Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil Exam ECSS Topic 5 Question 94 Discussion

Actual exam question for Eccouncil's ECSS exam
Question #: 94
Topic #: 5
[All ECSS Questions]

Messy, a network defender, was hired to secure an organization's internal network. He deployed an IDS in which the detection process depends on observing and comparing the observed events with the normal behavior and then detecting any deviation from it.

Identify the type of IDS employed by Messy in the above scenario.

Show Suggested Answer Hide Answer
Suggested Answer: B

by Ricarda at Sep 18, 2024, 10:06 PM

Limited Time Offer

25%

Off

Get Premium ECSS Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Gertude
14 days ago
B) Anomaly-based is the way to go. Messy's clearly a pro at this, and that's the only option that matches the description. Now, if only he could do something about that name...
upvoted 0 times
Dorthy
3 days ago
I agree, anomaly-based is the best choice for detecting deviations from normal behavior.
upvoted 0 times
...
...
Johnson
30 days ago
The question is a bit too straightforward, don't you think? I'm going to go with D) Application proxy just to keep things interesting. Who knows, maybe Messy has a few tricks up his sleeve!
upvoted 0 times
Magnolia
9 days ago
I think it's C) Signature-based. That's a common choice for network defenders.
upvoted 0 times
...
...
Nakita
1 months ago
Hmm, this one's a bit tricky. I'm torn between B) Anomaly-based and C) Signature-based. But I'll go with B since Messy seems to be a pretty savvy network defender.
upvoted 0 times
Frederica
17 hours ago
User1: Definitely, it's all about spotting those anomalies to keep the network secure.
upvoted 0 times
...
Katy
2 days ago
User2: Yeah, that makes sense. Anomaly-based IDS would be a good choice for detecting deviations from normal behavior.
upvoted 0 times
...
Reuben
24 days ago
User1: I think it's B) Anomaly-based too. Messy probably wants to catch any unusual behavior.
upvoted 0 times
...
...
Rene
2 months ago
I think the answer is B) Anomaly-based. The scenario describes an IDS that compares observed events with normal behavior to detect deviations, which is the hallmark of an anomaly-based IDS.
upvoted 0 times
Vernice
28 days ago
Yes, anomaly-based IDS is the correct choice in this scenario.
upvoted 0 times
...
Ivette
1 months ago
I agree, the description fits an anomaly-based IDS.
upvoted 0 times
...
...
Adelle
2 months ago
I agree with Mireya, signature-based makes more sense in this scenario as it detects deviations from known patterns.
upvoted 0 times
...
Mireya
2 months ago
I disagree, I believe it is signature-based because it compares observed events with known patterns.
upvoted 0 times
...
Roy
2 months ago
I think the type of IDS employed by Messy is anomaly-based.
upvoted 0 times
...

Save Cancel