Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil Exam 212-82 Topic 2 Question 19 Discussion

Actual exam question for Eccouncil's 212-82 exam
Question #: 19
Topic #: 2
[All 212-82 Questions]

Mark, a security analyst, was tasked with performing threat hunting to detect imminent threats in an organization's network. He generated a hypothesis based on the observations in the initial step and started the threat-hunting process using existing data collected from DNS and proxy logs.

Identify the type of threat-hunting method employed by Mark in the above scenario.

Show Suggested Answer Hide Answer
Suggested Answer: B

by Paris at Aug 04, 2023, 11:49 AM

Limited Time Offer

25%

Off

Get Premium 212-82 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Eileen
8 days ago
I think it could be a combination of Entity-driven and Data-driven hunting, so maybe Hybrid hunting.
upvoted 0 times
...
Stevie
9 days ago
Data-driven hunting seems like a good fit here. Mark is using the existing data from DNS and proxy logs to identify any suspicious activities or patterns.
upvoted 0 times
...
Michael
9 days ago
I believe Mark employed Data-driven hunting.
upvoted 0 times
...
Santos
10 days ago
I think Mark is using the TTP-driven hunting method since he's focusing on the tactics, techniques, and procedures used by the threat actors to detect the imminent threats.
upvoted 0 times
...
Hobert
16 days ago
I think Mark used TTP-driven hunting.
upvoted 0 times
...

Save Cancel