What are hardware or software devices that examine streams of packets for unusual or malicious behavior?
The correct answer is D.
An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station.
Wireshark is a network protocol analyzer which allows you to see what’s happening on your network at a microscopic level.
Tcpdump is a common packet analyzer that runs under the command line. It allows the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is attached.
An Intrusion Prevention System (IPS) is a network security/threat prevention technology that examines network traffic flows to detect and prevent vulnerability exploits.
Certified Ethical Hacker v9