| Exam 200-201 | Question id=6028 | Network intrusion analysis |
An engineer is investigating a case of the unauthorized usage of the `Tcpdump` tool. The analysis revealed that a malicious insider attempted to sniff traffic on a specific interface. What type of information did the malicious insider attempt to obtain?
| A. |
tagged protocols being used on the network | |
| B. |
all firewall alerts and resulting mitigations | |
| C. |
tagged ports being used on the network | |
| D. |
all information and data within the datagram |