An engineer must watch suspicious data transfers from an ICS. Which choice duplicates transmissions from a specific connection to a monitoring port for traffic inspection while allowing regular functions to continue? Select the BEST answer.
Activating a feature that attaches foreign tags to packets before sending them to an analyzer
Implementing a file transfer service that continuously saves all data for later review
Routing traffic through a filtering device that duplicates transmissions before returning them to the system
Configuring a switch capability that forwards a copy of transmissions to a distinct port for examination
A switch-based feature that replicates signals onto a dedicated observation port allows full inspection of packets. Other suggestions change data or reroute it in ways that can disrupt reliability or alter the flow of information, which is not ideal for passive monitoring.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the switch capability mentioned in the answer and how does it work?
Open an interactive chat with Bash
Why is port mirroring better than routing traffic through a filtering device for monitoring?
Open an interactive chat with Bash
What are ICS and why is their traffic monitoring important?