312-50V13 · Question #520
A large corporate network is being subjected to repeated sniffing attacks. To increase security, the company's IT department decides to implement a combination of several security measures. They perma
The correct answer is B. Implement network scanning and monitoring tools. Explanation Implementing network scanning and monitoring tools (Option B) is the logical next step because, despite the existing countermeasures, active surveillance is needed to detect and respond to sniffing attempts in real time - tools like intrusion detection systems (IDS) a
Question
Options
- AUse HTTP instead of HTTPS for protecting usernames and passwords
- BImplement network scanning and monitoring tools
- CEnable network identification broadcasts
- DRetrieve MAC addresses from the OS
How the community answered
(47 responses)- A13% (6)
- B77% (36)
- C6% (3)
- D4% (2)
Explanation
Explanation
Implementing network scanning and monitoring tools (Option B) is the logical next step because, despite the existing countermeasures, active surveillance is needed to detect and respond to sniffing attempts in real time - tools like intrusion detection systems (IDS) and network analyzers can identify suspicious traffic patterns, unauthorized devices, or anomalous behavior that static defenses alone cannot catch.
Why the distractors are wrong:
- Option A is completely counterproductive - HTTP transmits data in plaintext, making sniffing easier, whereas HTTPS encrypts traffic; this is the exact opposite of a security enhancement.
- Option C enabling network identification broadcasts actually increases the attack surface by advertising network information to potential attackers, aiding reconnaissance rather than preventing it.
- Option D retrieving MAC addresses from the OS is a technique used by attackers to perform MAC spoofing and is not a defensive countermeasure.
Memory Tip: Think of the existing measures as building a secure house (locks, better materials, encrypted communications) - but you still need a security camera system (monitoring tools) to catch anyone trying to break in. When static defenses are in place but threats persist, the answer is almost always active monitoring.
Topics
Community Discussion
No community discussion yet for this question.