PrepAway - Latest Free Exam Questions & Answers

Which of the following software allows a network administrator to inspect the protocol header in order to trou

Which of the following software allows a network administrator to inspect the protocol header in order to
troubleshoot network issues?

PrepAway - Latest Free Exam Questions & Answers

A.
URL filter

B.
Spam filter

C.
Packet sniffer

D.
Switch

Explanation:
Every data packet transmitted across a network has a protocol header. To view a protocol header, you
need to capture and view the contents of the packet with a packet sniffer.
A sniffer (packet sniffer) is a tool that intercepts data flowing in a network. If computers are connected to
a local area network that is not filtered or switched, the traffic can be broadcast to all computers
contained in the same segment. This doesn’t generally occur, since computers are generally told to ignore
all the comings and goings of traffic from other computers. However, in the case of a sniffer, all traffic isshared when the sniffer software commands the Network Interface Card (NIC) to stop ignoring the traffic.
The NIC is put into promiscuous mode, and it reads communications between computers within a
particular segment. This allows the sniffer to seize everything that is flowing in the network, which can
lead to the unauthorized access of sensitive data. A packet sniffer can take the form of either a hardware
or software solution. A sniffer is also known as a packet analyzer.
Incorrect Answers:
A: A URL filter is used to block URLs (websites) to prevent users accessing the website. It is not used to
view protocol headers.
B: A spam filter is used for email. All inbound (and sometimes outbound) email is passed through the
spam filter to detect spam emails. The spam emails are then discarded or tagged as potential spam
according to the spam filter configuration. A spam filter is not used to view protocol headers.
D: A switch is a network device. Most computers on the network will be plugged into a switch. Switches
maintain a MAC Table that maps individual MAC addresses on the network to the physical ports on the
switch. This allows the switch to direct data out of the physical port where the recipient is located, as
opposed to indiscriminately broadcasting the data out of all ports as a hub does. The advantage of this
method is that data is bridged exclusively to the network segment containing the computer that the data
is specifically destined for. A switch is not used to view protocol headers.

http://www.techopedia.com/definition/4113/sniffer


Leave a Reply