Cisco
350-201 · Question #43
350-201 Question #43: Real Exam Question with Answer & Explanation
The correct answer is A: packet sniffer. Wireshark is a powerful tool that can analyze traffic between hosts on your network. But it can also be used to help you discover and monitor unknown hosts, pull their IP addresses, and even learn a little about the device itself. So the answers is Packet Sniffer(Wireshark).
Network Intrusion Analysis
Question
Refer to the exhibit. A security analyst needs to investigate a security incident involving several suspicious connections with a possible attacker. Which tool should the analyst use to identify the source IP of the offender?
Exhibit
Options
- Apacket sniffer
- Bmalware analysis
- CSIEM
- Dfirewall manager
Explanation
Wireshark is a powerful tool that can analyze traffic between hosts on your network. But it can also be used to help you discover and monitor unknown hosts, pull their IP addresses, and even learn a little about the device itself. So the answers is Packet Sniffer(Wireshark).
Topics
#packet sniffer#source IP identification#network forensics#tool selection
Community Discussion
No community discussion yet for this question.