Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Applied Security Methods > Wireshark > Flashcards

Wireshark Flashcards

(2 cards)

Start Studying
1
Q

Discovering Patterns

A
  • Look for repeated isolated SYN requests
  • this might suggest persistent attempts to open a denied port
  • Check for 3-way handshake details to determine if a port is open
  • this determines if a port is open to a host or not
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Packet Capture

A

Use filters – E.g., http, ip.addr == 192.168.1.1, tcp.port == 80

Packet List (Top Pane)
This shows a summary of each packet:

No. – Packet number in the capture

Time – Time since capture started

Source / Destination – IP addresses

Protocol – E.g., TCP, UDP, HTTP, DNS

Length – Packet size

Info – Brief description (e.g., “SYN”, “GET /index.html”)

  1. Packet Details (Middle Pane)
    This breaks the selected packet into layers:

Frame (Ethernet level)

Internet Protocol (IP header)

Transmission Control Protocol (TCP/UDP header)

Application layer (e.g., HTTP, DNS, FTP data)

You should know how to:

Spot a TCP 3-way handshake (SYN, SYN-ACK, ACK)

Identify a DNS query/response

Detect HTTP GET or POST requests

Look at IP or MAC addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Applied Security Methods (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions