CompTIA Security+ (SY0-601) — Question 294

Which of the following can be used to detect a hacker who is stealing company data over port 80?

Answer options

• A. Web application scan
• B. Threat intelligence
• C. Log aggregation
• D. Packet capture

Correct answer: D

Explanation

Packet capture is the best option for detecting data theft over port 80 as it allows for the monitoring of network traffic and can reveal unauthorized data transfers. Web application scans and threat intelligence may not directly identify ongoing data exfiltration, while log aggregation focuses more on analyzing logs rather than real-time traffic.