CEH v9 Question of the Week: Examine Streams of Packets

What are hardware or software devices that examine streams of packets for unusual or malicious behavior?

A. Wireshark
B. Tcpdump
C. IPS
D. IDS

Reveal Answer

The correct answer is D.

An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station.

Wireshark is a network protocol analyzer which allows you to see what’s happening on your network at a microscopic level.

Tcpdump is a common packet analyzer that runs under the command line. It allows the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is attached.

An Intrusion Prevention System (IPS) is a network security/threat prevention technology that examines network traffic flows to detect and prevent vulnerability exploits.

 

Related Course
Certified Ethical Hacker v9

CEH v9 Question of the Week Series

• CEH v9 Question of the Week: Retina Scanners
• CEH v9 Question of the Week: Employee Behavior
• CEH v9 Question of the Week: CVE-2007-2447
• CEH v9 Question of the Week: SQL Injection
• CEH v9 Question of the Week: Web Application Penetration Testing
• CEH v9 Question of the Week: iptables
• CEH v9 Question of the Week: Examine Streams of Packets

from
CERTIVIEW