EC-Council
312-39 · Question #82
312-39 Question #82: Real Exam Question with Answer & Explanation
Sign in or unlock 312-39 to reveal the answer and full explanation for question #82. The question stem and answer options stay visible for context.
Question
A government agency needs to monitor its network for unusual data exfiltration attempts. Traditional log data is insufficient to identify traffic anomalies, so the SIEM team integrates traffic flow data to detect large transfers and unexpected spikes. The team must choose the appropriate protocol to collect IP traffic information from routers and switches. Which protocol should be used?
Options
- ASNMP (Simple Network Management Protocol)
- BNetFlow (RFC 3954)
- CSyslog
- DIPFIX (IP Flow Information Export)
Unlock 312-39 to see the answer
You've previewed enough free 312-39 questions. Unlock 312-39 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.