Virtual Labs

Tools

Aim

Theory

Pretest

Procedure

Simulation

Posttest

References

Feedback

Aim

Theory

Pretest

Procedure

Simulation

Posttest

References

Feedback

Identifying and Investigating Various Network Attacks using Wireshark

Choose difficulty:

Beginner

Intermediate

Advanced

What is the primary purpose of using Wireshark?

a: To edit network protocols Explanation

Explanation

b: To capture and analyze network traffic Explanation

Explanation

c: To block malware on a system Explanation

Explanation

d: To encrypt network data Explanation

Explanation

Which of the following protocols is commonly used for secure web communication?

a: HTTP Explanation

Explanation

b: FTP Explanation

Explanation

c: HTTPS Explanation

Explanation

d: SMTP Explanation

Explanation

What type of attack is typically characterized by sending a large number of SYN packets to a target without completing the handshake?

a: ARP spoofing Explanation

Explanation

b: SQL injection Explanation

Explanation

c: SYN flood attack Explanation

Explanation

d: Man-in-the-middle attack Explanation

Explanation

Which Wireshark filter can be used to identify ARP poisoning attempts?

a: tcp.flags.syn == 1 Explanation

Explanation

b: http.request Explanation

Explanation

c: arp Explanation

Explanation

d: icmp.type == 8 Explanation

Explanation

What does the filter 'tcp.flags == 0x29' detect in Wireshark?

a: Plaintext passwords Explanation

Explanation

b: Xmas scan Explanation

Explanation

c: HTTP requests Explanation

Explanation

d: ARP replies Explanation

Explanation

Which of the following best describes ARP poisoning?

a: Overloading a server with SYN packets Explanation

Explanation

b: Sending crafted DNS requests to leak data Explanation

Explanation

c: Associating a false MAC address with an IP address Explanation

Explanation

d: Scanning ports using TCP FIN packets Explanation

Explanation

Community Links Sakshat Portal Outreach Portal FAQ: Virtual Labs

AGPL 3.0 & Creative Commons (CC BY-NC-SA 4.0)