Question

Given the following information about a company's internal network:

User IP space: -Server IP space: security engineer has been told that there are rogue websites hosted outside of the proper server space, and those websites need to be identified.

Which of the following should the engineer do?

A. Use a protocol analyzer on
B. Use a port scanner on
C. Use an HTTP interceptor on
D. Use a port scanner on
E. Use a protocol analyzer on
F. Use an HTTP interceptor on

Answer 1

To identify rogue websites, the security engineer should use a protocol analyzer on the user IP space to monitor and analyze network traffic, and consider using a port scanner on the server IP space to check for unexpected open services and ports.

Step-by-step explanation:

To identify rogue websites hosted outside of the proper server space, the security engineer should use a protocol analyzer on the user IP sp

ace. A protocol analyzer will help to capture and analyze network traffic originating from user IP addresses. If there are any outbound requests to web servers that do not belong to the company's predefined server space, the protocol analyzer can detect these, helping to identify the rogue websites.

Alternatively, using a port scanner on the server IP space could help to ensure that only the expected services and ports are open, and any anomalies could be investigated further. It is important to note that scanning should be done respecting the appropriate laws and regulations, as unsolicited scanning may be viewed as intrusive or even illegal.

Therefore option A. protocol analyzer on .