Which of the following tool or technology would work BEST for obtaining more information on this traffic?

While reviewing the monthly internet usage it is noted that there is a large spike in traffic classified as
“unknown” and does not appear to be within the bounds of the organizations Acceptable Use Policy.
Which of the following tool or technology would work BEST for obtaining more information on this
traffic?

While reviewing the monthly internet usage it is noted that there is a large spike in traffic classified as
“unknown” and does not appear to be within the bounds of the organizations Acceptable Use Policy.
Which of the following tool or technology would work BEST for obtaining more information on this
traffic?

A.
Firewall logs

B.
IDS logs

C.
Increased spam filtering

D.
Protocol analyzer

Show Hint

Leave a Reply 3

Your email address will not be published. Required fields are marked *

16 − ten =

Black

Black

Isn’t that D?

Reply

Admin

Admin

I think it’s B , IDS work as analyzer. This is one of questions what is BEST, D is correct answer but B is better. Becouse they dont write Network-IDS or Host-IDS, it’s probably NIDS logs and they are better then protocol analyzer.

Reply

asiakid

asiakid

Question is asking for a tool or technology not just “logs” or IDS event logs

maybe the question needs rewording but it looks like it was specifically asking for the “IDS” answer since we are looking at suspicious traffic in that large spike of traffic

however, the Packet capture could still be the BEST answer if we simply need to understand what those “unknown” packets are

Reply