Question 3 of 32 from exam 300-215-CBRFIR: Conducting Forensic Analysis and Incident Response Using Cisco Technologies for CyberOps

Question 3 of 32 from exam 300-215-CBRFIR: Conducting Forensic Analysis and Incident Response Using Cisco Technologies for CyberOps

Prev Question Next Question

Question

351.613329 351,614781 351.615356 351.615473 351.616366 351.617248 351.618094 351.618857 351.619789, 351,620622 351.621398 351,622245 351.623161 351.624003 351.624765 Source 167.203.102.117 227.161.2158 209.92.25.229 149.221.46.147 192.183.44.102 162.178.159.141 203.98.141.133, 115.48.48.185 147.29.251.74 29.158.7.85 133.119.25.131 89,99.115.209 221.19.65.45 124.97.107.209 140.147.97.13 [Destination 192.168.1.159 192.168.1.159 192.168.1.159 192.168.1.159 192.168.1.159 192.168.1.159 192.168.1.159 192.168.1.159 192.168.1.159 192.168.1.159 192.168.1.159 192.168.1.159 192.168.1.159 192.168.1.159 192.168.1.159 15120 —> 80 [SYN] Seq=0 Win=64 Len=120 [TCP segment 15409 > 80 [SYN] Seq=0 Win=64 Len=120 [TCP segment 15701 —> 80 [SYN] Seq=0 Win=64 Len=120 [TCP segment 18969 -> 80 [SYN] Seq=0 Win=64 Len=120 [TCP segment 16247 —> 80 [SYN] Seq=0 Win=64 Len=120 [TCP segment 16532 —> 80 [SYN] Seq=0 Win=64 Len=120 [TCP segment 16533 > 80 [SYN] Seq=0 Win=64 Len=120 [TCP segment 16718 > 80 [SYN] Seq=0 Win=64 Len=120 [TCP segment 17009 -> 80 [SYN] Seq=0 Win=64 Len=120 [TCP segment 17304 -> 80 [SYN] Seq=0 Win=64 Len=120 [TCP segment 17599 -> 80 [SYN] Seq=0 Win=64 Len=120 [TCP segment 17874 > 80 [SYN] Seq=0 Win=64 Len=120 [TCP segment 18160 —> 80 [SYN] Seq=0 Win=64 Len=120 [TCP segment 18448 —> 80 [SYN] Seq=0 Win=64 Len=120 [TCP segment 18740 > 80 [SYN] Seq=0 Win=64 Len=120 [TCP segment

Refer to the exhibit.

What should an engineer determine from this Wireshark capture of suspicious network traffic?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

A.

Prev Question Next Question