PrepAway - Latest Free Exam Questions & Answers

Which of the following network devices is used to analyze traffic between various network interfaces?

Which of the following network devices is used to analyze traffic between various network interfaces?

PrepAway - Latest Free Exam Questions & Answers

A.
Proxies

B.
Firewalls

C.
Content inspection

D.
Sniffers

Explanation:
A sniffer (packet sniffer) is a tool that intercepts data flowing in a network. If computers are connected to
a local area network that is not filtered or switched, the traffic can be broadcast to all computers
contained in the same segment. This doesn’t generally occur, since computers are generally told to ignore
all the comings and goings of traffic from other computers. However, in the case of a sniffer, all traffic is
shared when the sniffer software commands the Network Interface Card (NIC) to stop ignoring the traffic.
The NIC is put into promiscuous mode, and it reads communications between computers within a
particular segment. This allows the sniffer to seize everything that is flowing in the network, which can
lead to the unauthorized access of sensitive data. A packet sniffer can take the form of either a hardware
or software solution. A sniffer is also known as a packet analyzer.
Incorrect Answers:
A: Web proxies tend to be used for caching web page content and/or restricting access to websites to aid
compliance with company Internet usage policies. They are not used to analyze traffic between various
network interfaces.
B: A firewall is designed to prevent unauthorized access to or from a private network. Firewalls can be
implemented in both hardware and software, or a combination of both. Firewalls are frequently used to
prevent unauthorized Internet users from accessing private networks connected to the Internet,
especially intranets. All data packets entering or leaving the intranet pass through the firewall, which
examines each packet and blocks those that do not meet the specified security criteria; typically acombination of port and IP address. A firewall is not used to analyze traffic between various network
interfaces.
C: Content inspection is the process of examining typically web content as it is downloaded to a client
computer. The content of a web page is examined but the data packets themselves are not captured and
examined as is the case with a packet sniffer. Therefore this answer is incorrect.

http://www.techopedia.com/definition/4113/sniffer


Leave a Reply