32. Examine the following tcpdump output:
22:00:19.538395 IP (tos 0x10, ttl 64, id 33842, offset 0, flags [P], proto TCP (6), length 196) 198.168.105.1.41012 > 198.111.123.1.61012: Flags [P.], cksum 0x50af (correct), seq 169, ack 187, win 501, length 42
What is the value of the Type of Service field?
- 0x10
- 6
- 501
- 0x50af
33. What type of attack involves the unauthorized transmission of data from a system?
- Data leak
- Data exfiltration
- Packet classification
- Packet crafting
34. Which of the following behaviors may suggest an ongoing data exfiltration attack? Select two answers.
- Outbound network traffic to an unauthorized file hosting service
- Unexpected modifications to files containing sensitive data
- Multiple successful multi-factor authentication logins
- Network performance issues
35. Fill in the blank: tcpdump is a network protocol analyzer that uses a(n) _____ interface.
- Linux
- command-line
- internet
- graphical user
36. Which layer of the TCP/IP model is responsible for accepting and delivering packets in a network?
- Transport
- Internet
- Network Access
- Application
37. Which IPv4 field determines how long a packet can travel before it gets dropped?
- Options
- Header Checksum
- Time to Live
- Type of Service
38. How are IP headers valuable for security analysts during investigations?
- They provide the foundation for communications over the internet.
- They provide the ability to modify network communications.
- They provide insight into the details of network communications.
- They provide the ability to visualize network communications.