Certified Ethical Hacker (CEH v13) — Question 157

A large corporate network is being subjected to repeated sniffing attacks. To increase security, the company's IT department decides to implement a combination of several security measures. They permanently add the MAC address of the gateway to the ARP cache, switch to using IPv6 instead of IPv4, implement the use of encrypted sessions such as SSH instead of Telnet, and use Secure File Transfer Protocol instead of FTP. However, they are still faced with the threat of sniffing. Considering the countermeasures, what should be their next step to enhance network security?

Answer options

• A. Use HTTP instead of HTTPS for protecting usernames and passwords
• B. Implement network scanning and monitoring tools
• C. Enable network identification broadcasts
• D. Retrieve MAC addresses from the OS

Correct answer: B

Explanation

The correct answer is B because implementing network scanning and monitoring tools can help detect and respond to sniffing attacks in real-time. Options A, C, and D do not provide significant security enhancements; using HTTP instead of HTTPS would actually weaken security, enabling broadcasts does not mitigate sniffing risks, and retrieving MAC addresses from the OS does not address the underlying issue of sniffing.