CompTIA Security+ (SY0-501) — Question 956

Ann a security analyst is monitoring the IDS console and noticed multiple connections from an internal host to a suspicious call back domain.
Which of the following tools would aid her to decipher the network traffic?

Answer options

Correct answer: C

Explanation

NETSTAT is the appropriate tool for monitoring and analyzing network connections and their status, making it ideal for identifying unusual connections. In contrast, a Vulnerability Scanner focuses on identifying weaknesses in systems, NMAP is primarily used for network discovery and security auditing, and a Packet Analyzer captures and analyzes packets but does not provide real-time connection status like NETSTAT does.