Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil Exam 212-82 Topic 8 Question 24 Discussion

Actual exam question for Eccouncil's 212-82 exam
Question #: 24
Topic #: 8
[All 212-82 Questions]

SecuraCorp, a leading financial institution, is worried about zero-day vulnerabilities. With a sprawling network infrastructure and multiple transaction points, it needs a system that does not solely rely on signatures but can effectively identify suspicious patterns based on the behavior in the network. Which type of IDS/IPS should SecuraCorp primarily deploy for its needs?

Show Suggested Answer Hide Answer
Suggested Answer: B

/var/log/wtmp is the Linux log file accessed by Gideon in this scenario. /var/log/wtmp is a log file that records information related to user login/logout, such as username, terminal, IP address, and login time. /var/log/wtmp can be used to determine the current login state of users in a Linux system. /var/log/wtmp can be viewed using commands such as last, lastb, or utmpdump1.


by Alecia at Mar 19, 2024, 11:40 AM

Limited Time Offer

25%

Off

Get Premium 212-82 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Teri
3 months ago
Anomaly-based IDS all the way! It's like a cyber-detective, sniffing out the bad guys before they even strike. Gotta keep those financial transactions secure, am I right?
upvoted 0 times
Tiffiny
2 months ago
D) Host-based IDS
upvoted 0 times
...
Jess
2 months ago
C) Signature-based IDS
upvoted 0 times
...
Kenny
3 months ago
B) Anomaly-based IDS
upvoted 0 times
...
Ronnie
3 months ago
A) Network-based IDS
upvoted 0 times
...
...
Sylvie
3 months ago
Hmm, host-based IDS? That's like trying to catch a fly with a sledgehammer. SecuraCorp needs the big guns, the network-wide solution. Although, I do hear the host-based IDS can make a mean grilled cheese sandwich.
upvoted 0 times
Arthur
2 months ago
Network-based IDS
upvoted 0 times
...
Huey
2 months ago
Anomaly-based IDS
upvoted 0 times
...
...
Alesia
3 months ago
Signature-based IDS? Seriously? That's so last decade. SecuraCorp needs to step up its game and go for the anomaly-based approach. Gotta stay ahead of those zero-day threats, you know?
upvoted 0 times
...
Beata
3 months ago
Network-based IDS might be the better choice here. With all those transaction points, you need something that can monitor the entire network infrastructure, not just individual hosts.
upvoted 0 times
...
Arletta
3 months ago
I believe Network-based IDS could also be a good option for SecuraCorp to monitor the entire network traffic.
upvoted 0 times
...
Tawna
3 months ago
I agree with Merrilee. Anomaly-based IDS can detect unusual behavior that signature-based IDS might miss.
upvoted 0 times
...
Rikki
3 months ago
Anomaly-based IDS sounds like the way to go! It can detect suspicious patterns without relying solely on known signatures. Perfect for dealing with those pesky zero-day vulnerabilities.
upvoted 0 times
Luther
2 months ago
Host-based IDS could provide additional security at the endpoint level.
upvoted 0 times
...
Joaquin
2 months ago
Signature-based IDS may not be enough to detect zero-day vulnerabilities.
upvoted 0 times
...
Gianna
3 months ago
Network-based IDS could also be useful to monitor the traffic within the network.
upvoted 0 times
...
Sophia
3 months ago
I agree, anomaly-based IDS is definitely the best choice for SecuraCorp's needs.
upvoted 0 times
...
...
Merrilee
4 months ago
I think SecuraCorp should primarily deploy an Anomaly-based IDS.
upvoted 0 times
...

Save Cancel