Certified Ethical Hacker (CEH v10) — Question 21

When conducting a penetration test, it is crucial to use all means to get all available information about the target network. One of the ways to do that is by sniffing the network. Which of the following cannot be performed by the passive network sniffing?

Answer options

• A. Identifying operating systems, services, protocols and devices
• B. Modifying and replaying captured network traffic
• C. Collecting unencrypted information about usernames and passwords
• D. Capturing a network traffic for further analysis

Correct answer: B

Explanation

The correct answer is B, as passive network sniffing involves monitoring and capturing data without altering it, thus it cannot modify or replay traffic. Options A, C, and D are all feasible with passive sniffing since they focus on observing and collecting data without interference.