Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Eccouncil Exam ECSS Topic 2 Question 85 Discussion

Actual exam question for Eccouncil's ECSS exam
Question #: 85
Topic #: 2
[All ECSS Questions]

Bob. a network specialist in an organization, is attempting to identify malicious activities in the network. In this process. Bob analyzed specific data that provided him a summary of a conversation between two network devices, including a source IP and source port, a destination IP and destination port, the duration of the conversation, and the information shared during the conversation.

Which of the following types of network-based evidence was collected by Bob in the above scenario?

Show Suggested Answer Hide Answer
Suggested Answer: B

Contribute your Thoughts:

Phil
12 hours ago
Hmm, I'm torn between C) Session data and D) Full content data. The summary of the conversation makes me think it's the full content, but the other details point to session data.
upvoted 0 times
...
Erinn
4 days ago
I think the correct answer is C) Session data. The details provided, like source and destination IPs and ports, duration, and conversation content, are all characteristics of a network session.
upvoted 0 times
...
Audrie
6 days ago
I agree with Rolf. Session data includes the summary of a conversation between network devices.
upvoted 0 times
...
Rolf
12 days ago
I think the network-based evidence collected by Bob is Session data.
upvoted 0 times
...

Save Cancel