Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil 312-49 Exam - Topic 1 Question 3 Discussion

Actual exam question for Eccouncil's 312-49 exam
Question #: 3
Topic #: 1
[All 312-49 Questions]

Network forensics allows Investigators to inspect network traffic and logs to identify and locate the attack system

Network forensics can reveal: (Select three answers)

Show Suggested Answer Hide Answer
Suggested Answer: A, B, C

by Cordelia at May 09, 2022, 10:18 PM

Limited Time Offer

25%

Off

Get Premium 312-49 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Blossom
7 months ago
Yeah, it’s all about tracing the path and source!
upvoted 0 times
...
Carlee
7 months ago
Totally agree with A and B, but C seems a bit vague.
upvoted 0 times
...
Antonio
7 months ago
Wow, I didn't realize network forensics could be that revealing!
upvoted 0 times
...
Delsie
8 months ago
I think D is a stretch.
upvoted 0 times
...
Annelle
8 months ago
Definitely A, B, and C!
upvoted 0 times
...
Lynna
8 months ago
I don't recall hardware configuration being a focus in our studies. It seems less relevant compared to the other options.
upvoted 0 times
...
Rebbecca
8 months ago
I think intrusion techniques used by attackers might be one of the options too. We practiced a similar question in class about identifying methods used in breaches.
upvoted 0 times
...
Laine
8 months ago
I'm a bit unsure, but I feel like the path of the attack is also something we covered. It seems important for tracing back the steps of an intruder.
upvoted 0 times
...
Tegan
8 months ago
I remember studying that network forensics can definitely help identify the source of attacks. I think that's one of the answers.
upvoted 0 times
...
Augustine
8 months ago
Ah, I see what they're getting at here. Duplicate entries could happen if two different applications are referencing the same installation files or using the same applicability or detection rules. I feel pretty confident about this one.
upvoted 0 times
...
Maryrose
8 months ago
Hmm, this question seems a bit tricky. I'll need to carefully read through the options and think about how the "Create Rule" button in the Security Events tab would work.
upvoted 0 times
...
Jeanice
8 months ago
The span argument makes the most sense to me. That's how I would approach this question on the exam.
upvoted 0 times
...
Jordan
8 months ago
I remember practicing questions about SQL subsets, and Data Definition Language seemed more about creating and altering structures, not access control.
upvoted 0 times
...

Save Cancel