EC-Council
312-39 · Question #187
312-39 Question #187: Real Exam Question with Answer & Explanation
Sign in or unlock 312-39 to reveal the answer and full explanation for question #187. The question stem and answer options stay visible for context.
Question
John as a SOC analyst is worried about the amount of Tor traffic hitting the network. He wants to prepare a dashboard in the SIEM to get a graph to identify the locations from where the TOR traffic is coming. Which of the following data source will he use to prepare the dashboard?
Options
- ADHCP/Logs capable of maintaining IP addresses or hostnames with IPtoName resolution.
- BIIS/Web Server logs with IP addresses and user agent IPtouseragent resolution.
- CDNS/ Web Server logs with IP addresses.
- DApache/ Web Server logs with IP addresses and Host Name.
Unlock 312-39 to see the answer
You've previewed enough free 312-39 questions. Unlock 312-39 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.