Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) — Question 137

Which filter allows an engineer to filter traffic in Wireshark to further analyze the PCAP file by only showing the traffic for LAN 10.11.x.x, between workstations and servers without the Internet?

Answer options

• A. src=10.11.0.0/16 and dst=10.11.0.0/16
• B. ip.src==10.11.0.0/16 and ip.dst==10.11.0.0/16
• C. ip.src=10.11.0.0/16 and ip.dst=10.11.0.0/16
• D. src==10.11.0.0/16 and dst==10.11.0.0/16

Correct answer: B

Explanation

The correct answer is B because it uses the correct syntax for filtering IP source and destination addresses in Wireshark. Options A, C, and D either use incorrect operators or syntax that will not filter the traffic as intended, making them invalid for this specific use case.