312-50V10 · Question #347
How is sniffing broadly categorized?
The correct answer is A. Active and passive. Network sniffing is broadly classified as either passive or active, based on whether the attacker interacts with the network to capture traffic.
Question
How is sniffing broadly categorized?
Options
- AActive and passive
- BBroadcast and unicast
- CUnmanaged and managed
- DFiltered and unfiltered
How the community answered
(30 responses)- A93% (28)
- C3% (1)
- D3% (1)
Why each option
Network sniffing is broadly classified as either passive or active, based on whether the attacker interacts with the network to capture traffic.
Passive sniffing involves silently monitoring traffic without injecting any packets, typically effective on hub-based networks where all traffic is broadcast. Active sniffing requires the attacker to interact with the network - for example, via ARP poisoning or MAC flooding - to redirect traffic on switched networks. This passive-vs-active distinction is the standard top-level classification for sniffing attacks in security curricula.
Broadcast and unicast describe packet addressing modes at the network layer, not categories of sniffing methodology.
Managed and unmanaged refer to switch hardware types that support or lack administrative control features, not sniffing classifications.
Filtered and unfiltered describe packet capture modes within tools like Wireshark, not the primary taxonomy used to categorize sniffing attacks.
Concept tested: Passive vs. active network sniffing classification
Source: https://csrc.nist.gov/publications/detail/sp/800-115/final
Topics
Community Discussion
No community discussion yet for this question.