A common countermeasure to sniffing is to?

Prepare for the EC-Council Certified Security Specialist Exam with our comprehensive quiz. Enhance your understanding through flashcards and multiple-choice questions complete with hints and explanations. Boost your exam confidence today!

Multiple Choice

A common countermeasure to sniffing is to?

Explanation:
When trying to prevent someone from capturing other users’ traffic, the goal is to ensure each frame is delivered only to its intended recipient. Hubs are like repeaters: they broadcast all traffic to every port, so a sniffer connected anywhere on the segment can see everything. Switches, however, learn which devices are on which ports and forward each frame only to the port that leads to the destination MAC address. That means a sniffer attached to a single switch port will not see traffic meant for other devices, greatly reducing the opportunity for sniffing. So, using switches instead of hubs is a common and effective way to counter sniffing. Firewalls between segments operate at higher layers and don’t change how frames are delivered on the local switch network, so they don’t address the fundamental visibility issue. Reducing the number of switches would lessen segmentation and could actually increase exposure, while using hubs would directly enable more sniffing.

When trying to prevent someone from capturing other users’ traffic, the goal is to ensure each frame is delivered only to its intended recipient. Hubs are like repeaters: they broadcast all traffic to every port, so a sniffer connected anywhere on the segment can see everything. Switches, however, learn which devices are on which ports and forward each frame only to the port that leads to the destination MAC address. That means a sniffer attached to a single switch port will not see traffic meant for other devices, greatly reducing the opportunity for sniffing. So, using switches instead of hubs is a common and effective way to counter sniffing.

Firewalls between segments operate at higher layers and don’t change how frames are delivered on the local switch network, so they don’t address the fundamental visibility issue. Reducing the number of switches would lessen segmentation and could actually increase exposure, while using hubs would directly enable more sniffing.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy