CompTIA Security+ Question J-30

Which of the following BEST allows Peter, a security administrator, to determine the type, source, and flags of the packet traversing a network for troubleshooting purposes?

A. Switches
B. Protocol analyzers
C. Routers
D. Web security gateways

Answer: B

Explanation:
A Protocol Analyzer is a hardware device or more commonly a software program used to capture network data communications sent between devices on a network. By capturing and analyzing the packets, Peter will be able to determine the type, source, and flags of the packets traversing a network for troubleshooting purposes. Well known software protocol analyzers include Message Analyzer (formerly Network Monitor) from Microsoft and Wireshark (formerly Ethereal).