GIAC
GCIH · Question #481
GCIH Question #481: Real Exam Question with Answer & Explanation
Sign in or unlock GCIH to reveal the answer and full explanation for question #481. The question stem and answer options stay visible for context.
Question
What is the best practice for analyzing network traffic in a production environment to minimize the risks associated with such activities?
Options
- AUse a passive monitoring tool like p0f to capture and analyze the traffic as a privileged user
- BUse the wireshark tool for both capturing and analyzing the traffic as a privileged user
- CCapture the traffic with tcpdump, then analyze the traffic with wireshark using an unprivileged
- DCapture the traffic with wireshark, then analyze the traffic with tcpdump using an unprivileged
Unlock GCIH to see the answer
You've previewed enough free GCIH questions. Unlock GCIH for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.