Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil Exam ECSS Topic 2 Question 85 Discussion

Actual exam question for Eccouncil's ECSS exam
Question #: 85
Topic #: 2
[All ECSS Questions]

Bob. a network specialist in an organization, is attempting to identify malicious activities in the network. In this process. Bob analyzed specific data that provided him a summary of a conversation between two network devices, including a source IP and source port, a destination IP and destination port, the duration of the conversation, and the information shared during the conversation.

Which of the following types of network-based evidence was collected by Bob in the above scenario?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Lenora at Jun 29, 2024, 04:24 AM

Limited Time Offer

25%

Off

Get Premium ECSS Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Jamal
30 days ago
Oh, this is a tough one. I'm going to have to go with C) Session data, but I'm secretly hoping Bob has a backup plan in case the network goes haywire. You know, like a secret stash of cat videos or something.
upvoted 0 times
Tamala
2 days ago
B) Alert data is important for real-time detection of potential threats.
upvoted 0 times
...
Valda
19 days ago
A) Statistical data could also be useful in identifying malicious activities.
upvoted 0 times
...
...
Fairy
1 months ago
I'm going with C) Session data. Anything involving 'Bob the network specialist' has to be session data, right? I mean, the guy probably has a sixth sense for this kind of thing.
upvoted 0 times
Amber
8 days ago
C) Session data
upvoted 0 times
...
Major
19 days ago
B) Alert data
upvoted 0 times
...
Daniel
28 days ago
A) Statistical data
upvoted 0 times
...
...
Brett
1 months ago
Easy peasy, it's C) Session data. Bob's a network specialist, so he knows his stuff. I bet he could catch a hacker faster than I can finish my morning coffee!
upvoted 0 times
...
Xuan
2 months ago
I believe it could also be Alert data, as it provides information about specific events that may indicate malicious activities.
upvoted 0 times
...
Phil
2 months ago
Hmm, I'm torn between C) Session data and D) Full content data. The summary of the conversation makes me think it's the full content, but the other details point to session data.
upvoted 0 times
Kasandra
27 days ago
B) Alert data
upvoted 0 times
...
Dong
29 days ago
A) Statistical data
upvoted 0 times
...
...
Erinn
2 months ago
I think the correct answer is C) Session data. The details provided, like source and destination IPs and ports, duration, and conversation content, are all characteristics of a network session.
upvoted 0 times
Desiree
16 days ago
D) Full content data
upvoted 0 times
...
Adrianna
21 days ago
C) Session data
upvoted 0 times
...
Elli
26 days ago
B) Alert data
upvoted 0 times
...
Willie
1 months ago
A) Statistical data
upvoted 0 times
...
...
Audrie
2 months ago
I agree with Rolf. Session data includes the summary of a conversation between network devices.
upvoted 0 times
...
Rolf
2 months ago
I think the network-based evidence collected by Bob is Session data.
upvoted 0 times
...

Save Cancel