Valid 112-51 Dumps shared by ExamDiscuss.com for Helping Passing 112-51 Exam! ExamDiscuss.com now offer the newest 112-51 exam dumps, the ExamDiscuss.com 112-51 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com 112-51 dumps with Test Engine here:
Kalley, a network administrator of an organization, has installed a traffic monitoring system to capture and report suspicious traffic signatures. In this process, she detects traffic containing password cracking, sniffing, and brute-forcing attempts.Which of the following categories of suspicious traffic signature were identified by Kalley through the installed monitoring system?
Correct Answer: B
Unauthorized access signatures were identified by Kalley through the installed monitoring system. Unauthorized access signatures are designed to detect attempts to gain unauthorized access to a system or network by exploiting vulnerabilities, misconfigurations, or weak credentials. Password cracking, sniffing, and brute-forcing are common techniques used by attackers to obtain or guess the passwords of legitimate users or administrators and gain access to their accounts or privileges. These techniques generate suspicious traffic patterns that can be detected by traffic monitoring systems, such as Snort, using signature-based detection. Signature-based detection is based on the premise that abnormal or malicious network traffic fits a distinct pattern, whereas normal or benign traffic does not. Therefore, by installing a traffic monitoring system and capturing and reporting suspicious traffic signatures, Kalley can identify and prevent unauthorized access attempts and protect the security of her organization's network.References: * Network Defense Essentials Courseware, EC-Council, 2020, pp. 3-33 to 3-34 * Detecting Suspicious Traffic via Signatures - Intrusion Detection with Snort, O'Reilly, 2003 * Threat Signature Categories - Palo Alto Networks, Palo Alto Networks, 2020