Network Sniffing — CompTIA Security+ (SY0-701) Practice Questions
Network sniffing, also called packet capture or passive eavesdropping, is the act of intercepting and reading data as it traverses a network segment. SY0-701 tests candidates on how sniffing works in both switched and hub-based environments, and techniques such as ARP poisoning that redirect traffic to enable interception on switched networks. The exam connects sniffing to the risk posed by cleartext protocols, because captured packets can reveal credentials, session tokens, and sensitive data when encryption is absent. Defensive countermeasures such as encryption in transit, switch port security, and network monitoring are all relevant to this topic.
Free questions on network sniffing
A penetration tester uses a tool to capture and analyze unencrypted authentication traffic on a network. What vulnerability is being exploited?
Free question · medium · full answer + explanation