Which capability is highlighted as part of Cain's sniffer?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

Which capability is highlighted as part of Cain's sniffer?

Explanation:
Sniffing network traffic to interpret higher‑level protocols is what Cain’s sniffer excels at. It doesn’t just grab raw bytes; it decodes the protocol messages so you can read the signaling and media details of VoIP. In VoIP, SIP handles how calls are set up, negotiated, and torn down, while RTP carries the actual voice data. Being able to decode SIP and RTP means you can see who’s talking to whom, call setup information, and, if the traffic isn’t encrypted, even the media payload. The other options describe actions outside the sniffer’s function—automatic patching, blocking outbound connections, or brute-forcing passwords locally.

Sniffing network traffic to interpret higher‑level protocols is what Cain’s sniffer excels at. It doesn’t just grab raw bytes; it decodes the protocol messages so you can read the signaling and media details of VoIP. In VoIP, SIP handles how calls are set up, negotiated, and torn down, while RTP carries the actual voice data. Being able to decode SIP and RTP means you can see who’s talking to whom, call setup information, and, if the traffic isn’t encrypted, even the media payload. The other options describe actions outside the sniffer’s function—automatic patching, blocking outbound connections, or brute-forcing passwords locally.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy