Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Eccouncil Exam 212-82 Topic 8 Question 24 Discussion

Actual exam question for Eccouncil's 212-82 exam
Question #: 24
Topic #: 8
[All 212-82 Questions]

SecuraCorp, a leading financial institution, is worried about zero-day vulnerabilities. With a sprawling network infrastructure and multiple transaction points, it needs a system that does not solely rely on signatures but can effectively identify suspicious patterns based on the behavior in the network. Which type of IDS/IPS should SecuraCorp primarily deploy for its needs?

Show Suggested Answer Hide Answer
Suggested Answer: B

/var/log/wtmp is the Linux log file accessed by Gideon in this scenario. /var/log/wtmp is a log file that records information related to user login/logout, such as username, terminal, IP address, and login time. /var/log/wtmp can be used to determine the current login state of users in a Linux system. /var/log/wtmp can be viewed using commands such as last, lastb, or utmpdump1.


Contribute your Thoughts:

Alesia
10 hours ago
Signature-based IDS? Seriously? That's so last decade. SecuraCorp needs to step up its game and go for the anomaly-based approach. Gotta stay ahead of those zero-day threats, you know?
upvoted 0 times
...
Beata
2 days ago
Network-based IDS might be the better choice here. With all those transaction points, you need something that can monitor the entire network infrastructure, not just individual hosts.
upvoted 0 times
...
Arletta
2 days ago
I believe Network-based IDS could also be a good option for SecuraCorp to monitor the entire network traffic.
upvoted 0 times
...
Tawna
2 days ago
I agree with Merrilee. Anomaly-based IDS can detect unusual behavior that signature-based IDS might miss.
upvoted 0 times
...
Rikki
5 days ago
Anomaly-based IDS sounds like the way to go! It can detect suspicious patterns without relying solely on known signatures. Perfect for dealing with those pesky zero-day vulnerabilities.
upvoted 0 times
...
Merrilee
12 days ago
I think SecuraCorp should primarily deploy an Anomaly-based IDS.
upvoted 0 times
...

Save Cancel