ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v8 All Questions

View all questions & answers for the 312-50v8 exam
Go to Exam

Exam 312-50v8 topic 8 question 95 discussion

Actual exam question from ECCouncil's 312-50v8
Question #: 95
Topic #: 8
[All 312-50v8 Questions]

An Intrusion Detection System (IDS) has alerted the network administrator to a possibly malicious sequence of packets sent to a Web server in the network's external DMZ. The packet traffic was captured by the IDS and saved to a PCAP file.
What type of network tool can be used to determine if these packets are genuinely malicious or simply a false positive?

  • A. Intrusion Prevention System (IPS)
  • B. Protocol analyzer
  • C. Network sniffer
  • D. Vulnerability scanner
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
A packet analyzer (also known as a network analyzer, protocol analyzer or packet snifferor, for particular types of networks, an Ethernet sniffer or wireless sniffer) is a computer program or piece of computer hardware that can intercept and log traffic that passes over a digital network or part of a network. A packet analyzer can analyze packet traffic saved in a PCAP file.
References: https://en.wikipedia.org/wiki/Packet_analyzer
by zohizyzo at April 4, 2025, 2:21 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Currently there are no comments in this discussion, be the first to comment!
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel