Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Eccouncil Exam 312-38 Topic 8 Question 87 Discussion

Actual exam question for Eccouncil's 312-38 exam
Question #: 87
Topic #: 8
[All 312-38 Questions]

Which of the following Wireshark filters allows an administrator to detect SYN/FIN DDoS attempt on

the network?

Show Suggested Answer Hide Answer
Suggested Answer: A

According to NIST guidelines, the incident category that includes activities seeking to access or identify a federal agency computer, open ports, protocols, services, or any combination thereof for later exploitation is categorized as 'Scans/Probes/Attempted Access'. This category encompasses any unauthorized attempts to access systems, networks, or data, which may include scanning for vulnerabilities or probing to discover open ports and services.


Contribute your Thoughts:

Ligia
3 days ago
I think the answer is A) tcp.flags==0x003.
upvoted 0 times
...

Save Cancel