An engineer must watch suspicious data transfers from an ICS. Which choice duplicates transmissions from a specific connection to a monitoring port for traffic inspection while allowing regular functions to continue? Select the BEST answer.
Implementing a file transfer service that continuously saves all data for later review
Activating a feature that attaches foreign tags to packets before sending them to an analyzer
Routing traffic through a filtering device that duplicates transmissions before returning them to the system
Configuring a switch capability that forwards a copy of transmissions to a distinct port for examination
A switch-based feature that replicates signals onto a dedicated observation port allows full inspection of packets. Other suggestions change data or reroute it in ways that can disrupt reliability or alter the flow of information, which is not ideal for passive monitoring.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the switch capability that forwards traffic copies to a monitoring port?
Open an interactive chat with Bash
How does Port Mirroring differ from routing traffic through a filtering device?
Open an interactive chat with Bash
Why is passive monitoring like Port Mirroring important in ICS environments?