Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Eccouncil Exam 212-82 Topic 2 Question 19 Discussion

Actual exam question for Eccouncil's 212-82 exam
Question #: 19
Topic #: 2
[All 212-82 Questions]

Mark, a security analyst, was tasked with performing threat hunting to detect imminent threats in an organization's network. He generated a hypothesis based on the observations in the initial step and started the threat-hunting process using existing data collected from DNS and proxy logs.

Identify the type of threat-hunting method employed by Mark in the above scenario.

Show Suggested Answer Hide Answer
Suggested Answer: B

by Paris at Aug 04, 2023, 11:49 AM

Limited Time Offer

25%

Off

Get Premium 212-82 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Thurman
1 months ago
Wait, so Mark's playing 'Where's Waldo?' with the network traffic? I hope he's got his magnifying glass ready!
upvoted 0 times
Howard
18 days ago
B) TTP-driven hunting
upvoted 0 times
...
Ula
26 days ago
A) Entity-driven hunting
upvoted 0 times
...
...
Joni
2 months ago
I'm going with option B, TTP-driven hunting. It's like playing a game of 'Guess the Hacker's Playbook' - you gotta know their moves to catch them!
upvoted 0 times
Domonique
11 days ago
I think Mark is using TTP-driven hunting too. It's all about understanding the tactics, techniques, and procedures of the attackers.
upvoted 0 times
...
Melinda
13 days ago
It's a smart approach to threat hunting, focusing on the behaviors of the attackers.
upvoted 0 times
...
Aliza
26 days ago
TTP-driven hunting is all about understanding the tactics, techniques, and procedures of the threat actors.
upvoted 0 times
...
Bok
1 months ago
I think Mark is definitely using TTP-driven hunting in this scenario.
upvoted 0 times
...
Floyd
1 months ago
I agree with you, option B seems like the most logical choice.
upvoted 0 times
...
...
Meaghan
2 months ago
This sounds like a hybrid approach to me. Mark is combining both entity-driven and data-driven techniques to uncover the potential threats.
upvoted 0 times
...
Eileen
2 months ago
I think it could be a combination of Entity-driven and Data-driven hunting, so maybe Hybrid hunting.
upvoted 0 times
...
Stevie
2 months ago
Data-driven hunting seems like a good fit here. Mark is using the existing data from DNS and proxy logs to identify any suspicious activities or patterns.
upvoted 0 times
Angelica
8 days ago
D) Hybrid hunting
upvoted 0 times
...
Ilene
18 days ago
C) Data-driven hunting
upvoted 0 times
...
Aleta
1 months ago
B) TTP-driven hunting
upvoted 0 times
...
Ahmad
1 months ago
A) Entity-driven hunting
upvoted 0 times
...
...
Michael
2 months ago
I believe Mark employed Data-driven hunting.
upvoted 0 times
...
Santos
2 months ago
I think Mark is using the TTP-driven hunting method since he's focusing on the tactics, techniques, and procedures used by the threat actors to detect the imminent threats.
upvoted 0 times
...
Hobert
2 months ago
I think Mark used TTP-driven hunting.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77