Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Eccouncil Exam 212-82 Topic 3 Question 28 Discussion

Actual exam question for Eccouncil's 212-82 exam
Question #: 28
Topic #: 3
[All 212-82 Questions]

An loT device placed in a hospital for safety measures has sent an alert to the server. The network traffic has been captured and stored in the Documents folder of the "Attacker Machine-1". Analyze the loTdeviceTraffic.pcapng file and identify the command the loT device sent over the network. (Practical Question)

Show Suggested Answer Hide Answer
Suggested Answer: D

The loT device sent the command Temp_High over the network, which indicates that the temperature in the hospital was above the threshold level. This can be verified by analyzing the loTdeviceTraffic.pcapng file using a network protocol analyzer tool such as Wireshark4. The command Temp_High can be seen in the data field of the UDP packet sent from the loT device (192.168.0.10) to the server (192.168.0.1) at 12:00:03. The screenshot below shows the packet details5: Reference: Wireshark User's Guide, [loTdeviceTraffic.pcapng]


Contribute your Thoughts:

Helene
6 months ago
Interesting. High temperature alert could indeed push an alert.
upvoted 0 times
...
Carlee
7 months ago
I disagree, 'Temp_High' seems more urgent for an alert.
upvoted 0 times
...
Shoshana
7 months ago
I think the command is 'Tempe_Low'. Makes sense for safety.
upvoted 0 times
...
Viki
7 months ago
Yeah, but it’s a practical one. We need to check the .pcapng file.
upvoted 0 times
...
Helene
7 months ago
Seems tricky, analyzing traffic isn't straightforward.
upvoted 0 times
...
Delsie
7 months ago
What do you think about that IoT device question?
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77