upvoted 0 times
...
Linn
8 months ago
I’m a bit confused about the options. I thought "icmp.seq" could be useful, but it doesn’t seem directly related to ping sweeps.
upvoted 0 times
...
Penney
8 months ago
I remember practicing with Wireshark, and I feel like "icmp.type==8" was mentioned for echo requests. That could be the right choice.
upvoted 0 times
...
Refugia
8 months ago
I think the filter for detecting ping sweeps might be related to ICMP types, but I'm not entirely sure which one to pick.
upvoted 0 times
...
Vinnie
8 months ago
Kanban seems like the most logical choice to me. The ability to visualize the workflow and manage work in progress is exactly what the question is asking for. I feel pretty confident about this one.
upvoted 0 times
...
Halina
8 months ago
This seems straightforward, but I want to double-check my work. I'll make sure to show all my calculations clearly in case I need to justify my answer.
upvoted 0 times
...
Anna
8 months ago
I'm a bit unsure about this one. The terminology is a bit unfamiliar to me, so I'll need to review my notes on hunt groups and related concepts before I can feel confident about the answer.
upvoted 0 times
...
Latosha
8 months ago
This seems like a straightforward question about setting up a discount period for an intercompany transaction. I think I'll go with option B and set up a Trade Agreement with the appropriate date range.
upvoted 0 times
...
Tyisha
8 months ago
I'm a bit confused by the wording of the question. I'll need to read it over a few times to make sure I understand what they're asking.
upvoted 0 times
...
Jonelle
1 year ago
I bet the Wireshark filter for ping sweep detection is something really obscure, like 'icmp.redir_gw'. Nah, just kidding, it's definitely C. I mean, who doesn't love a good old-fashioned ICMP echo request hunt?
upvoted 0 times
...
Kristofer
1 year ago
Okay, let's see... Ping sweep detection, Wireshark filter... I'm going to have to go with C on this one. Gotta love those ICMP echo requests, they're like the breadcrumbs of the networking world.
upvoted 0 times
Kaycee
12 months ago
User 3: Yeah, ICMP type 8 is the key to finding those ping sweep attempts. Nice job!
upvoted 0 times
...
Shakira
12 months ago
User1: Definitely, it's a useful filter for detecting network scanning.
upvoted 0 times
...
Phuong
12 months ago
User 2: Good choice! ICMP echo requests are definitely the way to go for detecting ping sweeps.
upvoted 0 times
...
Vallie
12 months ago
User2: Yeah, that's correct. It's a common method for ping sweeps.
upvoted 0 times
...
Erick
12 months ago
User 1: C) icmp.type==8
upvoted 0 times
...
Avery
1 year ago
User1: I think C is the right choice, ICMP type 8 is for echo requests.
upvoted 0 times
...
...
Florinda
1 year ago
Ah, the classic ping sweep detection question. I'm going with C too. Who needs fancy network security tools when you've got good old Wireshark and the right ICMP filter? Time to catch those pesky hackers in the act!
upvoted 0 times
...
Alishia
1 year ago
Hmm, let me think about this. I'd say the answer is C as well. Detecting ping sweeps is all about finding those ICMP echo requests, and the Wireshark filter to do that is icmp.type==8. Easy peasy!
upvoted 0 times
...
Desmond
1 year ago
Ooh, a ping sweep detection task! This is right up my alley. I bet the answer is C, icmp.type==8. That's the ICMP echo request packet, which is exactly what you'd use to detect a ping sweep.
upvoted 0 times
Delisa
11 months ago
User 4: No need, let's go with C. It's the most likely option.
upvoted 0 times
...
Dahlia
11 months ago
User 3: Should we double check just to be sure?
upvoted 0 times
...
Katina
11 months ago
User 2: Yeah, that makes sense. ICMP echo request is used for ping sweeps.
upvoted 0 times
...
Florinda
11 months ago
User 1: I think the answer is C, icmp.type==8.
upvoted 0 times
...
Brett
12 months ago
User1: Great, let's use that filter in Wireshark to detect any ping sweeps on the network.
upvoted 0 times
...
Lovetta
1 year ago
User3: I agree, icmp.type==8 is the correct filter for this task.
upvoted 0 times
...
Sharen
1 year ago
User2: Yeah, that makes sense. That filter would help detect ping sweep attempts.
upvoted 0 times
...
Larae
1 year ago
User1: I think the answer is C, icmp.type==8.
upvoted 0 times
...
...
Olen
1 year ago
I'm not sure, but I think icmp.ident could also be used to detect ping sweep attempts.
upvoted 0 times
...
Chantay
1 year ago
I agree with Elbert, icmp.type==8 is the correct filter for detecting ping sweep attempts.
upvoted 0 times
...
Elbert
1 year ago
I think Bran should use option C) icmp.type==8 to detect ping sweep attempts.
upvoted 0 times
...

Save Cancel