Bird
0
0

A network forensics tool logs the following:

medium📝 Analysis Q5 of 15
Cybersecurity - Digital Forensics
A network forensics tool logs the following:
Source IP: 10.0.0.5, Destination IP: 172.16.0.8, Protocol: TCP, Port: 80
What does this log most likely represent?
AA web browsing session
BAn email being sent
CA file transfer using FTP
DA DNS query
Step-by-Step Solution
Solution:

  1. Step 1: Identify protocol and port meaning

    TCP on port 80 is commonly used for HTTP, which is web browsing.

  2. Step 2: Match log to activity

    Since port 80 is HTTP, the log indicates a web browsing session, not email, FTP, or DNS.

  3. Final Answer:

    A web browsing session -> Option A

  4. Quick Check:

    Port 80 + TCP = Web browsing [OK]
Quick Trick: Port 80 TCP traffic usually means web browsing [OK]
Common Mistakes:
MISTAKES
  • Confusing port 80 with email ports
  • Mixing FTP with HTTP ports
  • Assuming DNS uses TCP port 80

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Cybersecurity Quizzes
Advanced Threat Protection - Endpoint Detection and Response (EDR) - Quiz 15hard Compliance and Governance - Security policy development - Quiz 6medium Digital Forensics - Memory forensics basics - Quiz 15hard Digital Forensics - Mobile device forensics - Quiz 3easy Emerging Security Topics - IoT security challenges - Quiz 6medium Emerging Security Topics - Why security evolves with technology - Quiz 11easy Emerging Security Topics - Why security evolves with technology - Quiz 14medium Incident Response - Detection and analysis phase - Quiz 4medium Incident Response - Incident response lifecycle - Quiz 11easy Incident Response - Why incident response plans save organizations - Quiz 13medium