Certified Network Defender (CND) — Question 190

Mark is monitoring the network traffic on his organization's network. He wants to detect TCP and UDP ping sweeps on his network. Which type of filter will be used to detect this?

Answer options

• A. tcp.dstport==7 and udp.srcport==7
• B. tcp.srcport==7 and udp.dstport==7
• C. tcp.dstport==7 and udp.dstport==7
• D. tcp.srcport==7 and udp.srcport==7

Correct answer: C

Explanation

The correct answer is C because detecting ping sweeps involves monitoring both TCP and UDP traffic targeting port 7, which is the echo service. Options A, B, and D incorrectly specify source or destination ports that do not align with the requirements for detecting ping sweeps.