Wireshark Basics

Questions and Answers

What are the two parts of a packet sniffer?

Protocol analyzer and packet inspector

Message observer and frame capturer

Packet capture library and packet analyzer (correct)

Content analyzer and protocol receiver

Where can Wireshark be downloaded from?

<a href="http://www.wireshark.tools/getit">http://www.wireshark.tools/getit</a>

<a href="http://www.wireshark.net/download">http://www.wireshark.net/download</a>

<a href="http://www.wireshark.org/download.html">http://www.wireshark.org/download.html</a> (correct)

<a href="http://www.wireshark.com/get">http://www.wireshark.com/get</a>

What action initiates packet capture in Wireshark?

Opening the Analysis tab

Choosing the Tools menu

Clicking the Start button

Selecting the Capture pull down menu (correct)

What is the purpose of the packet capture library in a packet sniffer?

Receives a copy of every link layer frame sent or received

What is the initial view when starting Wireshark for packet capture?

A window similar to that shown in slide 5

Study Notes

Packet Sniffer Components

• A packet sniffer consists of two main parts: the capture driver and the packet capture library.

Wireshark

• Wireshark can be downloaded from the official Wireshark website.
• Initiating a capture in Wireshark is done by clicking the "Start" button or selecting "CaptureOptions" from the "Capture" menu.
• The initial view when starting Wireshark for packet capture is the "Start Page" or "Welcome Screen".

Packet Capture Library

• The purpose of the packet capture library in a packet sniffer is to analyze and decode the captured packets, presenting the data in a human-readable format.

Description

"Wireshark Basics: Test Your Packet Sniffing Skills Quiz" Test your knowledge of Wireshark with this quiz that covers topics such as obtaining and utilizing Wireshark, and conducting packet analysis.