Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
An Intrusion Detection System (IDS) has alerted the network administrator to a possibly malicious sequence of packets sent to Web server in the network's external DMZ. The packet traffic was captured by the IDS and saved to a PCAP file. What type of network tool can be used to determine if these packets are genuinely malicious or simply a false positive?
Vulnerability scanner
Protocol analyzer
Intrusion Prevention System (IPS)
Network sniffer
It should be intrusion prevention system that helps to analyze whether the packets are malicious or not.
https://en.wikipedia.org/wiki/Intrusionpreventionsystem Intrusion prevention systems (IPS), also known as intrusion detection and prevention systems (IDPS), are network security appliances that monitor network and/or system activities for malicious activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.