An internal host at IP address 10.10.50.100 is suspected to be communicating with a command and control whenever a user launches browser window. What features and settings of Wireshark should be used to isolate and analyze this network traffic?
Select an option, then click Submit answer.
-
○
Filter traffic using ip.src = = 10.10.50.100 and tcp.srcport = = 80, and use Expert Info
-
○
Filter traffic using ip.src = = 10.10.50.100 and tcp.dstport = = 53, and use Expert Info
-
○
Filter traffic using ip.src = = 10.10.50.100 and tcp.dstport = = 80, and use Follow TCP stream
-
○
Filter traffic using ip.src = = 10.10.50.100, and use Follow TCP stream
