CompTIA CASP+ Practice Test

Which tool can a consultant use to identify the manufacturer and operating system of network devices without transmitting data?

• A. Network scanner
• B. Protocol analyzer
• C. Packet sniffer
• D. Port scanner

The correct answer is: Protocol analyzer

A protocol analyzer is a tool that allows a consultant to capture and inspect the data packets moving through a network. While it is primarily used for analyzing the data within packets, it can also be employed to gather information about network devices, including their manufacturer and operating system based on the characteristics of the protocols in use. This is achieved by examining the protocol headers, which often contain metadata such as device type and operating system information related to the communication protocol being utilized. Importantly, a protocol analyzer can passively observe and interpret the traffic without initiating its own communications with the devices on the network, thereby not transmitting any data itself. In contrast, the other tools listed generally require some level of active probing or data transmission. A network scanner, while useful for identifying devices on a network, typically sends out requests that could elicit responses from devices. Packet sniffers focus on capturing packets but may also inherently involve traffic generation. A port scanner operates by actively attempting to connect to ports on a target device to determine their status, which also involves the transmission of data. Utilizing a protocol analyzer effectively allows for passive monitoring, which is essential in certain scenarios where non-intrusive identification of devices is crucial, such as in sensitive environments where minimizing network traffic is a