Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil Exam 212-82 Topic 8 Question 24 Discussion

Actual exam question for Eccouncil's 212-82 exam
Question #: 24
Topic #: 8
[All 212-82 Questions]

SecuraCorp, a leading financial institution, is worried about zero-day vulnerabilities. With a sprawling network infrastructure and multiple transaction points, it needs a system that does not solely rely on signatures but can effectively identify suspicious patterns based on the behavior in the network. Which type of IDS/IPS should SecuraCorp primarily deploy for its needs?

Show Suggested Answer Hide Answer
Suggested Answer: B

/var/log/wtmp is the Linux log file accessed by Gideon in this scenario. /var/log/wtmp is a log file that records information related to user login/logout, such as username, terminal, IP address, and login time. /var/log/wtmp can be used to determine the current login state of users in a Linux system. /var/log/wtmp can be viewed using commands such as last, lastb, or utmpdump1.


by Alecia at Mar 19, 2024, 11:40 AM

Limited Time Offer

25%

Off

Get Premium 212-82 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Sylvie
1 days ago
Hmm, host-based IDS? That's like trying to catch a fly with a sledgehammer. SecuraCorp needs the big guns, the network-wide solution. Although, I do hear the host-based IDS can make a mean grilled cheese sandwich.
upvoted 0 times
...
Alesia
5 days ago
Signature-based IDS? Seriously? That's so last decade. SecuraCorp needs to step up its game and go for the anomaly-based approach. Gotta stay ahead of those zero-day threats, you know?
upvoted 0 times
...
Beata
6 days ago
Network-based IDS might be the better choice here. With all those transaction points, you need something that can monitor the entire network infrastructure, not just individual hosts.
upvoted 0 times
...
Arletta
6 days ago
I believe Network-based IDS could also be a good option for SecuraCorp to monitor the entire network traffic.
upvoted 0 times
...
Tawna
7 days ago
I agree with Merrilee. Anomaly-based IDS can detect unusual behavior that signature-based IDS might miss.
upvoted 0 times
...
Rikki
10 days ago
Anomaly-based IDS sounds like the way to go! It can detect suspicious patterns without relying solely on known signatures. Perfect for dealing with those pesky zero-day vulnerabilities.
upvoted 0 times
...
Merrilee
17 days ago
I think SecuraCorp should primarily deploy an Anomaly-based IDS.
upvoted 0 times
...

Save Cancel