Question

TCPDump is used by Wireshark to capture packets while Wireshark own function is:

a. to provide a graphical user interface (GUI) and several capture filters.
b. to act as an intrusion prevention system (IPS) by stopping packets from a black-listed website or packets with payloads of viruses.
c. to defend the network against TCP SYN Flooding attacks by filtering out unnecessary TCP packets.
d. yet to be defined.

Answer 1

a. to provide a graphical user interface (GUI) and several capture filters

Step-by-step explanation:

TcPDump is a command line tool used to capture packets. TcPDump is used to filter packets after a capture has been done. To control network interfaces, TcPDump need to be assigned root privileges. Data is represented in form of text

Wireshark provide a graphical user interface (GUI) and several capture filters. It is a graphical tool used in packet capture analysis. Data is represented in wireshark as text in boxes.