Certified Ethical Hacker (CEHv9) Questions and answers
77. An Intrusion Detection System (IDS) has alerted the network administrator to a possibly malicious sequence of packets sent to a Web server in the network's external DMZ. The packet traffic was captured by the IDS and saved to a PCAP file.
What type of network tool can be used to determine if these packets are genuinely malicious or simply a false positive?
A. Intrusion Prevention System (IPS)
B. Protocol analyzer
C. Vulnerability scanner
D. Network sniffer
78. What is the process of logging, recording, and resolving events that take place in an organization.