False The Frame section of a packet always indicates which coloring rule has been applied to the packet True Conversations colored using the right-click coloring method will remain colored when the trace file is opened on another Wireshark system. ![]() False By default, Wireshark uses the Type of Service interpretation in the IP header instead of the DiffServ (Differentiated Services) interpretation. False Display filters and capture filters can be interchanged because they use the same syntax. True Port numbers set in the HTTP Preferences window for HTTP or HTTPS traffic are temporary settings. True Display filters applied to a trace file before opening the Protocol Hierarchy Statistics window are automatically applied to the Protocol Hierarchy results displayed. False Wireshark's network name resolution process references Wireshark's hosts file before generating inverse DNS queries to resolve IP addresses to host names. False Wireshark can playback encrypted VoIP conversations True Any display filters created and saved while viewing the trace file shown above will be saved in the "Default" profile directory. True Aggregating taps capture bi-directional full-duplex traffic and forward each direction of traffic to separate outbound ports. True Wireshark contains several pre-defined columns that can be quickly added to the Packet List pane by right-clicking on a field in the Packet Details pane True Wireshark's pcapng format enables meta data to be saved with a trace file True The MAC name resolution process resolves the first 3 bytes of the MAC address to the OUI value contained in Wireshark's manuf file. ![]() ![]() True You can edit the services file to change Wireshark's OUI display value from one manufacturer name to another False The cfilters file can be shared with other WireShark users by copying the file into another host's personal preferences folder True AirPcap adapters can be used to expand Wireshark's ability to capture wireless network traffic in a Microsoft Windows environment. True The location of Wireshark personal preference files is listed under Help | About Wireshark | Folders. You can use Wireshark's Expressions to build display filters.
0 Comments
Leave a Reply. |