Network Defense Essentials (NDE) Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Study for the Network Defense Essentials Exam. Prepare with flashcards and multiple choice questions, each question offers hints and explanations. Get ready for your exam and enhance your cybersecurity skills!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which Wireshark filter is used to view only SMTP traffic?

  1. tcp.port eq 110

  2. tcp.port eq 443

  3. tcp.port eq 25

  4. tcp.port eq 80

The correct answer is: tcp.port eq 25

The reason for selecting the filter that specifies tcp.port eq 25 is that this filter directly corresponds to the standard port used by the Simple Mail Transfer Protocol (SMTP). SMTP is the protocol primarily used for sending emails on the Internet, and it operates over TCP. The default port for SMTP is indeed port 25, making it the proper filter to isolate SMTP traffic in Wireshark. In contrast, the other options reference ports associated with different protocols: port 110 is used for Post Office Protocol version 3 (POP3), port 443 is used for Hypertext Transfer Protocol Secure (HTTPS), and port 80 is used for Hypertext Transfer Protocol (HTTP). Each of these protocols serves a different purpose in network communication, which is why they are not suitable for filtering SMTP traffic.

More Questions Like This