What should Tim understand about this situation?

Tim is a member of management and has just been notified that two sniffer tools have been identified on the network. The software tools were installed on two different systems that were maintained by a security engineer who has recently been fired. What should Tim understand about this situation?

Tim is a member of management and has just been notified that two sniffer tools have been identified on the network. The software tools were installed on two different systems that were maintained by a security engineer who has recently been fired. What should Tim understand about this situation?

A.
The tools were probably installed to identify suspicious activities by the engineer and should not be a concern.

B.
The tools were probably installed by the engineer to identify legitimately suspicious activities, but should be a concern.

C.
The tools were installed as part of the company’s IPS rollout and should be a concern

D.
The tools were installed as part of the company’s IPS rollout and should not be a concern.

Explanation:
Network sniffers are used by the people in the white hats
(administrators and security professionals) usually to try and track down a recent
problem with the network. But the guys in the black hats (attackers and crackers)
can use them to learn about what type of data is passed over a specific network
segment and to modify data in an unauthorized manner. Black hats usually use
sniffers to obtain credentials as they pass over the network medium. The company
does not know who installed them and this should be a concern.



Leave a Reply 1

Your email address will not be published. Required fields are marked *


lordinfidel

lordinfidel

my $.02

The trick to answering this question is in the 1st sentence.

“Tim … has just been notified”.

If other members of the security or operations team were aware that there were packet sniffers installed, then there would be no reason to notify management; since it probably would of have been part of an established policy.

Because no one knew of it’s existance until after the employee left, meant that the employeed did it on his own outside of proper change management.