Free Preparation Discussions
MENU
Eccouncil Exam 212-82 Topic 5 Question 52 Discussion
Topic #: 5
NetSafe Corp, recently conducted an overhaul of its entire network. This refresh means that the old baseline traffic signatures no longer apply. The security team needs to establish a new baseline that comprehensively captures both normal and suspicious activities. The goal is to ensure real-time detection and mitigation of threats without generating excessive false positives. Which approach should NetSafe Corp, adopt to effectively set up this baseline?
Dynamic Baseline Establishment:
Machine learning algorithms can analyze vast amounts of network traffic data over an extended period, such as a month, to understand normal and abnormal patterns dynamically.
Real-Time Detection and Mitigation:
By leveraging machine learning, the system can continuously learn and adapt to new traffic patterns, reducing false positives and ensuring accurate real-time threat detection and mitigation.
Reduction of False Positives:
A machine learning-based approach can distinguish between benign anomalies and actual threats by considering context, historical data, and behavioral patterns, thereby minimizing false positives.
Handling Evolving Threats:
The dynamic nature of machine learning allows the baseline to evolve as new types of traffic and threats emerge, ensuring that the security system remains effective against both known and unknown threats.
Using machine learning to establish a dynamic baseline is an effective strategy for NetSafe Corp to maintain robust network security and respond to threats promptly.
Currently there are no comments in this discussion, be the first to comment!