312-49v10 Exam QuestionsBrowse all questions from this exam
Go to Exam

312-49v10 Exam - Question 161

You have been called in to help with an investigation of an alleged network intrusion. After questioning the members of the company IT department, you search through the server log files to find any trace of the intrusion. After that you decide to telnet into one of the company routers to see if there is any evidence to be found. While connected to the router, you see some unusual activity and believe that the attackers are currently connected to that router. You start up an ethereal session to begin capturing traffic on the router that could be used in the investigation. At what layer of the OSI model are you monitoring while watching traffic to and from the router?

Show Answer
Correct Answer: AC

When using tools like Ethereal (now known as Wireshark) to capture traffic on a router, you are monitoring at the Data Link layer (Layer 2) of the OSI model. This layer is responsible for framing, error control, and flow control of data transmitted over a network. Monitoring at this layer allows you to see packet headers, MAC addresses, and other information related to the local network segment, which helps in analyzing traffic to and from the router and identifying potential attacker activity.

Discussion

3 comments
Sign in to comment
ala76nlOption: C
Jun 27, 2024

Capturing you do at datalink layer

aqeel1506Option: C
Jul 18, 2024

The correct answer is C. When using Ethereal (now known as Wireshark) to capture traffic on a router, you are monitoring at the Data Link layer (Layer 2) of the OSI model. This layer is responsible for framing, error control, and flow control of data transmitted over a network. At the Data Link layer, you can see packet headers, MAC addresses, and other information related to the local network segment. This allows you to monitor and analyze traffic to and from the router, including potential attacker activity. A. Network (Layer 3): This layer is responsible for routing and addressing, but you're not monitoring at this layer with Ethereal. B. Transport (Layer 4): This layer is responsible for reliable data transfer, but you're not monitoring at this layer with Ethereal. D. Session (Layer 5): This layer is responsible for establishing, managing, and terminating connections, but you're not monitoring at this layer with Ethereal.

4bd3116Option: A
Jul 21, 2024

The Answer is right. The OSI model's network layer (Layer 3) includes IP addresses and routing information.