nerdexam
EC-Council

312-50V11 · Question #347

How is sniffing broadly categorized?

The correct answer is A. Active and passive. Network sniffing is broadly categorized as active or passive, depending on whether the attacker sends packets to redirect traffic or simply listens to traffic that passes naturally.

Sniffing

Question

How is sniffing broadly categorized?

Options

  • AActive and passive
  • BBroadcast and unicast
  • CUnmanaged and managed
  • DFiltered and unfiltered

How the community answered

(40 responses)
  • A
    88% (35)
  • B
    8% (3)
  • C
    3% (1)
  • D
    3% (1)

Why each option

Network sniffing is broadly categorized as active or passive, depending on whether the attacker sends packets to redirect traffic or simply listens to traffic that passes naturally.

AActive and passiveCorrect

Passive sniffing involves placing a NIC in promiscuous mode on a shared medium (such as a hub-based network) and silently recording traffic without injecting any packets. Active sniffing involves sending crafted packets - such as ARP poisoning, MAC flooding, or DHCP spoofing - to force traffic through the attacker's machine on switched networks where passive sniffing alone would not capture traffic destined for other hosts.

BBroadcast and unicast

Broadcast and unicast describe network addressing modes, not categories of sniffing techniques.

CUnmanaged and managed

Unmanaged and managed describe switch hardware types, not sniffing methodologies.

DFiltered and unfiltered

Filtered and unfiltered describe capture display options in tools like Wireshark, not the classification of sniffing attacks.

Concept tested: Active vs passive network sniffing classification

Source: https://www.eccouncil.org/train-certify/certified-ethical-hacker-ceh/

Topics

#active sniffing#passive sniffing#network sniffing

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice