Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil Exam ECSS Topic 5 Question 94 Discussion

Actual exam question for Eccouncil's ECSS exam
Question #: 94
Topic #: 5
[All ECSS Questions]

Messy, a network defender, was hired to secure an organization's internal network. He deployed an IDS in which the detection process depends on observing and comparing the observed events with the normal behavior and then detecting any deviation from it.

Identify the type of IDS employed by Messy in the above scenario.

Show Suggested Answer Hide Answer
Suggested Answer: B

by Ricarda at Sep 18, 2024, 10:06 PM

Limited Time Offer

25%

Off

Get Premium ECSS Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Gertude
2 months ago
B) Anomaly-based is the way to go. Messy's clearly a pro at this, and that's the only option that matches the description. Now, if only he could do something about that name...
upvoted 0 times
Graham
1 months ago
Application proxy IDS may not be the best fit for this scenario, anomaly-based is the way to go.
upvoted 0 times
...
Timothy
1 months ago
Signature-based IDS may not be as effective in detecting new or unknown threats.
upvoted 0 times
...
Gretchen
1 months ago
Messy must have a good understanding of network security to choose anomaly-based IDS.
upvoted 0 times
...
Dorthy
2 months ago
I agree, anomaly-based is the best choice for detecting deviations from normal behavior.
upvoted 0 times
...
...
Johnson
3 months ago
The question is a bit too straightforward, don't you think? I'm going to go with D) Application proxy just to keep things interesting. Who knows, maybe Messy has a few tricks up his sleeve!
upvoted 0 times
Cherelle
1 months ago
I agree with you, I'll go with B) Anomaly-based. It's always good to mix things up in network security.
upvoted 0 times
...
Geraldo
2 months ago
I'm leaning towards A) Stateful protocol analysis. It's a solid option for detecting deviations in network traffic.
upvoted 0 times
...
Magnolia
2 months ago
I think it's C) Signature-based. That's a common choice for network defenders.
upvoted 0 times
...
...
Nakita
3 months ago
Hmm, this one's a bit tricky. I'm torn between B) Anomaly-based and C) Signature-based. But I'll go with B since Messy seems to be a pretty savvy network defender.
upvoted 0 times
Frederica
2 months ago
User1: Definitely, it's all about spotting those anomalies to keep the network secure.
upvoted 0 times
...
Katy
2 months ago
User2: Yeah, that makes sense. Anomaly-based IDS would be a good choice for detecting deviations from normal behavior.
upvoted 0 times
...
Reuben
2 months ago
User1: I think it's B) Anomaly-based too. Messy probably wants to catch any unusual behavior.
upvoted 0 times
...
...
Rene
3 months ago
I think the answer is B) Anomaly-based. The scenario describes an IDS that compares observed events with normal behavior to detect deviations, which is the hallmark of an anomaly-based IDS.
upvoted 0 times
Vernice
2 months ago
Yes, anomaly-based IDS is the correct choice in this scenario.
upvoted 0 times
...
Ivette
3 months ago
I agree, the description fits an anomaly-based IDS.
upvoted 0 times
...
...
Adelle
3 months ago
I agree with Mireya, signature-based makes more sense in this scenario as it detects deviations from known patterns.
upvoted 0 times
...
Mireya
3 months ago
I disagree, I believe it is signature-based because it compares observed events with known patterns.
upvoted 0 times
...
Roy
4 months ago
I think the type of IDS employed by Messy is anomaly-based.
upvoted 0 times
...

Save Cancel