While reviewing the monthly internet usage it is noted that there is a large spike in traffic classified as "unknown" and does not appear to be within the bounds of the organizations Acceptable Use Policy.
Which of the following tool or technology would work BEST for obtaining more information on this traffic?
A. Firewall logs
B. IDS logs
C. Increased spam filtering
D. Protocol analyzer
Where does it say that the traffic is not continuing? The question says: While reviewing the monthly internet usage it is noted that there IS a large spike…so according to the question the unknown traffic is still traversing the network..Also, if it’s in the IDS logs why didn’t the IDS send an alert to the administrator?..no alert = no log capture..answer is protocol analyzer..