PrepAway - Latest Free Exam Questions & Answers

Which of the following BEST allows Pete, a security administrator, to determine the type, source, and flags of

Which of the following BEST allows Pete, a security administrator, to determine the type, source, and
flags of the packet traversing a network for troubleshooting purposes?

PrepAway - Latest Free Exam Questions & Answers

A.
Switches

B.
Protocol analyzers

C.
Routers

D.
Web security gateways

Explanation:
A Protocol Analyzer is a hardware device or more commonly a software program used to capture network
data communications sent between devices on a network. By capturing and analyzing the packets, Pete
will be able to determine the type, source, and flags of the packets traversing a network for
troubleshooting purposes.
Well known software protocol analyzers include Message Analyzer (formerly Network Monitor) from
Microsoft and Wireshark (formerly Ethereal).
Incorrect Answers:
A: A switch is a network device that Ethernet cables plug in to. The switch will direct traffic received on
one switch port out on one or more other switch ports based on the MAC address of the destinationcomputer(s). A switch receives and transmits network packets. It is not used to examine the contents of
the packets to view the type, source, and flags of the packets.
C: A router is a network device that routes data traffic according to the IP address of the destination
computer(s). A router receives and transmits network packets. It is not used to examine the contents of
the packets to view the type, source, and flags of the packets.
D: A web security gateway can be thought of as a proxy server (performing proxy and caching functions)
with web protection software built in. Depending on the vendor, the “web protection” can range from a
standard virus scanner on incoming packets to monitoring outgoing user traffic for red flags as well.
Potential red flags that the gateway can detect and/or prohibit include inappropriate content, trying to
establish a peer-to-peer connection with a file-sharing site, instant messaging, and unauthorized
tunneling. You can configure most web security gateways to block known HTTP/HTML exploits, strip
ActiveX tags, strip Java applets, and block/strip cookies. A web security gateway is not used to examine
the contents of the packets to view the type, source, and flags of the packets.

http://en.wikipedia.org/wiki/Wireshark
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, p. 103


Leave a Reply