Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil 212-82 Exam - Topic 2 Question 19 Discussion

Actual exam question for Eccouncil's 212-82 exam
Question #: 19
Topic #: 2
[All 212-82 Questions]

Mark, a security analyst, was tasked with performing threat hunting to detect imminent threats in an organization's network. He generated a hypothesis based on the observations in the initial step and started the threat-hunting process using existing data collected from DNS and proxy logs.

Identify the type of threat-hunting method employed by Mark in the above scenario.

Show Suggested Answer Hide Answer
Suggested Answer: B

by Paris at Aug 04, 2023, 11:49 AM

Limited Time Offer

25%

Off

Get Premium 212-82 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Cory
6 months ago
Hybrid hunting seems like a stretch here.
upvoted 0 times
...
Willetta
6 months ago
Wait, how can you tell? I'm not so sure.
upvoted 0 times
...
Hassie
7 months ago
Definitely entity-driven hunting!
upvoted 0 times
...
Reyes
7 months ago
I think it's TTP-driven hunting.
upvoted 0 times
...
Lanie
7 months ago
Sounds like data-driven hunting to me!
upvoted 0 times
...
Cassie
7 months ago
I feel like it could be hybrid hunting too, but I’m leaning towards data-driven since he’s using logs. It’s tricky!
upvoted 0 times
...
Barbra
7 months ago
This reminds me of a practice question where we discussed entity-driven hunting. I wonder if that could apply since he’s looking at specific data points.
upvoted 0 times
...
Dean
8 months ago
I’m not entirely sure, but I remember something about TTP-driven hunting focusing on tactics, techniques, and procedures. That might be relevant here.
upvoted 0 times
...
Basilia
8 months ago
I think Mark is using data-driven hunting since he’s analyzing existing logs to form his hypothesis.
upvoted 0 times
...
Hyman
8 months ago
Okay, I've got a strategy - I'll start by identifying the true statements, then cross-check those against my knowledge of typical post-upgrade tasks.
upvoted 0 times
...
Paulene
8 months ago
Hmm, this seems like a tricky one. I'll have to think carefully about the relationships in use cases.
upvoted 0 times
...
Audry
8 months ago
I'm leaning towards image verification because it seems like a common method for risk control, but honestly, it could be any of them based on the context.
upvoted 0 times
...
Georgeanna
8 months ago
I'm a little confused by the "separate closing schedule for every legal entity" option. Does that mean I need to configure the close process individually for each legal entity? I'll have to research that a bit more.
upvoted 0 times
...
Giuseppe
8 months ago
Group boycott sounds right, but I'm not 100% sure. I'd quickly map out how excluding physicians matches that definition.
upvoted 0 times
...
Thurman
1 year ago
Wait, so Mark's playing 'Where's Waldo?' with the network traffic? I hope he's got his magnifying glass ready!
upvoted 0 times
Sophia
11 months ago
C) Data-driven hunting
upvoted 0 times
...
Howard
1 year ago
B) TTP-driven hunting
upvoted 0 times
...
Ula
1 year ago
A) Entity-driven hunting
upvoted 0 times
...
...
Joni
1 year ago
I'm going with option B, TTP-driven hunting. It's like playing a game of 'Guess the Hacker's Playbook' - you gotta know their moves to catch them!
upvoted 0 times
Blythe
11 months ago
I agree, TTP-driven hunting is crucial for staying one step ahead of cyber threats. Mark is on the right track with his approach.
upvoted 0 times
...
Jennifer
11 months ago
TTP-driven hunting is definitely a strategic approach. It allows for proactive threat detection based on known attacker behaviors.
upvoted 0 times
...
Willie
11 months ago
I believe TTP-driven hunting is the way to go in this scenario. It helps in identifying patterns and behaviors of potential threats.
upvoted 0 times
...
Domonique
12 months ago
I think Mark is using TTP-driven hunting too. It's all about understanding the tactics, techniques, and procedures of the attackers.
upvoted 0 times
...
Melinda
1 year ago
It's a smart approach to threat hunting, focusing on the behaviors of the attackers.
upvoted 0 times
...
Aliza
1 year ago
TTP-driven hunting is all about understanding the tactics, techniques, and procedures of the threat actors.
upvoted 0 times
...
Bok
1 year ago
I think Mark is definitely using TTP-driven hunting in this scenario.
upvoted 0 times
...
Floyd
1 year ago
I agree with you, option B seems like the most logical choice.
upvoted 0 times
...
...
Meaghan
1 year ago
This sounds like a hybrid approach to me. Mark is combining both entity-driven and data-driven techniques to uncover the potential threats.
upvoted 0 times
...
Eileen
1 year ago
I think it could be a combination of Entity-driven and Data-driven hunting, so maybe Hybrid hunting.
upvoted 0 times
...
Stevie
1 year ago
Data-driven hunting seems like a good fit here. Mark is using the existing data from DNS and proxy logs to identify any suspicious activities or patterns.
upvoted 0 times
Angelica
12 months ago
D) Hybrid hunting
upvoted 0 times
...
Ilene
1 year ago
C) Data-driven hunting
upvoted 0 times
...
Aleta
1 year ago
B) TTP-driven hunting
upvoted 0 times
...
Ahmad
1 year ago
A) Entity-driven hunting
upvoted 0 times
...
...
Michael
1 year ago
I believe Mark employed Data-driven hunting.
upvoted 0 times
...
Santos
1 year ago
I think Mark is using the TTP-driven hunting method since he's focusing on the tactics, techniques, and procedures used by the threat actors to detect the imminent threats.
upvoted 0 times
...
Hobert
1 year ago
I think Mark used TTP-driven hunting.
upvoted 0 times
...

Save Cancel