312-50V10 · Question #20
You need a tool that can do network intrusion prevention and intrusion detection, function as a network sniffer, and record network activity. What tool would you most likely select?
The correct answer is A. Snort. Snort is an open-source network tool that combines IDS/IPS capabilities with packet sniffing and traffic logging, making it the only choice that satisfies all four stated requirements.
Question
You need a tool that can do network intrusion prevention and intrusion detection, function as a network sniffer, and record network activity. What tool would you most likely select?
Options
- ASnort
- BNmap
- CCain & Abel
- DNessus
How the community answered
(36 responses)- A92% (33)
- C6% (2)
- D3% (1)
Why each option
Snort is an open-source network tool that combines IDS/IPS capabilities with packet sniffing and traffic logging, making it the only choice that satisfies all four stated requirements.
Snort is a widely used open-source network intrusion detection and prevention system that also operates as a packet sniffer and network activity logger. It supports three primary modes - sniffer mode, packet logger mode, and full NIDS/NIPS mode. No other option in the list provides all four capabilities simultaneously.
Nmap is a port scanner and host discovery tool, not an IDS/IPS or network sniffer with logging capabilities.
Cain and Abel is a Windows-based password recovery and credential-cracking tool, not an intrusion detection or sniffing platform.
Nessus is a vulnerability assessment scanner that identifies security weaknesses but does not perform intrusion prevention or packet sniffing.
Concept tested: Snort IDS/IPS and network sniffing capabilities
Source: https://www.snort.org/documents
Topics
Community Discussion
No community discussion yet for this question.