Eccouncil Exam 312-39 Topic 2 Question 86 Discussion

Actual exam question for Eccouncil's 312-39 exam

Question #: 86
Topic #: 2

[All 312-39 Questions]

If the SIEM generates the following four alerts at the same time:

1. Firewall blocking traffic from getting into the network alerts

II. SQL injection attempt alerts

III. Data deletion attempt alerts

IV. Brute-force attempt alerts

Which alert should be given least priority as per effective alert triaging?

AIII

BIV

CII

Show Suggested Answer

Suggested Answer: D

by Belen at Jul 11, 2024, 02:42 PM

Limited Time Offer

25%

Off

Get Premium 312-39 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Venita

12 days ago

I don't know, man. Brute-force attempts can be pretty nasty. I'm going to have to go with IV on this one. Gotta keep those hackers out, you know?

upvoted 0 times

...

Otis

13 days ago

Haha, the firewall blocking traffic? That's like the equivalent of a toddler trying to break into Fort Knox. Definitely the least of our worries here.

upvoted 0 times

...

In

17 days ago

Hmm, I'm not so sure. If someone's trying to delete data, that could be a sign of a bigger issue. I'd still want to look into that one, even if the other alerts seem more urgent.

upvoted 0 times

...

Beckie

21 days ago

I agree with Lashaunda, SQL injection attempts are common but may not always result in a successful breach, so it should be given least priority.

upvoted 0 times

...

Lashaunda

22 days ago

I think the least priority alert should be II because SQL injection attempts are more common and may not always be successful.

upvoted 0 times

...

Chara

23 days ago

I disagree, I believe the least priority alert should be IV.

upvoted 0 times

...

Lashon

2 months ago

The data deletion attempt is definitely the least concerning. I mean, who cares about a little data deletion when we've got SQL injection and brute-force attempts happening? Easy choice here.

upvoted 0 times