nerdexam
EC-Council

312-50V9 · Question #122

How is sniffing broadly categorized?

The correct answer is A. Active and passive. Network sniffing is broadly categorized as active or passive, based on whether the attacker must inject traffic to intercept communications.

Sniffing

Question

How is sniffing broadly categorized?

Options

  • AActive and passive
  • BBroadcast and unicast
  • CUnmanaged and managed
  • DFiltered and unfiltered

How the community answered

(29 responses)
  • A
    86% (25)
  • B
    3% (1)
  • C
    3% (1)
  • D
    7% (2)

Why each option

Network sniffing is broadly categorized as active or passive, based on whether the attacker must inject traffic to intercept communications.

AActive and passiveCorrect

Passive sniffing captures traffic without sending any packets, relying on shared media or port mirroring where all frames are naturally visible to the sniffer. Active sniffing requires injecting packets using techniques such as ARP poisoning, MAC flooding, or DHCP spoofing to redirect traffic on switched networks - this active-versus-passive distinction is the primary taxonomy used in network security to classify sniffing methods.

BBroadcast and unicast

Broadcast and unicast describe network transmission addressing modes, not methodologies for intercepting or capturing network traffic.

CUnmanaged and managed

Unmanaged and managed describe switch capability and administration levels, not sniffing techniques or their operational categories.

DFiltered and unfiltered

Filtered and unfiltered describe Berkeley Packet Filter (BPF) settings applied to a running capture session, not a broad classification of sniffing approaches.

Concept tested: Active versus passive network sniffing classification

Topics

#sniffing types#active sniffing#passive sniffing#network monitoring

Community Discussion

No community discussion yet for this question.

Full 312-50V9 Practice