What type of network tool can be used to determine if these packets are genuinely malicious or simply a false positive?

An Intrusion Detection System (IDS) has alerted the network administrator to a possibly malicious sequence of packets sent to a Web server in the network’s external DMZ. The packet traffic was captured by the IDS and saved to a PCAP file.

What type of network tool can be used to determine if these packets are genuinely malicious or simply a false positive?
A . Protocol analyzer
B . Network sniffer
C . Intrusion Prevention System (IPS)
D . Vulnerability scanner

View Answer

Answer: A