Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Eccouncil Exam 212-82 Topic 2 Question 33 Discussion

Actual exam question for Eccouncil's 212-82 exam
Question #: 33
Topic #: 2
[All 212-82 Questions]

Brielle. a security professional, was instructed to secure her organization's network from malicious activities. To achieve this, she started monitoring network activities on a control system that collected event data from various sources. During this process. Brielle observed that a malicious actor had logged in to access a network device connected to the organizational network. Which of the following types of events did Brielle identify in the above scenario?

Show Suggested Answer Hide Answer
Suggested Answer: C

Success audit is the type of event that Brielle identified in the above scenario. Success audit is a type of event that records successful attempts to access a network device or resource. Success audit can be used to monitor authorized activities on a network, but it can also indicate unauthorized activities by malicious actors who have compromised credentials or bypassed security controls4.


Contribute your Thoughts:

Dalene
4 months ago
Haha, you guys are all overthinking this. It's obviously a Error event - the malicious actor was trying to do something bad, so it's an error, plain and simple. Brielle's got this on lockdown!
upvoted 0 times
...
Jean
4 months ago
Warning? Really? I mean, the question specifically says Brielle observed the malicious actor logging in, so I think it's gotta be a Success audit. Who cares if it was malicious, it was still a successful login.
upvoted 0 times
...
Shawna
4 months ago
Nah, I don't think it's a Failure audit either. Based on the scenario, the malicious actor was able to access the network device, so I'd say Brielle identified a Warning event.
upvoted 0 times
Ngoc
3 months ago
Yes, I think you're right. A Warning event makes more sense in this scenario.
upvoted 0 times
...
Louisa
3 months ago
Yeah, I also think it's a Warning.
upvoted 0 times
...
Elke
3 months ago
I agree with you, it seems like a Warning event because the malicious actor was able to access the network device.
upvoted 0 times
...
Sang
4 months ago
I agree, it seems more like a Warning event.
upvoted 0 times
...
Jillian
4 months ago
I think it's a Success audit.
upvoted 0 times
...
...
Izetta
4 months ago
I agree with Launa, it makes sense that it could be a success audit in this scenario.
upvoted 0 times
...
Regenia
5 months ago
Ah, but a Success audit would indicate a legitimate login, not a malicious one. I'd say Brielle identified a Failure audit, as the login attempt was unauthorized and should have been blocked.
upvoted 0 times
Demetra
4 months ago
Brielle's proactive monitoring helped in detecting the unauthorized access.
upvoted 0 times
...
Anika
4 months ago
It's important to quickly identify and respond to such malicious activities.
upvoted 0 times
...
Cyndy
4 months ago
Yes, a Failure audit indicates an unauthorized login attempt.
upvoted 0 times
...
Eladia
4 months ago
I agree, a Failure audit would be the most appropriate in this scenario.
upvoted 0 times
...
...
Amina
5 months ago
Hmm, this is a tricky one. I think Brielle identified a Success audit since the malicious actor was able to successfully log in, even though their actions were malicious.
upvoted 0 times
Tracey
3 months ago
D) Warning
upvoted 0 times
...
Stanton
3 months ago
C) Success audit
upvoted 0 times
...
Harris
4 months ago
B) Error
upvoted 0 times
...
Ula
4 months ago
A) Failure audit
upvoted 0 times
...
Kirk
4 months ago
D) Warning
upvoted 0 times
...
Kayleigh
4 months ago
C) Success audit
upvoted 0 times
...
Veronika
4 months ago
B) Error
upvoted 0 times
...
Evangelina
4 months ago
A) Failure audit
upvoted 0 times
...
...
Launa
5 months ago
I think it could be a success audit, as the malicious actor was able to access the network device.
upvoted 0 times
...
Nilsa
5 months ago
I disagree, I believe it is a warning event.
upvoted 0 times
...
Dino
5 months ago
I think the event Brielle identified is a failure audit.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77