ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 212-82 All Questions

View all questions & answers for the 212-82 exam
Go to Exam

Exam 212-82 topic 1 question 34 discussion

Actual exam question from ECCouncil's 212-82
Question #: 34
Topic #: 1
[All 212-82 Questions]

Anderson, a security engineer, was Instructed to monitor all incoming and outgoing traffic on the organization's network to identify any suspicious traffic. For this purpose, he employed an analysis technique using which he analyzed packet header fields such as IP options, IP protocols, IP fragmentation flags, offset, and identification to check whether any fields are altered in transit.
Identify the type of attack signature analysis performed by Anderson in the above scenario.

  • A. Context-based signature analysis
  • B. Atomic-signature-based analysis
  • C. Composite-signature-based analysis
  • D. Content-based signature analysis
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by kanchantanwani at July 18, 2023, 2:25 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
kanchantanwani
Highly Voted 9 months ago
Selected Answer: A
Answer is A: Context-based Signature Analysis : Attack signatures are contained in packet headers Inspect packets for unusual/suspicious header information such as the following:  Source and destination IP addresses  IP options, protocols, and checksums  Source and destination port numbers  IP fragmentation flags, offset, or identification
upvoted 5 times
...
044f354
Most Recent 1 month, 3 weeks ago
Selected Answer: A
EC-Council Official Curricula Certified Cybersecurity Technician v1 https://online.vitalsource.com/reader/books/9781635679533/ Module 17 Page 2037 Context-based signature analysis: Packets are usually altered using the header information. Suspicious signatures in the header can include malicious data that can affect the following: o Source and destination IP addresses o Source and destination port numbers o IP options o IP protocols o IP, TCP, and UDP checksums o IP fragmentation flags, offset, or identification
upvoted 1 times
...
Ahmed3yad
6 months, 3 weeks ago
Selected Answer: A
Context-based signature analysis CCT Module 17. page 2037
upvoted 2 times
...
AmesCB
6 months, 4 weeks ago
answer A
upvoted 2 times
...
Ahmed3yad
7 months, 1 week ago
Answer is A. Context-based signature analysis CCT v1 Module 17 Page 2037/939 https://online.vitalsource.com/reader/books/9781635679533/pageid/2051
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago