Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil Exam ECSS Topic 2 Question 85 Discussion

Actual exam question for Eccouncil's ECSS exam
Question #: 85
Topic #: 2
[All ECSS Questions]

Bob. a network specialist in an organization, is attempting to identify malicious activities in the network. In this process. Bob analyzed specific data that provided him a summary of a conversation between two network devices, including a source IP and source port, a destination IP and destination port, the duration of the conversation, and the information shared during the conversation.

Which of the following types of network-based evidence was collected by Bob in the above scenario?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Lenora at Jun 29, 2024, 04:24 AM

Limited Time Offer

25%

Off

Get Premium ECSS Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Xuan
2 days ago
I believe it could also be Alert data, as it provides information about specific events that may indicate malicious activities.
upvoted 0 times
...
Phil
5 days ago
Hmm, I'm torn between C) Session data and D) Full content data. The summary of the conversation makes me think it's the full content, but the other details point to session data.
upvoted 0 times
...
Erinn
9 days ago
I think the correct answer is C) Session data. The details provided, like source and destination IPs and ports, duration, and conversation content, are all characteristics of a network session.
upvoted 0 times
...
Audrie
10 days ago
I agree with Rolf. Session data includes the summary of a conversation between network devices.
upvoted 0 times
...
Rolf
17 days ago
I think the network-based evidence collected by Bob is Session data.
upvoted 0 times
...

Save Cancel