An internal host at IP address 10.10.50.100 is suspected to be communicating with a command and control whenever a user launches browser window. What features and settings of Wireshark should be used to isolate and analyze this network traffic?
A.
Filter traffic using ip.src = = 10.10.50.100 and tcp.srcport = = 80, and use Expert Info
B.
Filter traffic using ip.src = = 10.10.50.100 and tcp.dstport = = 53, and use Expert Info
C.
Filter traffic using ip.src = = 10.10.50.100 and tcp.dstport = = 80, and use Follow TCP stream
D.
Filter traffic using ip.src = = 10.10.50.100, and use Follow TCP stream
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit