nerdexam
GIAC

GCFA · Question #96

GCFA Question #96: Real Exam Question with Answer & Explanation

The correct answer is B. Packet sniffer. A packet sniffer captures live network traffic so an administrator can inspect packet payloads and confirm whether email data is being transmitted in encrypted form.

Question

You are the Network Administrator and your company has recently implemented encryption for all emails. You want to check to make sure that the email packages are being encrypted. What tool would you use to accomplish this?

Options

  • APassword cracker
  • BPacket sniffer
  • CPerformance Monitor
  • DVulnerability analyzer

Explanation

A packet sniffer captures live network traffic so an administrator can inspect packet payloads and confirm whether email data is being transmitted in encrypted form.

Common mistakes.

  • A. A password cracker is used to recover authentication credentials through brute-force or dictionary attacks, and cannot capture or inspect live network packet contents.
  • C. Performance Monitor tracks operating system metrics such as CPU, memory, and disk I/O, and has no capability to capture or analyze network packet payloads.
  • D. A vulnerability analyzer scans systems and services for known security weaknesses, but does not capture live traffic to verify whether specific packets are encrypted.

Concept tested. Packet sniffing to verify network encryption

Reference. https://www.wireshark.org/docs/wsug_html_chunked/ChapterIntroduction.html

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GCFA Practice