Software Flashcards
1
Q
Protocol analyzer/packet capture
A
Utility that can parse the header fields and payloads of protocols in captured frames for display and analysis. Example: Wireshark
2
Q
IDS/NIDS
A
Security appliance or software that uses passive hardware sensors to monitor traffic on a specific segment of the network.
3
Q
Flow data analyzer
A
Monitoring information about network traffic flows (network communication flows summarized by host or protocol type). Example: NetFlow
4
Q
IPS/NIPS
A
Security appliance or software that combines detection capabilities with the functions that can actively block attacks.