Eccouncil Exam 212-82 Topic 2 Question 33 Discussion

Actual exam question for Eccouncil's 212-82 exam

Question #: 33
Topic #: 2

Brielle. a security professional, was instructed to secure her organization's network from malicious activities. To achieve this, she started monitoring network activities on a control system that collected event data from various sources. During this process. Brielle observed that a malicious actor had logged in to access a network device connected to the organizational network. Which of the following types of events did Brielle identify in the above scenario?

AFailure audit

BError

CSuccess audit

DWarning

Show Suggested Answer

Suggested Answer: C

Success audit is the type of event that Brielle identified in the above scenario. Success audit is a type of event that records successful attempts to access a network device or resource. Success audit can be used to monitor authorized activities on a network, but it can also indicate unauthorized activities by malicious actors who have compromised credentials or bypassed security controls4.

by Francis at Jul 10, 2024, 12:02 AM

Limited Time Offer

25%

Off

Get Premium 212-82 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Dalene

4 months ago

Haha, you guys are all overthinking this. It's obviously a Error event - the malicious actor was trying to do something bad, so it's an error, plain and simple. Brielle's got this on lockdown!

upvoted 0 times

...

Jean

4 months ago

Warning? Really? I mean, the question specifically says Brielle observed the malicious actor logging in, so I think it's gotta be a Success audit. Who cares if it was malicious, it was still a successful login.

upvoted 0 times

...

Shawna

4 months ago

Nah, I don't think it's a Failure audit either. Based on the scenario, the malicious actor was able to access the network device, so I'd say Brielle identified a Warning event.

upvoted 0 times

Ngoc

3 months ago

Yes, I think you're right. A Warning event makes more sense in this scenario.

upvoted 0 times

...

Louisa

3 months ago

Yeah, I also think it's a Warning.

upvoted 0 times

...

Elke

3 months ago

I agree with you, it seems like a Warning event because the malicious actor was able to access the network device.

upvoted 0 times

...

Sang

4 months ago

I agree, it seems more like a Warning event.

upvoted 0 times

...

Jillian

4 months ago

I think it's a Success audit.

upvoted 0 times

...

Izetta

4 months ago

I agree with Launa, it makes sense that it could be a success audit in this scenario.

upvoted 0 times

...

Regenia

5 months ago

Ah, but a Success audit would indicate a legitimate login, not a malicious one. I'd say Brielle identified a Failure audit, as the login attempt was unauthorized and should have been blocked.

upvoted 0 times

Demetra

4 months ago

Brielle's proactive monitoring helped in detecting the unauthorized access.

upvoted 0 times

...

Anika

4 months ago

It's important to quickly identify and respond to such malicious activities.

upvoted 0 times

...

Cyndy

4 months ago

Yes, a Failure audit indicates an unauthorized login attempt.

upvoted 0 times

...

Eladia

4 months ago

I agree, a Failure audit would be the most appropriate in this scenario.

upvoted 0 times

...

Amina

5 months ago

Hmm, this is a tricky one. I think Brielle identified a Success audit since the malicious actor was able to successfully log in, even though their actions were malicious.

upvoted 0 times