Which tool is command-line based for capturing packets?

Study for the EC-Council Certified Ethical Hacker (CEH) v13 Exam. Utilize flashcards and multiple-choice questions with helpful hints and detailed explanations. Excel in your exam preparation!

Multiple Choice

Which tool is command-line based for capturing packets?

Explanation:
Command-line packet capture means intercepting traffic directly from a network interface in text mode, without a graphical interface. tcpdump is the classic tool for this: a pure CLI utility that captures packets on a chosen interface, lets you filter with BPF syntax to limit what you record, and can print summaries or save the data in a pcap file for later analysis. This makes it ideal for quick, scriptable captures in a terminal. Wireshark is primarily GUI-based (though it has a CLI companion), NTP is a time synchronization protocol, and cloud-based detection is a remote service, not a local packet capture utility.

Command-line packet capture means intercepting traffic directly from a network interface in text mode, without a graphical interface. tcpdump is the classic tool for this: a pure CLI utility that captures packets on a chosen interface, lets you filter with BPF syntax to limit what you record, and can print summaries or save the data in a pcap file for later analysis. This makes it ideal for quick, scriptable captures in a terminal. Wireshark is primarily GUI-based (though it has a CLI companion), NTP is a time synchronization protocol, and cloud-based detection is a remote service, not a local packet capture utility.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy