CertNexus Certified Cyber Secure Coder (CSC) — Question 91

An incident responder was asked to analyze malicious traffic. Which of the following tools would be BEST for this?

Answer options

• A. Hex editor
• B. tcpdump
• C. Wireshark
• D. Snort

Correct answer: C

Explanation

Wireshark is the most suitable tool because it provides a user-friendly interface for capturing and analyzing network packets in detail. While tcpdump is a command-line tool that can capture traffic, it lacks the graphical capabilities of Wireshark. A hex editor is used for viewing binary data, and Snort is primarily an intrusion detection system, making them less effective for deep traffic analysis.