CompTIA CySA+ (CS0-001) — Question 44

Given the following output from a Linux machine:
file2cable ""i eth0 -f file.pcap
Which of the following BEST describes what a security analyst is trying to accomplish?

Answer options

• A. The analyst is attempting to measure bandwidth utilization on interface eth0.
• B. The analyst is attempting to capture traffic on interface eth0.
• C. The analyst is attempting to replay captured data from a PCAP file.
• D. The analyst is attempting to capture traffic for a PCAP file.
• E. The analyst is attempting to use a protocol analyzer to monitor network traffic.

Correct answer: E

Explanation

The correct answer is E because the use of a protocol analyzer is indicated by the command to capture network data. Options A, B, C, and D do not accurately reflect the intent of using a protocol analyzer, which is specifically for monitoring traffic rather than merely measuring bandwidth or replaying data.