While reviewing the monthly internet usage it is noted that there is a large spike in traffic classified
as “unknown” and does not appear to be within the bounds of the organizations Acceptable Use
Policy. Which of the following tool or technology would work BEST for obtaining more information
on this traffic?

A.
Firewall logs

B.
IDS logs

C.
Increased spam filtering

D.
Protocol analyzer