Wireshark WCNA Exam Practice Test Instant Access

Question 1

Refer to the exhibit.

This packet shows the expanded TCP flags are

a. The display filter tcp.fiags.syn==1 && tcp.flags.ack==1 and the display filter tcp.fiags=0xi2 provide identical filtering results.

ATrue

BFalse

Answer : A

Question 2

1O Graphs support display filters and expressions.

ATrue

BFalse

Answer : A

Question 3

Wireshark's GeoIP feature launches an OpenStreetMap view of the world from the Endpoints window to plot IP addresses seen in the trace file.

ATrue

BFalse

Answer : A

Question 4

Refer to the exhibit.

Which statement about this HTTP packet is correct?

AThis packet was sent from an HTTP server.

BThe packet contains a request for a graphic file.

CThis packet contains an invalid HTTP Request Method.

DThis packet indicates an HTTP client is browsing www.wiresharktraining.com.

Answer : D

Question 5

What is the most efficient method for saving non-contiguous packets in a trace file?

AMark the packets and choose to save the marked packets.

BApply a color filter for each packet and save all colored packets.

CRight click and copy the packets individually to a new instance of Wireshark.

DOpen the packets in a new window and save them under the same file name.

Answer : A

Question 6

Refer to the exhibit.

Which statement about this Wireshark image is correct?

AThis is a live capture process.

BThis trace file is part of a trace file set.

CA display filter has been applied to this traffic.

DThese packets have been saved to a trace file already.

Answer : A

Question 7

When you disable the UDP protocol decoding process, applications that use UDP (such as DHCP and DNS) will not be decoded.

ATrue

BFalse

Answer : A

Wireshark Certified Network Analyst Exam Practice Test