Are you planning on taking the Security+ exam? If so, you should have a good understanding of network traffic and and how to capture and analyze packets on a network.
For example, can you answer this sample Security+ question?
Q. A network administrator needs to identify the type of traffic and packet flags used in traffic sent from a specific IP address. Which of the following is the BEST tool to meet this need?
A. UTM security appliance
B. Router logs
C. Protocol analyzer
D. Vulnerability scan
More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation is available here.