During the analysis of a PCAP file, a security analyst noticed several communications with a
remote server on port 53. Which of the following protocol types is observed in this traffic?
A.
FTP
B.
DNS
C.
Email
D.
NetBIOS
Explanation:
DNS (Domain Name System) uses port 53.
Key concepts:
PCAP File: It stands for “Packet CAPtures”. They are files using for DNS-Zone-Transers with the “*.cap* extension
An eaxample would be: dns-zone-transfer-axfr.cap
Port 53: DNS (Domain Name System) uses port 53.
So in here we are talking about DNS PCAPs on port 53. = “B-DNS”
0
0