Check Point Certified Security Expert (CCSE) R81 — Question 35

Besides fw monitor, what is another command that can be used to capture packets?

Answer options

• A. arp
• B. traceroute
• C. tcpdump
• D. ping

Correct answer: C

Explanation

The correct answer is C, tcpdump, which is a widely used command-line packet analyzer that captures network traffic. Options A, B, and D are not suitable for capturing packets; arp is for address resolution, traceroute is for determining the path packets take, and ping is used to check connectivity.