nerdexam
EC-Council

312-50V13 · Question #624

Martin, a Certified Ethical Hacker (CEH), is conducting a penetration test on a large enterprise network. He suspects that sensitive information might be leaking out of the network. Martin decides to

The correct answer is A. Raw Sniffing. To gain a comprehensive understanding of data flowing across a network, an ethical hacker should employ raw sniffing to capture all network traffic.

Submitted by takeshi77· Mar 6, 2026Sniffing

Question

Martin, a Certified Ethical Hacker (CEH), is conducting a penetration test on a large enterprise network. He suspects that sensitive information might be leaking out of the network. Martin decides to use network sniffing as part of his testing methodology. Which of the following sniffing techniques should Martin employ to get a comprehensive understanding of the data flowing across the network?

Options

  • ARaw Sniffing
  • BMAC Flooding
  • CARP Poisoning
  • DDNS Poisoning

How the community answered

(47 responses)
  • A
    87% (41)
  • B
    2% (1)
  • C
    4% (2)
  • D
    6% (3)

Why each option

To gain a comprehensive understanding of data flowing across a network, an ethical hacker should employ raw sniffing to capture all network traffic.

ARaw SniffingCorrect

Raw sniffing involves capturing all packets traversing the network without filtering or modifying them, allowing Martin to analyze the entire data stream at a low level. This technique provides the most comprehensive insight into sensitive information potentially leaking, as it doesn't limit capture to specific protocols or addresses.

BMAC Flooding

MAC flooding is an attack technique to overwhelm a switch's CAM table, potentially enabling sniffing but is not a sniffing technique itself for data capture.

CARP Poisoning

ARP poisoning is an attack technique used to redirect traffic through an attacker, enabling sniffing but is not the sniffing technique itself.

DDNS Poisoning

DNS poisoning is an attack technique to redirect users to malicious websites by corrupting DNS caches, not a method for comprehensively sniffing all network data.

Concept tested: Comprehensive network data capture (sniffing)

Source: https://www.wireshark.org/docs/wsug_html_chunked/ChCapRawTraffic.html

Topics

#network sniffing#raw sniffing#data exfiltration#penetration testing

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice