New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GISF Exam - Topic 2 Question 79 Discussion

Actual exam question for GIAC's GISF exam
Question #: 79
Topic #: 2
[All GISF Questions]

You are concerned about an attacker being able to get into your network. You want to make surethat you are informed of any network activity that is outside normal parameters. What is the bestway to do this?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Luisa at Nov 20, 2025, 11:40 PM

Limited Time Offer

25%

Off

Get Premium GISF Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Dahlia
15 hours ago
I think B is more reliable for known threats.
upvoted 0 times
...
Therese
6 days ago
A) Implement an anomaly based IDS. It's like a digital neighborhood watch for my network.
upvoted 0 times
...
Mammie
11 days ago
B) Implement signature based antivirus. Gotta keep those pesky viruses out of my network!
upvoted 0 times
...
Miles
16 days ago
D) User performance monitors. I like to keep a close eye on my network's performance.
upvoted 0 times
...
Valentin
21 days ago
C) Utilize protocol analyzers. This will give me a detailed view of the network traffic.
upvoted 0 times
...
Jamie
26 days ago
A) Implement an anomaly based IDS. This will help detect any unusual network activity.
upvoted 0 times
...
Carmelina
1 month ago
User performance monitors seem unrelated to security, but I can't recall if they might help indirectly.
upvoted 0 times
...
Tresa
1 month ago
I feel like protocol analyzers could help, but they might not alert you in real-time like an IDS would.
upvoted 0 times
...
Layla
1 month ago
I remember practicing a similar question, and I think signature-based antivirus is more about known threats rather than detecting anomalies.
upvoted 0 times
...
German
2 months ago
I think an anomaly-based IDS could be the right choice since it detects unusual patterns, but I'm not completely sure if it's the best option for all situations.
upvoted 0 times
...
Dorothy
2 months ago
Hmm, I'm not sure. The performance monitors could also be helpful to identify any unusual resource usage or bottlenecks that might indicate an attack. Lots of good options here, gotta think it through.
upvoted 0 times
...
Nancey
2 months ago
Definitely go with the anomaly-based IDS. Signature-based tools are good for known threats, but they won't catch anything new or unusual. Gotta stay one step ahead of the attackers.
upvoted 0 times
...
Shawana
2 months ago
A is definitely the best choice for detecting unusual activity.
upvoted 0 times
...
Mattie
2 months ago
I think A is the best choice. Anomaly detection is key.
upvoted 0 times
...
Louann
3 months ago
I'm leaning towards the protocol analyzers. That way we can really dive into the network traffic and see exactly what's going on, not just rely on alerts from an IDS.
upvoted 0 times
...
Lajuana
3 months ago
A) Implement an anomaly based IDS. Gotta catch those sneaky hackers before they cause trouble!
upvoted 0 times
...
Nu
3 months ago
I'm a little confused on the difference between anomaly-based and signature-based approaches. Can someone clarify which one would be better for detecting unknown threats?
upvoted 0 times
...
Lavonda
3 months ago
I think the best approach here is to implement an anomaly-based IDS. That way we can detect any unusual network activity that might indicate an attack.
upvoted 0 times
Vincenza
2 months ago
I agree, anomaly-based IDS seems the most effective.
upvoted 0 times
...
...

Save Cancel