Question 4 of 32 from exam 300-215-CBRFIR: Conducting Forensic Analysis and Incident Response Using Cisco Technologies for CyberOps

Question 4 of 32 from exam 300-215-CBRFIR: Conducting Forensic Analysis and Incident Response Using Cisco Technologies for CyberOps

Prev Question Next Question

Question

ledgronisiiof php?i=yourght6.cab 2019.12.04 2019.12.04 -194.611.178 2019.12.04 194611178 2019.12.04 .- 19461.1.178 2019.12.04 19:02... 194611178 2019.12.04 194614178 2019.12.04 194611178 20191204 19:13... 194611178 2019.12.04 - 19461.1.178 2019-1204 19:19... 19461.1.178 GET GET eT Chent Chert Chert Chert Chert Chert Chert Chert Cent Chert SEEEEEE EEE u j i Frame 6: 386 bytes on wire (3088 bits), 386 bytes captured (3088 bits) Ethernet Il, Src: HewlettP_1c:47:ae (00:08:02:1c:47:ae), Dst: Netgear_b6:93:f1 (20:e5:2a:b6:93:f1) Internet Protocol Version 4, Src: 160.192.4.101, Dst: 185.188.182.76 (0000 __20 e5 2a b6 93 f1 00 08 02 1c 47 ae 08 00 45 00* GE

Refer to the exhibit.

A network engineer is analyzing a Wireshark file to determine the HTTP request that caused the initial Ursnif banking Trojan binary to download.

Which filter did the engineer apply to sort the Wireshark traffic logs?

Answers

Explanations

Prev Question Next Question