Eccouncil Exam 512-50 Topic 8 Question 56 Discussion

Actual exam question for Eccouncil's 512-50 exam

Question #: 56
Topic #: 8

Simon had all his systems administrators implement hardware and software firewalls to ensure network

security. They implemented IDS/IPS systems throughout the network to check for and stop any unauthorized

traffic that may attempt to enter. Although Simon and his administrators believed they were secure, a hacker

group was able to get into the network and modify files hosted on the company's website. After searching

through the firewall and server logs, no one could find how the attackers were able to get in. He decides that

the entire network needs to be monitored for critical and essential file changes. This monitoring tool alerts

administrators when a critical file is altered. What tool could Simon and his administrators implement to

accomplish this?

AThey need to use Nessus.

BThey can implement Wireshark.

CSnort is the best tool for their situation.

DThey could use Tripwire.

Show Suggested Answer

Suggested Answer: C

by Dalene at Sep 16, 2024, 04:51 PM

Limited Time Offer

25%

13 days ago

Snort is an IDS, not really designed for file change detection. Tripwire sounds like the best solution to monitor those critical files.

upvoted 0 times

4 hours ago

I agree, Snort is more for intrusion detection. Tripwire would be better for monitoring file changes.

upvoted 0 times

...

21 days ago

I think they should use Nessus.

upvoted 0 times

...

24 days ago

Nah, Nessus is for vulnerability scanning, not file integrity monitoring. Wireshark is a network sniffer, not the right tool for the job.

upvoted 0 times

14 days ago

A) They need to use Nessus.

upvoted 0 times

...