CompTIA
N10-005 · Question #342
N10-005 Question #342: Real Exam Question with Answer & Explanation
The correct answer is D: Protocol analyzer. A protocol analyzer captures and decodes network packets at the frame level, allowing a technician to inspect the actual content and destination of suspicious traffic.
Question
A network technician has been asked to look into a report from the IDS to determine why traffic is being sent from an internal FTP server to an external website. Which of the following tools can be used to inspect this traffic?
Options
- ARouter firewall
- BPing and traceroute
- CThroughput tester
- DProtocol analyzer
Explanation
A protocol analyzer captures and decodes network packets at the frame level, allowing a technician to inspect the actual content and destination of suspicious traffic.
Common mistakes.
- A. A router firewall can block or permit traffic based on rules but does not provide the detailed packet-level inspection needed to investigate the content or reason for the traffic.
- B. Ping and traceroute test connectivity and path reachability but cannot capture or inspect the content of traffic flows.
- C. A throughput tester measures bandwidth and data transfer rates but does not decode or analyze packet contents.
Concept tested. Protocol analyzer for network traffic inspection
Reference. https://www.wireshark.org/docs/wsug_html_chunked/ChapterIntroduction.html
Community Discussion
No community discussion yet for this question.