1. You are required to monitor and display all incoming packets to a particular system from the IP address 192.168.1.1. What filter would you use ?
2. You are required to monitor all packets on a switch port (A) from another port (B). How would you achieve the solution ?
Setup wireshark on port B and enable port mirroring on the switch to duplicate packets from port A to port B.
3. Which filter would you use to display destination broadcast frames
4. What is the command line tool for wireshark.
5. Which filter would you use to monitor HTTP Web requests
6. Which filter should be used to monitor packets originating from a DHCP Server.
7. Which filter would you use to monitor IP traffic between two systems on a network (192.168.1.1 and 192.168.1.2)
ip.src==192.168.1.1 && 192.168.1.2.
8. Which filter should be used to monitor IP packets containing ICMP protocol.