CompTIA Security+ (SY0-601) — Question 341

Security analysts have noticed the network becomes flooded with malicious packets at specific times of the day. Which of the following should the analysts use to investigate this issue?

Answer options

• A. Web metadata
• B. Bandwidth monitors
• C. System files
• D. Correlation dashboards

Correct answer: B

Explanation

Bandwidth monitors are essential for identifying and analyzing traffic patterns, making them the best choice for investigating the flooding of malicious packets. The other options, such as web metadata and system files, do not provide the necessary insights into real-time network traffic, while correlation dashboards focus more on linking events rather than measuring bandwidth usage.