Cisco
700-765 · Question #74
700-765 Question #74: Real Exam Question with Answer & Explanation
The correct answer is C: Anomaly detection. Cisco CTA (Cognitive Threat Analytics) uses anomaly detection to establish a behavioral baseline and identify traffic that statistically deviates from that normal pattern.
Question
Which feature of CTA can separate statistically normal traffic form anomalous traffic?
Options
- AURL filtering
- BTrust modeling
- CAnomaly detection
- DEvent classification
Explanation
Cisco CTA (Cognitive Threat Analytics) uses anomaly detection to establish a behavioral baseline and identify traffic that statistically deviates from that normal pattern.
Common mistakes.
- A. URL filtering blocks access to known malicious or categorized URLs but does not statistically model or separate normal traffic patterns from anomalous ones.
- B. Trust modeling in CTA assesses the trustworthiness of endpoints or users but is not the mechanism responsible for separating normal traffic from statistically anomalous traffic.
- D. Event classification categorizes detected events by type or severity after they have been identified, rather than performing the statistical separation of normal versus anomalous traffic.
Concept tested. CTA anomaly detection and behavioral baselining
Reference. https://www.cisco.com/c/en/us/products/security/cognitive-threat-analytics/index.html
Community Discussion
No community discussion yet for this question.