ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-49v10 All Questions

View all questions & answers for the 312-49v10 exam
Go to Exam

Exam 312-49v10 topic 1 question 265 discussion

Actual exam question from ECCouncil's 312-49v10
Question #: 265
Topic #: 1
[All 312-49v10 Questions]

You have been called in to help with an investigation of an alleged network intrusion. After questioning the members of the company IT department, you search through the server log files to find any trace of the intrusion. After that you decide to telnet into one of the company routers to see if there is any evidence to be found. While connected to the router, you see some unusual activity and believe that the attackers are currently connected to that router. You start up an ethereal session to begin capturing traffic on the router that could be used in the investigation. At what layer of the OSI model are you monitoring while watching traffic to and from the router?

  • A. Network
  • B. Transport
  • C. Data Link
  • D. Session
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by ala76nl at June 27, 2024, 5:26 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
044f354
4 months, 1 week ago
Selected Answer: A
Follow the **LITERAL** phrasing of the question: At what layer of the OSI model are you monitoring while watching traffic to and from the router? Capture takes place at data link, while monitoring takes place at whatever layer your target operates. Wireshark **captures** traffic at the Data Link Layer (Layer 2), the act of monitoring depends on the layer at which the device (in this case, the router) operates. A router operates at the Network Layer (Layer 3), so you are **monitoring** traffic at the Network Layer when analyzing the router's activity. A. Network: Correct – Routers operate at the Network layer (Layer 3). B. Transport: Incorrect – Deals with end-to-end communication protocols like TCP/UDP, not routers. C. Data Link: Incorrect – Manages direct node-to-node data transfer, relevant for switches, not routers. D. Session: Incorrect – Manages sessions between applications, (Layer 5).
upvoted 1 times
...
4bd3116
9 months ago
Selected Answer: A
The Answer is right. The OSI model's network layer (Layer 3) includes IP addresses and routing information.
upvoted 1 times
...
aqeel1506
9 months, 1 week ago
The correct answer is C. When using Ethereal (now known as Wireshark) to capture traffic on a router, you are monitoring at the Data Link layer (Layer 2) of the OSI model. This layer is responsible for framing, error control, and flow control of data transmitted over a network. At the Data Link layer, you can see packet headers, MAC addresses, and other information related to the local network segment. This allows you to monitor and analyze traffic to and from the router, including potential attacker activity. A. Network (Layer 3): This layer is responsible for routing and addressing, but you're not monitoring at this layer with Ethereal. B. Transport (Layer 4): This layer is responsible for reliable data transfer, but you're not monitoring at this layer with Ethereal. D. Session (Layer 5): This layer is responsible for establishing, managing, and terminating connections, but you're not monitoring at this layer with Ethereal.
upvoted 1 times
...
ala76nl
9 months, 4 weeks ago
Selected Answer: C
Capturing you do at datalink layer
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago