Question

You believe that one or more of your systems are under network attack, possibly a denial of service (DoS) attack. You call one of the network administrators to gather data for you. Which tool does the admin use to gather the data you need?

a) A network protocol analyzer
b) A network packet analyzer
c) A network intrusion prevention system (NIPS)
d) A network intrusion detection system (NIDS)

Answer 1

The network administrator would use a network packet analyzer to gather the data needed to investigate a possible network attack, such as a denial of service (DoS) attack.

Step-by-step explanation:

The network administrator would use a network packet analyzer to gather the data needed to investigate a possible network attack, such as a denial of service (DoS) attack. A network packet analyzer, also known as a network protocol analyzer, allows the administrator to capture and analyze network traffic. It records and displays information about the packets flowing through the network, including their source and destination IP addresses, protocols used, and any anomalies or suspicious patterns.

By examining the captured packets, the administrator can identify any unusual or malicious behavior, such as a sudden surge in network traffic or a flood of requests targeting a specific system or service. This information helps in understanding the nature of the attack and in formulating appropriate countermeasures to mitigate the impact and prevent further network intrusion.