CompTIA Security+ (SY0-501) — Question 297

A network technician is trying to determine the source of an ongoing network based attack.
Which of the following should the technician use to view IPv4 packet data on a particular internal network segment?

Answer options

• A. Proxy
• B. Protocol analyzer
• C. Switch
• D. Firewall

Correct answer: B

Explanation

The correct answer is B, as a protocol analyzer is specifically designed to capture and analyze packet data, including IPv4 packets, on a network segment. Options A, C, and D do not provide the same capability; a proxy routes traffic, a switch forwards packets based on MAC addresses, and a firewall filters traffic based on security rules, none of which focus on detailed packet analysis.