nerdexam
Exams312-50V10Questions#20
EC-Council

312-50V10 · Question #20

312-50V10 Question #20: Real Exam Question with Answer & Explanation

The correct answer is A: Snort. Snort is an open-source network tool that combines IDS/IPS capabilities with packet sniffing and traffic logging, making it the only choice that satisfies all four stated requirements.

Question

You need a tool that can do network intrusion prevention and intrusion detection, function as a network sniffer, and record network activity. What tool would you most likely select?

Options

  • ASnort
  • BNmap
  • CCain & Abel
  • DNessus

Explanation

Snort is an open-source network tool that combines IDS/IPS capabilities with packet sniffing and traffic logging, making it the only choice that satisfies all four stated requirements.

Common mistakes.

  • B. Nmap is a port scanner and host discovery tool, not an IDS/IPS or network sniffer with logging capabilities.
  • C. Cain and Abel is a Windows-based password recovery and credential-cracking tool, not an intrusion detection or sniffing platform.
  • D. Nessus is a vulnerability assessment scanner that identifies security weaknesses but does not perform intrusion prevention or packet sniffing.

Concept tested. Snort IDS/IPS and network sniffing capabilities

Reference. https://www.snort.org/documents

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 312-50V10 Practice
You need a tool that can do network intrusion prevention and... | 312-50V10 Q#20 Answer | NerdExam