312-49 · Question #555
312-49 Question #555: Real Exam Question with Answer & Explanation
The correct answer is A: Bayesian Correlation. Bayesian Correlation applies Bayes' theorem to event correlation in security. It uses exactly two variables — prior probability (the known likelihood of an attack pattern) and likelihood (the probability of observed evidence given an attack) — to compute a posterior probabili
Question
Which of the following Event Correlation Approach is an advanced correlation method that assumes and predicts what an attacker can do next after the attack by studying the statistics and probability and uses only two variables?
Options
- ABayesian Correlation
- BVulnerability-Based Approach
- CRule-Based Approach
- DRoute Correlation
Explanation
Bayesian Correlation applies Bayes' theorem to event correlation in security. It uses exactly two variables — prior probability (the known likelihood of an attack pattern) and likelihood (the probability of observed evidence given an attack) — to compute a posterior probability. This lets it statistically predict what an attacker is likely to do next, making it an advanced, predictive correlation method compared to simpler rule-based or route-based approaches.
Topics
Community Discussion
No community discussion yet for this question.