Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil 312-39 Exam - Topic 7 Question 4 Discussion

Actual exam question for Eccouncil's 312-39 exam
Question #: 4
Topic #: 7
[All 312-39 Questions]

John as a SOC analyst is worried about the amount of Tor traffic hitting the network. He wants to prepare a dashboard in the SIEM to get a graph to identify the locations from where the TOR traffic is coming.

Which of the following data source will he use to prepare the dashboard?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Joanna at May 05, 2022, 12:04 PM

Limited Time Offer

25%

Off

Get Premium 312-39 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Josephine
7 months ago
I’d go with Apache logs, they give a lot of detail on traffic sources.
upvoted 0 times
...
Edwin
7 months ago
Surprised that Tor traffic is a concern, isn't it usually encrypted?
upvoted 0 times
...
Glenn
7 months ago
Not so sure about that, DNS logs could also provide useful info.
upvoted 0 times
...
Oliva
8 months ago
Totally agree, DHCP logs are key for IP resolution!
upvoted 0 times
...
Micaela
8 months ago
I think DHCP logs would be the best choice for tracking IPs.
upvoted 0 times
...
Linn
8 months ago
I vaguely recall that Apache logs provide good information about IP addresses, but I’m not sure if they would help pinpoint Tor traffic specifically.
upvoted 0 times
...
Jenise
8 months ago
I feel like DNS logs might be relevant too, especially since they can show requests made to known Tor exit nodes.
upvoted 0 times
...
Elinore
8 months ago
I think IIS logs could be useful since they include user agent info, but I’m not entirely confident if that’s the best choice for identifying Tor traffic.
upvoted 0 times
...
Cordelia
8 months ago
I remember we discussed how DHCP logs can help track IP addresses, but I'm not sure if they would give enough detail for Tor traffic specifically.
upvoted 0 times
...
Ariel
8 months ago
This seems like a pretty straightforward question. I'd go with Custom Vision object detection - it's designed for identifying objects in images, which is exactly what we need here.
upvoted 0 times
...
Sheron
8 months ago
Okay, let me see if I can break this down. The key is to identify the step that is NOT required. Based on my understanding, comparing the original use of personal data to post-merger use is a crucial part of the diligence process, so I don't think that's the answer. I'm leaning towards C as the correct choice.
upvoted 0 times
...
Noel
8 months ago
I'm pretty confident that consensus leasing and synchronous leasing are the two correct answers here. Those scenarios definitely require node manager, but I'm not as sure about the other options.
upvoted 0 times
...
Sabrina
8 months ago
Okay, I think I've got a handle on this. The key is to focus on the svcprop command and what it can tell us about the system's configuration.
upvoted 0 times
...
Fletcher
8 months ago
Okay, let me think this through step-by-step. HIPAA is about protecting personal health information, so it makes sense that it would cover more than just paper records. I'll go with D - All of the above.
upvoted 0 times
...

Save Cancel