Why would a network admin set a network interface card (NIC) into promiscuous mode?

A. To screen out all network errors that affect network statistical information.
B. To monitor network usuage.
C. To monitor unauthorized activity and use.
D. To capture information about intrusions or attacks.

What's the best answer?

Pick - 'D'

A. Network errors are detected by using ICMP, static routing etc.
B. Network usuage is better monitored at the routers (can keep the count of packets going through each port.)
C. Monitor unauthorized activity and use is a part of possible intrusion detection and moreover, wouldn't one check the unauthorized use at the system (host) level, rather than reading all the packets on the network.
D. This is the best answer, since it includes C and that the intrusion detection is done this way. When IDS like snort is used, it's got the NIC in promiscuous mode.